bc62290a2b3dac4f2c54bc684810d8dd

Sharing

Copy URL Twitter E-mail

General

Target

bc62290a2b3dac4f2c54bc684810d8dd
Size

173KB
MD5

bc62290a2b3dac4f2c54bc684810d8dd
SHA1

a4f52a8d2fe96aaf2f6cdb5caa5b24235ec22f57
SHA256

cb674d552260e9d6898f4b0d5df1501b673749e95a3f5827970a24960a8163ec
SHA512

66c430cd0a64f566c527bdc8c6bfedfe4359b0e28c2ead64577aa30c0b52def3df10870e54a3c2534773dabce6fb84459af504f9b6cf30e34ffd78695dee1eba
SSDEEP

1536:Hc3NOkP+/PxesyD4x5hMrzQAzvscX4gY9cze61iixms8jcdvDilcsgvO7UmzzM9l:83MkPkvMemvQMegY2TiSvDiKu7UmzA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc62290a2b3dac4f2c54bc684810d8dd

Files

bc62290a2b3dac4f2c54bc684810d8dd
.exe windows:6 windows x86 arch:x86

63a16ecf437d0fcb1a923674583f73af

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\EHDevelopmentSolution3 SI2.2\EHDevelopmentSolution3\Release\WMPlayer.pdb

Imports

kernel32

GetModuleFileNameW
FileTimeToLocalFileTime
FileTimeToSystemTime
GetDateFormatW
GetTimeFormatW
CompareFileTime
ReadFile
WriteFile
LoadLibraryW
GetProcAddress
FreeLibrary
GetErrorMode
SetErrorMode
GetDriveTypeW
Sleep
GetLastError
CreateFileW
CloseHandle
FindFirstFileW
FindNextFileW
FindClose
GetLogicalDrives
GetFileTime
OutputDebugStringW
WriteConsoleW
SetStdHandle
LoadLibraryExW
HeapReAlloc
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
HeapSize
FlushFileBuffers
SetFilePointerEx
GetConsoleMode
GetConsoleCP
GetModuleHandleExW
ExitProcess
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeW
HeapFree
IsDebuggerPresent
IsProcessorFeaturePresent
GetCommandLineW
HeapAlloc
RaiseException
RtlUnwind
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
LCMapStringW
GetProcessHeap
GetStdHandle
GetFileType
IsValidCodePage
GetACP
GetOEMCP
GetCurrentThreadId

user32

EndDialog
PostQuitMessage
EndPaint
BeginPaint
DefWindowProcW
DestroyWindow
DialogBoxParamW
UpdateWindow
CreateWindowExW
RegisterClassExW
LoadCursorW
LoadIconW
LoadStringW
ShowWindow

shell32

SHGetFolderPathW

Sections

.text
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

63a16ecf437d0fcb1a923674583f73af

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

shell32

Sections

.text Size: 74KB - Virtual size: 74KB

.rdata Size: 37KB - Virtual size: 37KB

.data Size: 6KB - Virtual size: 17KB

.rsrc Size: 48KB - Virtual size: 48KB

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 74KB - Virtual size: 74KB

.rdata
Size: 37KB - Virtual size: 37KB

.data
Size: 6KB - Virtual size: 17KB

.rsrc
Size: 48KB - Virtual size: 48KB

.reloc
Size: 6KB - Virtual size: 5KB