bc9a737515470357c3001fa27ac2d4c0

Sharing

Copy URL Twitter E-mail

General

Target

bc9a737515470357c3001fa27ac2d4c0
Size

312KB
MD5

bc9a737515470357c3001fa27ac2d4c0
SHA1

5e0c18c4e8ad57a028a2970c5559483c3c3573be
SHA256

ac22ea39bbb1b5b2dfb396353a24328dcc329683e5516da07a0869df8f7640d2
SHA512

1179ed3ca9b188b6cbc1072b335f96ca860983caecb8a0e1f703550a031371ec320f130f56ae5fd68c7db3235cf9a10efed80044f57a71138591ac75ed36c73d
SSDEEP

6144:CLTTAUj/exkYQOn5+qQRydo4iNlVws6VfC8zIYNYNwZzA3bQz/10SxiARk6ZDxVP:CXTbj/exkYQOn5nQRyJiNl2dVq8zIaYE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc9a737515470357c3001fa27ac2d4c0

Files

bc9a737515470357c3001fa27ac2d4c0
.exe windows:4 windows x86 arch:x86

073a01ec23a0e44e288c003994d48848

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapReAlloc
EnterCriticalSection
GetEnvironmentStringsW
QueryPerformanceCounter
FreeEnvironmentStringsW
GetCommandLineA
GetEnvironmentStrings
ExitProcess
VirtualAlloc
GetCurrentThread
InterlockedExchange
SetLastError
GetOEMCP
VirtualQuery
GetACP
UnhandledExceptionFilter
HeapAlloc
SetHandleCount
GetModuleFileNameA
GetStringTypeW
GetModuleHandleA
HeapFree
TlsGetValue
GetCPInfo
GetProcAddress
GetFileAttributesW
LoadLibraryA
GetStdHandle
TlsAlloc
LeaveCriticalSection
GetCurrentThreadId
GlobalAddAtomW
TerminateProcess
WriteFile
GetSystemTimeAsFileTime
VirtualFree
GetVersion
LCMapStringW
RtlUnwind
GetCurrentProcessId
WideCharToMultiByte
InitializeCriticalSection
TlsFree
FreeEnvironmentStringsA
GetStringTypeA
LCMapStringA
HeapCreate
TlsSetValue
DeleteCriticalSection
GetTickCount
IsBadWritePtr
LocalAlloc
GetLastError
GetFileType
HeapDestroy
MultiByteToWideChar
GetCurrentProcess
GetStartupInfoA
CreateWaitableTimerW

shell32

SheGetDirA
DragFinish
ShellHookProc
ExtractIconExW

user32

DdeCreateStringHandleW
RedrawWindow
GetFocus
SetMessageQueue
GetMenuStringW
EditWndProc
GetThreadDesktop
GetWindowPlacement
MessageBoxIndirectW
SetScrollInfo
TranslateMessage
InSendMessageEx
CreateAcceleratorTableA
GetCursorPos
DrawFocusRect
LoadKeyboardLayoutA

gdi32

GetPaletteEntries
CreateDCW
StrokeAndFillPath
ResizePalette
GetCharABCWidthsA
SetRectRgn
PolyPolyline
CreatePalette
GetNearestPaletteIndex
CreateSolidBrush
CreateRoundRectRgn
GetCharWidthA
EnumEnhMetaFile
GetEnhMetaFileDescriptionW
CreateHalftonePalette
GetKerningPairsW
DPtoLP
GetKerningPairs
SetBoundsRect
TextOutA
StretchDIBits
GetMapMode

Sections

.text
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 170KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

073a01ec23a0e44e288c003994d48848

Headers

File Characteristics

Imports

kernel32

shell32

user32

gdi32

Sections

.text Size: 128KB - Virtual size: 128KB

.rdata Size: 4KB - Virtual size: 30KB

.data Size: 170KB - Virtual size: 170KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 128KB - Virtual size: 128KB

.rdata
Size: 4KB - Virtual size: 30KB

.data
Size: 170KB - Virtual size: 170KB

.rsrc
Size: 8KB - Virtual size: 8KB