bcc1a90affa11208de10b53b6896c4dc

Sharing

Copy URL

Twitter E-mail

General

Target

bcc1a90affa11208de10b53b6896c4dc
Size

980KB
MD5

bcc1a90affa11208de10b53b6896c4dc
SHA1

f9783904c992f4f2784a981446c318a97290ff35
SHA256

e64419997c4feac31d7267080ac5f54f0dfea86ee310bd51d9160b578a3eddf7
SHA512

3e5ba61f84e24b758f866653fc3c65bedc63d674faf7d78042eee1092796201442c2b5f6b54f2505c2dd49ae8d26dcbe82052d8ef8cd39cd6e5c5249f37829cc
SSDEEP

768:YOsw5ShHdrpIem98TjEYIbjp1u6oIq8v4iDzl9fshfP:EwkVdrpIemkYYEpU6oBiDzl9i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bcc1a90affa11208de10b53b6896c4dc

Files

bcc1a90affa11208de10b53b6896c4dc
.exe windows:1 windows x86 arch:x86

2407b9c64d45a772cb5d466b29935b52

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GlobalAlloc
WriteFile
GetModuleHandleA
SetFilePointer
GetTempPathA
ReadFile
CreateFileA
GetDiskFreeSpaceA
WaitForSingleObject
DeleteFileA
GlobalUnlock
FindNextFileA
CreateProcessA
TerminateThread
LoadLibraryA
FindClose
FindFirstFileA
ExitThread
GetModuleFileNameA
GetLocalTime
GetLastError
GetExitCodeProcess
CloseHandle
ResetEvent
GlobalFree
GlobalLock
Beep
SetEvent
SetPriorityClass
Sleep
GetCommandLineA
CreateThread
CopyFileA
GetSystemTime
CreateDirectoryA
GetWindowsDirectoryA
GetProfileStringA
GetProcAddress
GetCurrentDirectoryA
CreateEventA
ExitProcess

user32

SetLayeredWindowAttributes
SetClassLongA
SendInput
ReleaseDC
OpenClipboard
SendMessageA
RegisterClassA
LoadIconA
KillTimer
InvalidateRect
GetWindowThreadProcessId
MessageBeep
SetTimer
PostMessageA
PostQuitMessage
RemoveMenu
SetClipboardData
SetCursorPos
SetCursor
GetWindowRect
SetWindowLongA
GetWindowModuleFileNameA
GetWindowLongA
GetSystemMetrics
GetMouseMovePointsEx
GetMessageA
SetWindowPos
GetWindowTextA
UnhookWindowsHookEx
GetDesktopWindow
GetDC
GetClipboardData
GetClientRect
GetAncestor
ShowWindow
FillRect
EndPaint
EmptyClipboard
DispatchMessageA
DestroyWindow
DestroyCursor
DefWindowProcA
WindowFromPoint
CreateWindowExA
FindWindowA
CreateCursor
CloseClipboard
BeginPaint
GetCursorPos
LoadCursorA
MoveWindow
GetForegroundWindow
GetMenu
MessageBoxA
UpdateWindow
TranslateMessage
GetWindow
ShowCursor
SetWindowsHookExA
SetWindowTextA
ord546
ord338
ord336
ord335

gdi32

BitBlt
TextOutA
StretchDIBits
SetTextColor
SetTextAlign
SetDIBitsToDevice
SetBkColor
GetStockObject
GetDeviceCaps
DeleteDC
CreateSolidBrush
CreateDCA

wsock32

socket
setsockopt
send
select
recv
listen
inet_ntoa
ioctlsocket
htons
getsockname
gethostname
gethostbyname
connect
closesocket
bind
accept
WSAStartup
WSAGetLastError
WSACleanup
WSACancelBlockingCall

comdlg32

GetOpenFileNameA

shell32

ShellExecuteA

Exports

Exports

WndProc

Sections

CODE
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 950KB - Virtual size: 952KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2407b9c64d45a772cb5d466b29935b52

Headers

File Characteristics

Imports

kernel32

user32

gdi32

wsock32

comdlg32

shell32

Exports

Exports

Sections

CODE Size: 19KB - Virtual size: 20KB

DATA Size: 950KB - Virtual size: 952KB

.idata Size: 3KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.reloc Size: 2KB - Virtual size: 4KB

CODE
Size: 19KB - Virtual size: 20KB

DATA
Size: 950KB - Virtual size: 952KB

.idata
Size: 3KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.reloc
Size: 2KB - Virtual size: 4KB