bcc275c4ec5e54e7945ef9c92d177f91

Sharing

Copy URL Twitter E-mail

General

Target

bcc275c4ec5e54e7945ef9c92d177f91
Size

1.7MB
MD5

bcc275c4ec5e54e7945ef9c92d177f91
SHA1

970da77d95dbcc6666127ef1adee6a49e3284c56
SHA256

b9bead3f1f5432f85e53f0ce35c9f379bb2a951cc8895d0cbca3ec9f1f8cca0c
SHA512

77a65ad483289e4ae9364d8b95c3dc6516eae90428032d7da066558784474ed626dbc9d622124ed7d7a516baaa6470d5ed5bfbb7990747238e1f0e16423e2e36
SSDEEP

12288:mVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:7fP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bcc275c4ec5e54e7945ef9c92d177f91

Files

bcc275c4ec5e54e7945ef9c92d177f91
.dll windows:5 windows x64 arch:x64

6668be91e2c948b183827f040944057f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

user32

LookupIconIdFromDirectoryEx
WaitForInputIdle
GetParent
GetFocus

setupapi

CM_Get_Resource_Conflict_DetailsW

kernel32

DeleteCriticalSection
DeleteTimerQueue
TerminateJobObject
GetFileInformationByHandle
GetThreadLocale
GetNamedPipeServerProcessId
GetConsoleFontSize

gdi32

CreateBitmapIndirect
GetPolyFillMode

crypt32

CertGetCTLContextProperty

advapi32

AddAccessDeniedObjectAce

shlwapi

ChrCmpIW

Exports

Exports

ClearAutoLogon
DllCanUnloadNow
DllGetClassObject
NetAccessWizard
NetPlacesWizardDoModal
SHDisconnectNetDrives
UsersRunDllW

Sections

.text
Size: 260KB - Virtual size: 257KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 404KB - Virtual size: 403KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 300B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.qkm
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cvjb
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tlmkv
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wucsxe
Size: 280KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fltwtj
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sfplio
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rpg
Size: 280KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bewzc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vksvaw
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wmhg
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.kswemc
Size: 4KB - Virtual size: 877B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.kaxfk
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pjf
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.favk
Size: 4KB - Virtual size: 503B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vhtukj
Size: 280KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ytb
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tbvwgd
Size: 4KB - Virtual size: 431B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.yvy
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nttk
Size: 4KB - Virtual size: 503B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wvn
Size: 4KB - Virtual size: 571B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wzy
Size: 4KB - Virtual size: 571B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zhlkjf
Size: 4KB - Virtual size: 262B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6668be91e2c948b183827f040944057f

Headers

DLL Characteristics

File Characteristics

Imports

user32

setupapi

kernel32

gdi32

crypt32

advapi32

shlwapi

Exports

Exports

Sections

.text Size: 260KB - Virtual size: 257KB

.rdata Size: 404KB - Virtual size: 403KB

.data Size: 96KB - Virtual size: 94KB

.pdata Size: 4KB - Virtual size: 300B

.rsrc Size: 4KB - Virtual size: 2KB

.reloc Size: 12KB - Virtual size: 8KB

.qkm Size: 4KB - Virtual size: 1KB

.cvjb Size: 8KB - Virtual size: 7KB

.tlmkv Size: 4KB - Virtual size: 2KB

.wucsxe Size: 280KB - Virtual size: 276KB

.fltwtj Size: 8KB - Virtual size: 4KB

.sfplio Size: 4KB - Virtual size: 1KB

.rpg Size: 280KB - Virtual size: 276KB

.bewzc Size: 8KB - Virtual size: 4KB

.vksvaw Size: 4KB - Virtual size: 1KB

.wmhg Size: 8KB - Virtual size: 4KB

.kswemc Size: 4KB - Virtual size: 877B

.kaxfk Size: 8KB - Virtual size: 6KB

.pjf Size: 4KB - Virtual size: 2KB

.favk Size: 4KB - Virtual size: 503B

.vhtukj Size: 280KB - Virtual size: 276KB

.ytb Size: 4KB - Virtual size: 1KB

.tbvwgd Size: 4KB - Virtual size: 431B

.yvy Size: 28KB - Virtual size: 27KB

.nttk Size: 4KB - Virtual size: 503B

.wvn Size: 4KB - Virtual size: 571B

.wzy Size: 4KB - Virtual size: 571B

.zhlkjf Size: 4KB - Virtual size: 262B

.text
Size: 260KB - Virtual size: 257KB

.rdata
Size: 404KB - Virtual size: 403KB

.data
Size: 96KB - Virtual size: 94KB

.pdata
Size: 4KB - Virtual size: 300B

.rsrc
Size: 4KB - Virtual size: 2KB

.reloc
Size: 12KB - Virtual size: 8KB

.qkm
Size: 4KB - Virtual size: 1KB

.cvjb
Size: 8KB - Virtual size: 7KB

.tlmkv
Size: 4KB - Virtual size: 2KB

.wucsxe
Size: 280KB - Virtual size: 276KB

.fltwtj
Size: 8KB - Virtual size: 4KB

.sfplio
Size: 4KB - Virtual size: 1KB

.rpg
Size: 280KB - Virtual size: 276KB

.bewzc
Size: 8KB - Virtual size: 4KB

.vksvaw
Size: 4KB - Virtual size: 1KB

.wmhg
Size: 8KB - Virtual size: 4KB

.kswemc
Size: 4KB - Virtual size: 877B

.kaxfk
Size: 8KB - Virtual size: 6KB

.pjf
Size: 4KB - Virtual size: 2KB

.favk
Size: 4KB - Virtual size: 503B

.vhtukj
Size: 280KB - Virtual size: 276KB

.ytb
Size: 4KB - Virtual size: 1KB

.tbvwgd
Size: 4KB - Virtual size: 431B

.yvy
Size: 28KB - Virtual size: 27KB

.nttk
Size: 4KB - Virtual size: 503B

.wvn
Size: 4KB - Virtual size: 571B

.wzy
Size: 4KB - Virtual size: 571B

.zhlkjf
Size: 4KB - Virtual size: 262B