bd2d3d984384d8b6db6f9fcb4bcabfcf

Sharing

Copy URL Twitter E-mail

General

Target

bd2d3d984384d8b6db6f9fcb4bcabfcf
Size

432KB
MD5

bd2d3d984384d8b6db6f9fcb4bcabfcf
SHA1

045da2f42bb8a8323c0f506bb363f74a618637f5
SHA256

067f02d679448b0791fda8d031ad1d2bae2880482a704bb86738970795b72134
SHA512

521223eaca8fac1825487c3198b59d04372b9df9da4edfa4aaabbe510b746454927df0d2129c9c68bf3ee092d153fbab5b2d38d513339ba1e673a28f5a8ea4d3
SSDEEP

6144:I5EY2lrJs6kGgXkncSqSvJNzg9USallfsdSMAPYtYXj0EVSJ4sOYnOYD77dAkpYW:I5PKJg9UFlfsdl206YH77dN62

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd2d3d984384d8b6db6f9fcb4bcabfcf

Files

bd2d3d984384d8b6db6f9fcb4bcabfcf
.exe windows:4 windows x86 arch:x86

3cd749e8718b59b19e861de0df7dbdb9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
SizeofResource
FormatMessageW
LeaveCriticalSection
CreateFileW
MultiByteToWideChar
lstrlenW
GetLastError
EnterCriticalSection
LockResource
GetSystemInfo
QueryPerformanceFrequency
DeleteCriticalSection
GetCurrentThreadId
CloseHandle
GetCurrentProcessId
LocalFree
GetFileSize
SetErrorMode
CreateProcessW
WideCharToMultiByte
CreateProcessA
ReadFile
GetSystemDirectoryA
GetTempFileNameA
Process32FirstW
GetModuleFileNameA
Process32NextW
CreateToolhelp32Snapshot
GetFileTime
GetVersionExA
GetWindowsDirectoryW
GetTempPathA
SetEvent
TerminateThread
GetExitCodeThread
CreateEventW
CreateThread
GetModuleFileNameW
WaitForMultipleObjects
GetPriorityClass
InitializeCriticalSection
WriteFile
SetFileTime
GetProcessHeap
GetTickCount
WaitForSingleObject
HeapFree
QueryPerformanceCounter
GetCurrentProcess
HeapAlloc
LoadResource
FindResourceW
FindResourceExW
lstrlenA
SetProcessAffinityMask
GetVolumeInformationA
HeapReAlloc
GetConsoleMode
SetEndOfFile
SetEnvironmentVariableW
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetConsoleCP
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
CreateFileA
GetExitCodeProcess
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LoadLibraryA
SetFilePointer
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
RaiseException
HeapDestroy
HeapSize
InterlockedIncrement
InterlockedDecrement
VirtualProtect
VirtualAlloc
GetProcAddress
GetModuleHandleA
VirtualQuery
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
DeleteFileW
GetLocalTime
ExitProcess
GetCommandLineA
GetStartupInfoA
RtlUnwind
GetCPInfo
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
HeapCreate
VirtualFree
GetStdHandle
GetFileAttributesW
SetHandleCount
GetFileType
FlushFileBuffers

advapi32

QueryServiceStatusEx
StartServiceW
ChangeServiceConfig2W
OpenSCManagerW
CloseServiceHandle
CreateServiceW
RegisterServiceCtrlHandlerW
SetServiceStatus
RegSetValueExW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
StartServiceCtrlDispatcherW

ole32

CLSIDFromProgID
CoInitialize
CoUninitialize
CoCreateInstance
StringFromCLSID

ws2_32

WSACloseEvent
WSASetEvent
WSAStartup
getaddrinfo
WSARecv
WSASocketW
WSASend
WSAGetLastError
WSAConnect
WSAEnumNetworkEvents
WSAEventSelect
WSACleanup
freeaddrinfo
WSACreateEvent
WSASetLastError
closesocket
WSAResetEvent
gethostbyname
WSAGetOverlappedResult

user32

UnregisterClassA

Sections

.text
Size: 352KB - Virtual size: 350KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3cd749e8718b59b19e861de0df7dbdb9

Headers

File Characteristics

Imports

kernel32

advapi32

ole32

ws2_32

user32

Sections

.text Size: 352KB - Virtual size: 350KB

.rdata Size: 64KB - Virtual size: 60KB

.data Size: 8KB - Virtual size: 15KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 352KB - Virtual size: 350KB

.rdata
Size: 64KB - Virtual size: 60KB

.data
Size: 8KB - Virtual size: 15KB

.rsrc
Size: 4KB - Virtual size: 1KB