bd50040e4b96c8747a2c866fded3d80a

Sharing

Copy URL Twitter E-mail

General

Target

bd50040e4b96c8747a2c866fded3d80a
Size

271KB
MD5

bd50040e4b96c8747a2c866fded3d80a
SHA1

b0070d4efdf3da16b68746e8f9f602ee1482b686
SHA256

cfeaafea2027adf730053a3695f3610996354e7e0742194291eb3f59c62841df
SHA512

4e396fdd58dce9421742ddab2eaeb2c07c4b21643174416ffd93cd8d3e15085ad0acf315ae0fd1ea0f9076c93de487ef5cda9d5a4a9fa37b469e3a1f23a60cde
SSDEEP

6144:h7DKnY4zbPXp42ROlqE3rHuShQG8NH2rmnu2vWUo6gk1OEBlS3xFYC9/oGD:h7GnY4zjLRt0buSh58H2ynVDo6gkcMS5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd50040e4b96c8747a2c866fded3d80a

Files

bd50040e4b96c8747a2c866fded3d80a
.exe windows:4 windows x86 arch:x86

ee991908882f01254bf32c45593639f5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeA
GetEnvironmentStringsW
VirtualProtect
GetCurrentThread
RtlUnwind
LCMapStringW
GetCommandLineA
GetCurrentProcess
InitializeCriticalSection
VirtualAlloc
TlsFree
UnhandledExceptionFilter
HeapReAlloc
GetVersionExA
CompareStringW
GetUserDefaultLCID
GetOEMCP
WriteFile
GetModuleFileNameA
GetStdHandle
LCMapStringA
ExitProcess
GetSystemInfo
IsValidLocale
SetEnvironmentVariableA
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
IsBadWritePtr
GetLocaleInfoW
TlsAlloc
QueryPerformanceCounter
CompareStringA
TlsGetValue
FreeEnvironmentStringsW
VirtualQuery
GetCurrentThreadId
GetLocaleInfoA
HeapAlloc
HeapDestroy
HeapFree
GlobalGetAtomNameW
TerminateProcess
GetCurrentProcessId
GetCPInfo
LeaveCriticalSection
IsValidCodePage
WriteConsoleOutputA
SetLastError
GetLastError
GetTimeFormatA
MultiByteToWideChar
GetStartupInfoA
TlsSetValue
WideCharToMultiByte
EnterCriticalSection
GetDateFormatA
GetModuleHandleA
DeleteCriticalSection
GetStringTypeW
GetACP
EnumCalendarInfoW
HeapSize
FreeEnvironmentStringsA
EnumSystemLocalesA
GetFileType
SetHandleCount
GetProcAddress
GetTimeZoneInformation
HeapCreate
GetEnvironmentStrings
VirtualFree
InterlockedExchange

shell32

SHFileOperationA
FreeIconList
SHAddToRecentDocs
SheChangeDirA
ShellExecuteExA
RealShellExecuteW
SHGetNewLinkInfo
DragQueryFileAorW
SHBrowseForFolder
DragFinish
SHEmptyRecycleBinW
SHLoadInProc
SHGetDataFromIDListW
SHFileOperation
SHFileOperationW
ExtractIconEx
DoEnvironmentSubstA
SHBrowseForFolderA
ExtractIconExW
DragQueryFileW
SHGetSpecialFolderLocation

user32

IsIconic
GetMenuStringW
DispatchMessageW
ModifyMenuA
RegisterClipboardFormatA
DdeQueryStringW
LoadIconW
BroadcastSystemMessage
DdeGetLastError
GetTitleBarInfo
EnumDisplaySettingsExW
SendMessageW
GetIconInfo
DdeCmpStringHandles
SendIMEMessageExA
EnumDisplaySettingsExA
GetProcessWindowStation
GetUpdateRect
SetPropA
CharToOemBuffA
SetWindowPos
IsCharAlphaW
GetMonitorInfoW

Sections

.text
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ee991908882f01254bf32c45593639f5

Headers

File Characteristics

Imports

kernel32

shell32

user32

Sections

.text Size: 124KB - Virtual size: 124KB

.data Size: 136KB - Virtual size: 135KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 124KB - Virtual size: 124KB

.data
Size: 136KB - Virtual size: 135KB

.rsrc
Size: 9KB - Virtual size: 9KB