bd6787c320bbf9084f3636093fa1ec43

Sharing

Copy URL Twitter E-mail

General

Target

bd6787c320bbf9084f3636093fa1ec43
Size

22KB
MD5

bd6787c320bbf9084f3636093fa1ec43
SHA1

337c8d22b5c10eb068ef387c125831430904b41e
SHA256

67ef88fc93c968d51ae51ce37c0ff6ec979799e1d2ccab8400f73d186db99dc3
SHA512

923e96c01f87676bba5bc38d34f346603e9ba55d57ac3ba8970d12e3f95ce5ec3695128c009f53f4cc2ab6fa8aaf1e082e29466b4ec993af4882250161d9a6a7
SSDEEP

384:mvvFYvIDNNn4Tk6lnh9ksQvkFDl/r20IdYP8HNW0nKozG1jbk2/tnfthb1F:mHFsIOk6lh9k9v2DlpCuI3paxptF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd6787c320bbf9084f3636093fa1ec43

Files

bd6787c320bbf9084f3636093fa1ec43
.exe windows:4 windows x86 arch:x86

167c18744a2c301f1cf0f466413969d1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

crtdll

memset
strcpy
memcpy
strncpy
sprintf
strcmp
strncmp
strlen
strcat

kernel32

GetModuleHandleA
HeapCreate
HeapDestroy
ExitProcess
HeapFree
HeapAlloc
HeapReAlloc
EnterCriticalSection
WaitForSingleObject
LeaveCriticalSection
InitializeCriticalSection
CloseHandle
DeleteCriticalSection
CreateThread
GetCurrentThreadId
GetCurrentProcessId
Sleep
GetDriveTypeA
FindFirstFileA
FindClose
CreateDirectoryA
WriteFile
CreateFileA
ReadFile
SetFilePointer
GetFileSize

ole32

RevokeDragDrop

wsock32

closesocket
WSACleanup
WSAStartup
socket
ioctlsocket
htons
bind
listen
accept
recvfrom
ntohs
send
sendto
recv
WSAGetLastError

user32

MessageBoxA
GetWindowThreadProcessId
IsWindowVisible
IsWindowEnabled
GetForegroundWindow
EnableWindow
EnumWindows
SendMessageA
CreateWindowExA
DestroyWindow
GetWindowLongA
RemovePropA
CallWindowProcA
SetWindowLongA
SetPropA
GetParent
GetPropA
GetWindow
SetActiveWindow
UnregisterClassA
DestroyAcceleratorTable
LoadIconA
LoadCursorA
SetWindowTextA
ShowWindow
IsZoomed
RegisterClassA
AdjustWindowRect
GetSystemMetrics
GetActiveWindow
GetWindowRect
CreateAcceleratorTableA
SetCursorPos
LoadImageA
SetCursor
SystemParametersInfoA
GetKeyState
SetCapture
PostMessageA
GetCursorPos
MapWindowPoints
ReleaseCapture
MoveWindow
GetClientRect
FillRect
EnumChildWindows
DefWindowProcA
PeekMessageA
MsgWaitForMultipleObjects
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
SetFocus
GetFocus
IsChild
GetClassNameA

gdi32

GetStockObject
DeleteObject

comctl32

InitCommonControls
InitCommonControlsEx

Sections

.code
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 11B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.flat
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

167c18744a2c301f1cf0f466413969d1

Headers

File Characteristics

Imports

crtdll

kernel32

ole32

wsock32

user32

gdi32

comctl32

Sections

.code Size: 2KB - Virtual size: 2KB

.text Size: 14KB - Virtual size: 14KB

.rdata Size: 512B - Virtual size: 11B

.data Size: 3KB - Virtual size: 3KB

.flat Size: 512B - Virtual size: 36B

.code
Size: 2KB - Virtual size: 2KB

.text
Size: 14KB - Virtual size: 14KB

.rdata
Size: 512B - Virtual size: 11B

.data
Size: 3KB - Virtual size: 3KB

.flat
Size: 512B - Virtual size: 36B