bddcd265aeb97e6a82c9632529fd175a

General

Target

bddcd265aeb97e6a82c9632529fd175a
Size

26KB
MD5

bddcd265aeb97e6a82c9632529fd175a
SHA1

1ca5d760436fb193fa383ce522b0492815b59957
SHA256

69624cd5d09b1514c05a94dd2f7dbd50951ddf9c090a4cac5642c07ffafeeebc
SHA512

2d54ba0f793edbb20356204e658d41ad10b8865abb26eaae03fdf1f8ce8fa7627b075a5af2487edf7a26bab578f36fe58b21f4d5d454e20f3ec1009831963b06
SSDEEP

768:9H7utd1JwZzbYYZ20Ej5mItkB5tXgXYSo:9burTwZX8qbtgY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bddcd265aeb97e6a82c9632529fd175a

Files

bddcd265aeb97e6a82c9632529fd175a
.exe windows:4 windows x86 arch:x86

095789f2c6aa86be7303c9db62c51a76

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
LoadLibraryExA
GetProcAddress
GetModuleHandleA
GetLastError
CreateFileA
WideCharToMultiByte
WaitForSingleObject
Sleep
LoadResource
CloseHandle
DeleteFileA
ExitThread
VirtualFree
GetModuleFileNameA
lstrcpyA
lstrcatA
CreateEventA
FindResourceA
ExitProcess
Process32First
LoadLibraryA
CreateToolhelp32Snapshot
CompareStringA
lstrcmpA
lstrlenA
SetEvent
LoadLibraryW
ResetEvent
WaitForMultipleObjects
CreateThread
WriteFile

user32

TranslateMessage
BeginPaint
DispatchMessageA
SetThreadDesktop
PeekMessageA
CreateWindowExA
ShowWindow
CreateDesktopA
MsgWaitForMultipleObjects
DestroyWindow
wsprintfA

advapi32

RegOpenKeyExA
RegLoadKeyA
RegOpenKeyA
RegQueryValueExA
RegEnumKeyA
RegCloseKey
RegDeleteKeyA
RegCreateKeyExA
RegNotifyChangeKeyValue

ole32

CoInitialize
CoUninitialize

shell32

SHGetFolderPathA

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

095789f2c6aa86be7303c9db62c51a76

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

shell32

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 13KB - Virtual size: 12KB