bebbabb4719185d5e8bd21a364eb1d27

Sharing

Copy URL Twitter E-mail

General

Target

bebbabb4719185d5e8bd21a364eb1d27
Size

76KB
MD5

bebbabb4719185d5e8bd21a364eb1d27
SHA1

f88b1e339558d28acb273fb63f81f192ec4041c8
SHA256

7dd7e27ba6608f52b5fae7c81cb91c163380095c8c0444d6d1ea1fef128e4298
SHA512

80799cee943a5387b047975d3591ae35631c0d587e5f78f4869e7e232bec4f19cd03645ba131e7947db5c99e188b4fa4bcee739c458cc844184ae3e7c8ae12f8
SSDEEP

768:7j2ny61nyUvyxzSzODmMeZxmsQ+gQCbrCameEItpLmVVGHkyEk6Tj:7Qy6zvyxezODmM2mvrChjIzSV1k6n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bebbabb4719185d5e8bd21a364eb1d27

Files

bebbabb4719185d5e8bd21a364eb1d27
.exe windows:4 windows x86 arch:x86

20bd45a99402ec5f578d3c7e71a9f928

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
GlobalAlloc
GetLastError
GetModuleHandleA
GetLastError
lstrcpynA
GetLastError
HeapFree
GetLastError
FreeLibrary
GetLastError
lstrcmpiA
GetLastError
GetStringTypeW
GetLastError
WideCharToMultiByte
GetLastError
HeapAlloc

user32

GetDC
LoadCursorA
IsMenu
DrawTextW
CopyImage
LoadMenuA
GetDlgItem
CreateIcon
InsertMenuA
EndDialog
CalcMenuBar
DialogBoxParamA
CopyRect
AlignRects
GetCursor
GetWindowTextLengthA
GetMenu
CopyIcon
AppendMenuA
IsWindow
DrawTextA
DrawIcon
AppendMenuW
DialogBoxParamW
GetWindowTextA
DrawIconEx
BlockInput
GetFocus
CloseWindow

advapi32

RegGetKeySecurity
RegLoadKeyA
RegEnumKeyExW
RegDeleteKeyW
RegEnumValueW
RegFlushKey
RegOpenKeyExW
RegEnumValueA
RegEnumKeyExA
RegQueryInfoKeyA
RegQueryValueA
RegOpenKeyExA
RegOpenKeyA
RegCreateKeyExW
RegReplaceKeyA
RegOpenKeyW
RegEnumKeyW
RegCreateKeyW
RegLoadKeyW
RegDeleteKeyA
RegQueryInfoKeyW
RegQueryValueW
RegQueryValueExW
RegReplaceKeyW
RegDeleteValueW
RegEnumKeyA
RegQueryValueExA
RegDeleteValueA
RegCreateKeyExA
RegCreateKeyExA
RegEnumKeyExW
RegQueryValueExA
RegDeleteValueA
RegEnumValueA
RegCreateKeyExW
RegOpenKeyExW
RegOpenKeyExA
RegOpenKeyA
RegQueryInfoKeyA
RegQueryValueA
RegQueryValueW
RegGetKeySecurity
RegEnumKeyW
RegDeleteKeyW
RegEnumValueW
RegDeleteValueW
RegFlushKey
RegLoadKeyA
RegQueryInfoKeyW
RegReplaceKeyW
RegEnumKeyA
RegOpenKeyW
RegDeleteKeyA
RegCreateKeyW
RegEnumKeyExA
RegReplaceKeyA
RegQueryValueExW
RegLoadKeyW

Sections

.taat
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdaaa
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 11KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reddc
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idada
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

20bd45a99402ec5f578d3c7e71a9f928

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.taat Size: 10KB - Virtual size: 10KB

.rdaaa Size: 46KB - Virtual size: 45KB

.edata Size: 11KB - Virtual size: 17KB

.reddc Size: 2KB - Virtual size: 3KB

.idada Size: 1024B - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 4KB

.taat
Size: 10KB - Virtual size: 10KB

.rdaaa
Size: 46KB - Virtual size: 45KB

.edata
Size: 11KB - Virtual size: 17KB

.reddc
Size: 2KB - Virtual size: 3KB

.idada
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 4KB