bebc27f93f086296ede6a66194bcd598

Sharing

Copy URL Twitter E-mail

General

Target

bebc27f93f086296ede6a66194bcd598
Size

424KB
MD5

bebc27f93f086296ede6a66194bcd598
SHA1

e11edd5371ee5b1d8d634ba2947b1cf21cd2caa1
SHA256

0a15247b9acba0c664eee46e61573c6670f941d7d9bbdb111dc67de1593be794
SHA512

11af0a88a12098733476fa28eb4a0f2cb86399522b6ccee524d090d29c3afc1461f2033183b0be28421ebf5765e8a353c593257bde1d12eb139888b293b9579d
SSDEEP

12288:ih7gVBnJ0VGdMwX8nZlMRc26DaESNkc7T0BqEdskvVG25Kcv:FH8ngeoacn0BTv5l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bebc27f93f086296ede6a66194bcd598

Files

bebc27f93f086296ede6a66194bcd598
.exe windows:4 windows x86 arch:x86

5bcdab090c499f01ab2390f8e81c4c98

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
InitializeCriticalSectionAndSpinCount
AllocConsole
GetProcessAffinityMask
GetTimeFormatA
EnumSystemLocalesA
HeapAlloc
LoadLibraryA
WideCharToMultiByte
SetUnhandledExceptionFilter
CompareStringA
RtlFillMemory
EnterCriticalSection
GetEnvironmentStrings
UnhandledExceptionFilter
VirtualFree
GetCurrentThread
HeapCreate
HeapDestroy
CompareStringW
TlsGetValue
GetLocaleInfoA
HeapSize
GetLocaleInfoW
UnlockFile
IsDebuggerPresent
GetStringTypeA
GetUserDefaultLCID
GetProcAddress
FreeEnvironmentStringsW
GetTimeZoneInformation
HeapFree
OpenWaitableTimerW
GetLastError
WritePrivateProfileSectionW
IsValidCodePage
VirtualQuery
SetLastError
IsValidLocale
TlsAlloc
GetDateFormatA
LCMapStringA
WriteFile
GetStringTypeW
HeapReAlloc
SetHandleCount
ExitProcess
FreeEnvironmentStringsA
DeleteCriticalSection
VirtualAlloc
TerminateProcess
QueryPerformanceCounter
GetCurrentProcess
MultiByteToWideChar
GetModuleHandleA
GetStartupInfoA
LCMapStringW
LeaveCriticalSection
GetCurrentThreadId
TlsFree
InterlockedDecrement
GetFileType
GetStdHandle
GetCurrentProcessId
GetModuleFileNameA
SetConsoleCtrlHandler
GetEnvironmentStringsW
GetPrivateProfileSectionW
GetTickCount
InterlockedIncrement
GetCPInfo
GetOEMCP
TlsSetValue
Sleep
RtlUnwind
GetModuleHandleW
GetSystemTimeAsFileTime
InterlockedExchange
SetEnvironmentVariableA
GetACP
FreeLibrary

user32

RegisterClassExW
ImpersonateDdeClientWindow
LookupIconIdFromDirectory
DdeConnect
GetClipboardFormatNameW
wsprintfA

advapi32

RegSetValueExA
CryptDeriveKey
LookupAccountNameW
CryptGetUserKey
CryptGetProvParam
RegCreateKeyExA

comdlg32

ChooseColorW
ReplaceTextW
GetOpenFileNameW
PrintDlgW
ChooseFontA
LoadAlterBitmap
GetFileTitleW
FindTextA
GetSaveFileNameW
GetFileTitleA
PrintDlgA
GetSaveFileNameA
PageSetupDlgW
ChooseColorA
FindTextW
GetOpenFileNameA
PageSetupDlgA
ChooseFontW

Sections

.text
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 275KB - Virtual size: 288KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5bcdab090c499f01ab2390f8e81c4c98

Headers

File Characteristics

Imports

kernel32

user32

advapi32

comdlg32

Sections

.text Size: 135KB - Virtual size: 135KB

.data Size: 275KB - Virtual size: 288KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 135KB - Virtual size: 135KB

.data
Size: 275KB - Virtual size: 288KB

.rsrc
Size: 12KB - Virtual size: 12KB