bf07bba5682c1a486ee1110ae6d99c5f

Sharing

Copy URL

Twitter E-mail

General

Target

bf07bba5682c1a486ee1110ae6d99c5f
Size

564KB
MD5

bf07bba5682c1a486ee1110ae6d99c5f
SHA1

6413b1e6f2a53efa84f63aa25e125c850402e69a
SHA256

2fd6ba4cb547023d1f7b27557d1aba0e0c7040c727d564c28b9b01b7d0bb83fb
SHA512

44dc6ca37b2f4b5f7870dc6d545564946ce54413037cf082f916b50e44ed001b5f2163449b338e597c908e41821a212446fae273ace376f4491f6bbcda663aa2
SSDEEP

12288:rtiDQ6X8ngKz0Ga2cqta6uDmlulANVkzxv4dcQ8NPuoot:ZiDQ6ONz0K9a6uDmugkz18cnN3ot

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf07bba5682c1a486ee1110ae6d99c5f

Files

bf07bba5682c1a486ee1110ae6d99c5f
.exe windows:4 windows x86 arch:x86

8ff7b66376fc7ef36dc24b9ce8e69e46

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\ovq\gaqflej\zzga.PDB

Imports

gdi32

ExtCreateRegion
GetWindowExtEx
Escape
CreatePatternBrush
EnableEUDC
ExtFloodFill
GetGraphicsMode
GetDeviceGammaRamp
SetPixel
GetKerningPairsW
GetLogColorSpaceA
CreateDCW
GetCharacterPlacementA
CreateFontW
GetDIBColorTable
GetPixel
FixBrushOrgEx
GetFontData

shell32

DragFinish
ShellExecuteA
SHBrowseForFolder
RealShellExecuteExW
SHBrowseForFolderA

user32

CloseWindow
SetMenuItemInfoA
DlgDirListA
DrawFrame
GetMenuDefaultItem
SetCaretPos
SetLastErrorEx
GetForegroundWindow
MessageBoxIndirectA
DestroyWindow
GetClipboardData
SetDlgItemInt
DdeCmpStringHandles
DrawStateW
MessageBoxW
GetDialogBaseUnits
SetPropW
DdeUnaccessData
UnregisterDeviceNotification
GetAsyncKeyState
DefWindowProcW
SetParent
ChangeDisplaySettingsExW
AnimateWindow
CharUpperW
TileChildWindows
FreeDDElParam
RegisterClassA
ValidateRect
ShowScrollBar
CreateWindowExW
RegisterClassExA
MsgWaitForMultipleObjectsEx
EnumDesktopsA
CreateWindowStationW
GetClassInfoW
DdeImpersonateClient
TranslateMessage
IsCharAlphaW
EnableWindow
LoadMenuIndirectA
SendNotifyMessageW
DestroyMenu
GetClassInfoA
SetMenuItemInfoW
DdeConnectList
GetParent
RealChildWindowFromPoint
WaitForInputIdle
CreateMDIWindowA
CharToOemW
PeekMessageW
ShowWindow
DdeQueryStringW
SetKeyboardState
DdeInitializeW
CharLowerW
GetDoubleClickTime

wininet

SetUrlCacheConfigInfoW
FindCloseUrlCache
ReadUrlCacheEntryStream
InternetAutodial
InternetConfirmZoneCrossingA
FindNextUrlCacheGroup
GopherGetAttributeA

kernel32

SetStdHandle
IsBadWritePtr
TlsFree
HeapDestroy
SetHandleCount
UnlockFile
SleepEx
GetDiskFreeSpaceExW
RtlMoveMemory
RtlUnwind
ReadConsoleW
WideCharToMultiByte
GetProfileStringA
GetEnvironmentStrings
DeleteCriticalSection
GetTickCount
FindAtomA
CompareStringW
CreateFileMappingA
FormatMessageA
HeapLock
GetLogicalDriveStringsA
OpenFileMappingA
LoadLibraryA
SetConsoleCursorInfo
EnumSystemLocalesA
HeapReAlloc
GetFileAttributesA
ResumeThread
GetStringTypeA
lstrlenA
GetLocaleInfoW
SetEnvironmentVariableA
LocalShrink
LeaveCriticalSection
GetStdHandle
QueryPerformanceCounter
SystemTimeToTzSpecificLocalTime
GetStringTypeW
WriteConsoleInputA
EnumTimeFormatsW
VirtualFree
TlsGetValue
GetPriorityClass
WaitNamedPipeW
GetUserDefaultLCID
CompareStringA
TlsSetValue
SetConsoleScreenBufferSize
GetLocaleInfoA
GetThreadPriority
HeapAlloc
GetProfileIntW
GetModuleHandleA
GetCurrentDirectoryW
GetTimeZoneInformation
CloseHandle
EnumCalendarInfoExA
VirtualQueryEx
RemoveDirectoryA
GetDateFormatA
VirtualQuery
GetCPInfo
SetLocalTime
WritePrivateProfileSectionA
DeleteFileW
GetCommandLineA
VirtualProtect
EnterCriticalSection
TlsAlloc
VirtualUnlock
MoveFileW
CreateMutexA
FreeLibraryAndExitThread
GetTimeFormatA
DeleteFiber
GetEnvironmentStringsW
lstrcatW
VirtualAlloc
GetStartupInfoA
FindClose
HeapSize
GetTempPathA
EnumDateFormatsW
GetSystemInfo
FreeEnvironmentStringsA
GetOEMCP
CreateWaitableTimerW
GetProcAddress
LCMapStringA
OpenMutexA
FindFirstFileW
ReadFile
GetCurrentProcess
FoldStringW
WriteConsoleOutputCharacterA
UnhandledExceptionFilter
HeapCreate
SetUnhandledExceptionFilter
LCMapStringW
SetConsoleTitleA
GetCurrentProcessId
FreeEnvironmentStringsW
SetFilePointer
GetVersionExA
MultiByteToWideChar
GetModuleFileNameA
IsValidCodePage
InterlockedIncrement
InitializeCriticalSection
GetSystemTimeAsFileTime
IsDebuggerPresent
CreateThread
ExitProcess
GetPrivateProfileSectionNamesW
SetLastError
WriteFile
GetFileType
SetLocaleInfoW
IsValidLocale
InterlockedExchange
GetCurrentThreadId
GetCurrentThread
GetLastError
TerminateProcess
GetExitCodeProcess
FlushFileBuffers
LocalLock
LocalFlags
MapViewOfFile
HeapFree
GetFileAttributesExA
GetACP

comctl32

ImageList_DragEnter
ImageList_GetImageCount
ImageList_Add
InitCommonControlsEx
_TrackMouseEvent

comdlg32

GetSaveFileNameA
FindTextW
GetOpenFileNameA

Sections

.text
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8ff7b66376fc7ef36dc24b9ce8e69e46

Headers

File Characteristics

PDB Paths

Imports

gdi32

shell32

user32

wininet

kernel32

comctl32

comdlg32

Sections

.text Size: 172KB - Virtual size: 171KB

.rdata Size: 256KB - Virtual size: 252KB

.data Size: 116KB - Virtual size: 120KB

.rsrc Size: 16KB - Virtual size: 14KB

.text
Size: 172KB - Virtual size: 171KB

.rdata
Size: 256KB - Virtual size: 252KB

.data
Size: 116KB - Virtual size: 120KB

.rsrc
Size: 16KB - Virtual size: 14KB