bfb0b3bbf2ae9478436e5cdc43d4e933

Sharing

Copy URL Twitter E-mail

General

Target

bfb0b3bbf2ae9478436e5cdc43d4e933
Size

720KB
MD5

bfb0b3bbf2ae9478436e5cdc43d4e933
SHA1

e6b7d215c85f8b8aff427fc01e896734338692e6
SHA256

ef238fd91f377845400b4dabb0f18942a47165dc5c7f5e142f16fc78f2c660d3
SHA512

daae44e9953ec54edcbe462c65735deb1a751b1dd4d7c25c5b9b7a70c251ef8aaa7e2a527c4dd4f6eb33b6239f1315e3940bc22c1971f9c2eb928df1e775a68e
SSDEEP

12288:qTLgolUQXJe9sM0Wb+QKCoti9ZuhKb4zZfTTvpdkfwO0oENqpU:qxJe9sMTgiqhK81TXUwJoyqpU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bfb0b3bbf2ae9478436e5cdc43d4e933

Files

bfb0b3bbf2ae9478436e5cdc43d4e933
.exe windows:4 windows x86 arch:x86

1722190b0950ffe0c78fd6195ea669d8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\metbe\nteofo\ttez\etiyy\eifmitr.PDB

Imports

kernel32

GetSystemTimeAsFileTime
SetConsoleCtrlHandler
GlobalFix
GetCPInfo
SetHandleCount
GetProcAddress
SetEnvironmentVariableA
TerminateProcess
GetProcessHeaps
FillConsoleOutputAttribute
GetDateFormatA
OutputDebugStringA
OpenMutexA
CloseHandle
HeapDestroy
GetLocaleInfoW
GetTimeZoneInformation
VirtualAlloc
VirtualProtect
HeapFree
GetOEMCP
RtlMoveMemory
SetFilePointer
VirtualQuery
GetTimeFormatA
IsBadReadPtr
VirtualFree
GetUserDefaultLCID
GetLocaleInfoA
WriteConsoleA
GetFileAttributesExW
WriteConsoleW
GetCommandLineA
CompareStringW
UnhandledExceptionFilter
SetLastError
lstrlenA
GetACP
LCMapStringA
EnterCriticalSection
HeapCreate
GetStartupInfoA
SetTimeZoneInformation
GetDiskFreeSpaceW
FlushFileBuffers
RtlUnwind
GetCurrentThread
GetCurrencyFormatA
GetStringTypeA
FreeEnvironmentStringsW
GetFileType
GetVersionExA
GetEnvironmentStringsW
WriteProfileStringA
IsValidCodePage
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentStrings
TlsAlloc
QueryPerformanceCounter
LoadLibraryW
ExitProcess
GetStdHandle
LeaveCriticalSection
InterlockedExchange
GetCurrentProcessId
GetStringTypeW
DebugBreak
OutputDebugStringW
DeleteCriticalSection
HeapValidate
GetProcessHeap
GetConsoleMode
SetUnhandledExceptionFilter
SetStdHandle
GetConsoleOutputCP
WideCharToMultiByte
EnumResourceTypesW
EnumSystemLocalesA
MultiByteToWideChar
CommConfigDialogW
EnumDateFormatsW
CreateMutexA
HeapReAlloc
TlsSetValue
GetConsoleCP
GetTickCount
LoadLibraryA
InitializeCriticalSection
GetModuleFileNameW
HeapAlloc
GetCurrentThreadId
RaiseException
TlsGetValue
InterlockedDecrement
WriteFile
CompareStringA
FreeLibrary
InterlockedIncrement
IsDebuggerPresent
GetLastError
ReadFile
TlsFree
IsValidLocale
LCMapStringW
FreeEnvironmentStringsA
CreateFileA
GetCurrentProcess

comctl32

CreateUpDownControl
CreateStatusWindowA
DrawStatusText
ImageList_DragLeave
ImageList_SetFlags
ImageList_Merge
ImageList_GetBkColor
DrawStatusTextA
CreateStatusWindowW
ImageList_Copy
ImageList_GetImageCount
InitCommonControlsEx
ImageList_DrawIndirect

user32

CreateAcceleratorTableA
SetMenuInfo
ScrollWindowEx
UnhookWinEvent
RegisterClassExA
BeginDeferWindowPos
SetSystemCursor
OffsetRect
ModifyMenuA
RegisterClassA
ArrangeIconicWindows
GetClipboardData
DefDlgProcA
EndDialog
EnumClipboardFormats
DdeUninitialize
UnregisterClassW
GetScrollBarInfo
GetMessageW
DefWindowProcW
CreateIconFromResource
GetWindowTextLengthW
EditWndProc
CreateWindowStationA
SetLastErrorEx
LoadCursorFromFileA
AdjustWindowRectEx
DdeConnectList
SetKeyboardState
DdeFreeDataHandle
GetAsyncKeyState

Sections

.text
Size: 300KB - Virtual size: 298KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 288KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1722190b0950ffe0c78fd6195ea669d8

Headers

File Characteristics

PDB Paths

Imports

kernel32

comctl32

user32

Sections

.text Size: 300KB - Virtual size: 298KB

.rdata Size: 288KB - Virtual size: 284KB

.data Size: 112KB - Virtual size: 115KB

.rsrc Size: 16KB - Virtual size: 14KB

.text
Size: 300KB - Virtual size: 298KB

.rdata
Size: 288KB - Virtual size: 284KB

.data
Size: 112KB - Virtual size: 115KB

.rsrc
Size: 16KB - Virtual size: 14KB