b2f5edef0e599005e205443b20f6ffd9804681b260eec52fa2f7533622f46a6c

Sharing

Copy URL

Twitter E-mail

General

Target

b2f5edef0e599005e205443b20f6ffd9804681b260eec52fa2f7533622f46a6c
Size

719KB
MD5

304d1ac0296fedec694a097480b341d9
SHA1

fb60d4ab152acf71847dbbd36c75b8032c5da303
SHA256

b2f5edef0e599005e205443b20f6ffd9804681b260eec52fa2f7533622f46a6c
SHA512

ab0e848d35e9aad5191cc866738f7e4bb14195c8aea0a110a587e587f74cf3afd830d0f0b32b088d41d4ea1a14a2865514fccb46a1478560144062e2870624f1
SSDEEP

12288:EzUn4szOR3e1QV5G+s9vQBe76QiPY2xJZhae4c8Bszyp0CA6WexU:EAn42+3eyV5gN/76QJattJpGp0CA6W6U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b2f5edef0e599005e205443b20f6ffd9804681b260eec52fa2f7533622f46a6c

Files

b2f5edef0e599005e205443b20f6ffd9804681b260eec52fa2f7533622f46a6c
.exe windows:5 windows x86 arch:x86

5f0ab74d50ce26f5ee846bc70c0c5d8c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\burihaxug-cehu_mivulelacufuhameg.pdb

Imports

kernel32

CreateJobObjectA
SetProcessPriorityBoost
WriteConsoleW
GetVolumeInformationA
GetSystemPowerStatus
DeleteVolumeMountPointW
Sleep
GetDefaultCommConfigW
CreateMutexW
GetStdHandle
InterlockedIncrement
GetSystemTimeAdjustment
FileTimeToSystemTime
CreateNamedPipeW
CallNamedPipeW
EnumResourceNamesW
BuildCommDCBAndTimeoutsA
EnterCriticalSection
DebugSetProcessKillOnExit
EnumTimeFormatsA
TlsSetValue
GetACP
WriteFile
GetCurrentActCtx
ReleaseActCtx
AddRefActCtx
GetHandleInformation
VerifyVersionInfoA
GetVersionExW
FreeLibrary
LoadLibraryExW
GetComputerNameW
CommConfigDialogA
BuildCommDCBAndTimeoutsW
VirtualProtect
lstrcatA
LoadLibraryA
LocalAlloc
SetEndOfFile
CancelWaitableTimer
GetCurrentDirectoryW
SetCommMask
HeapSize
RaiseException
GetBinaryTypeA
GlobalSize
SetConsoleMode
GetConsoleCursorInfo
MoveFileW
SetTimeZoneInformation
SystemTimeToTzSpecificLocalTime
WriteConsoleInputW
OpenMutexW
GetThreadContext
AddAtomA
FindVolumeMountPointClose
SetSystemTime
GetCommandLineW
SetLocalTime
GetLastError
GetSystemTimeAsFileTime
DisconnectNamedPipe
SetConsoleCursorInfo
TerminateProcess
GetFileAttributesW
SetLastError
lstrlenA
CompareStringW
CompareStringA
DeleteFileA
RtlUnwind
GetCommandLineA
GetStartupInfoA
HeapFree
HeapAlloc
LeaveCriticalSection
SetHandleCount
GetFileType
DeleteCriticalSection
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetProcAddress
GetModuleHandleA
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsFree
GetCurrentThreadId
InterlockedDecrement
GetCurrentThread
ExitProcess
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
FatalAppExitA
VirtualAlloc
HeapReAlloc
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetOEMCP
IsValidCodePage
MultiByteToWideChar
SetConsoleCtrlHandler
InterlockedExchange
GetConsoleCP
GetConsoleMode
FlushFileBuffers
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
ReadFile
SetFilePointer
GetLocaleInfoW
CloseHandle
WriteConsoleA
GetConsoleOutputCP
SetStdHandle
GetTimeZoneInformation
CreateFileA
SetEnvironmentVariableA

user32

GetComboBoxInfo

Exports

Exports

_lifan@8

Sections

.text
Size: 655KB - Virtual size: 654KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rixu
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tope
Size: 1024B - Virtual size: 741B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mowe
Size: 512B - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5f0ab74d50ce26f5ee846bc70c0c5d8c

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 655KB - Virtual size: 654KB

.rdata Size: 25KB - Virtual size: 25KB

.data Size: 11KB - Virtual size: 4.0MB

.rixu Size: 1024B - Virtual size: 4KB

.tope Size: 1024B - Virtual size: 741B

.mowe Size: 512B - Virtual size: 1B

.rsrc Size: 24KB - Virtual size: 24KB

.text
Size: 655KB - Virtual size: 654KB

.rdata
Size: 25KB - Virtual size: 25KB

.data
Size: 11KB - Virtual size: 4.0MB

.rixu
Size: 1024B - Virtual size: 4KB

.tope
Size: 1024B - Virtual size: 741B

.mowe
Size: 512B - Virtual size: 1B

.rsrc
Size: 24KB - Virtual size: 24KB