b232b1d8d49e00e0f91ffe052ce2814f8952ad90cafa64e1ae4fe5e61c7ddc0e

Sharing

Copy URL

Twitter E-mail

General

Target

b232b1d8d49e00e0f91ffe052ce2814f8952ad90cafa64e1ae4fe5e61c7ddc0e
Size

563KB
MD5

662a3f0f8b691de341c8d71b6cb8d530
SHA1

264031020bdfca0b839caadffb267cd38d37a72d
SHA256

b232b1d8d49e00e0f91ffe052ce2814f8952ad90cafa64e1ae4fe5e61c7ddc0e
SHA512

f5a92e0efb654e488eafaf15521f9a09c6733dde380f34ca8d2d215ff7beb3fd3b082746adcd29fc24d5bbdf9403335c06f00736fd134c185c4a7d95a979a0a9
SSDEEP

12288:hk/Lpytw/KkG8l1tqEViXv7GdVnMnwD5VV6g5JfpAGC:G/Lpytw/K9WPATaVuwD/V6QppAGC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b232b1d8d49e00e0f91ffe052ce2814f8952ad90cafa64e1ae4fe5e61c7ddc0e

Files

b232b1d8d49e00e0f91ffe052ce2814f8952ad90cafa64e1ae4fe5e61c7ddc0e
.exe windows:5 windows x86 arch:x86

34ed3f01c0190ddb4593b15cd6534268

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RemoveVectoredExceptionHandler
OpenFile
EnumDateFormatsExW
GetModuleHandleExA
WriteConsoleOutputCharacterA
LoadResource
LoadLibraryExW
GetCurrentProcess
InitializeSListHead
HeapFree
GlobalLock
CancelWaitableTimer
GetModuleHandleW
GetConsoleAliasesA
SetFileTime
GetCompressedFileSizeW
TzSpecificLocalTimeToSystemTime
FindResourceExA
GlobalAlloc
GlobalFindAtomA
GetLocaleInfoW
GetSystemPowerStatus
GetSystemTimeAdjustment
HeapReAlloc
GetFileAttributesW
GetTimeZoneInformation
CompareStringW
DisconnectNamedPipe
CreateJobObjectA
SetLastError
GetProcAddress
GlobalFree
GetTempFileNameA
GetLocalTime
GetAtomNameA
OpenWaitableTimerW
AddAtomW
VirtualLock
SetCommMask
GlobalWire
lstrcatW
FatalExit
GetCurrentDirectoryA
GetConsoleCursorInfo
EnumCalendarInfoExA
LCMapStringW
Beep
GetEnvironmentVariableW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetLastError
HeapAlloc
GetCommandLineA
GetStartupInfoA
RaiseException
RtlUnwind
EnterCriticalSection
LeaveCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
InterlockedDecrement
GetCurrentThread
DeleteCriticalSection
FatalAppExitA
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetFilePointer
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
MultiByteToWideChar
CloseHandle
CreateFileA
InitializeCriticalSectionAndSpinCount
HeapSize
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange
LoadLibraryA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LCMapStringA
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
FlushFileBuffers
ReadFile
SetEndOfFile
GetProcessHeap
CompareStringA
SetEnvironmentVariableA
GetModuleHandleA

advapi32

RegCreateKeyA

Exports

Exports

Batman
Candies
Fobos
OneMore

Sections

.text
Size: 481KB - Virtual size: 480KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 19.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.new
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

34ed3f01c0190ddb4593b15cd6534268

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

Exports

Exports

Sections

.text Size: 481KB - Virtual size: 480KB

.data Size: 7KB - Virtual size: 19.2MB

.new Size: 18KB - Virtual size: 17KB

.rsrc Size: 17KB - Virtual size: 17KB

.reloc Size: 38KB - Virtual size: 37KB

.text
Size: 481KB - Virtual size: 480KB

.data
Size: 7KB - Virtual size: 19.2MB

.new
Size: 18KB - Virtual size: 17KB

.rsrc
Size: 17KB - Virtual size: 17KB

.reloc
Size: 38KB - Virtual size: 37KB