5b1d15ccd07ef455a73499470a4b330cc14a45e76007ec482ddf63ec9c798a7a

Sharing

Copy URL Twitter E-mail

General

Target

5b1d15ccd07ef455a73499470a4b330cc14a45e76007ec482ddf63ec9c798a7a
Size

1.7MB
MD5

d499eae066df907eb194dca7e4ea772c
SHA1

0022c7a9d7c709a1c753d93123e52b6f85f2affd
SHA256

5b1d15ccd07ef455a73499470a4b330cc14a45e76007ec482ddf63ec9c798a7a
SHA512

1b39468f81d420ab35c84605e7703acb0272d232a74a3030c8fb7c095e13fe8c53a16e23b3c50f9ff0078dea2200c0e8db240f70b70adeca9798566381988bed
SSDEEP

24576:+ZfdFVGcMZV6LaRFdGJm0Q3WKVSwdr13Ek0VA:wFGcML6KFdi2Ga9x3Ek0V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b1d15ccd07ef455a73499470a4b330cc14a45e76007ec482ddf63ec9c798a7a

Files

5b1d15ccd07ef455a73499470a4b330cc14a45e76007ec482ddf63ec9c798a7a
.exe windows:5 windows x64 arch:x64

5704ae267474d3748f80fe06acb46f19

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\www\src\BugSplat\bin64\BsSndRpt64.pdb

Imports

shlwapi

PathUnquoteSpacesW
PathFileExistsW
PathAppendW

rpcrt4

UuidToStringW
RpcStringFreeW

wininet

InternetAttemptConnect
InternetOpenW
InternetConnectW
InternetCloseHandle
HttpOpenRequestW
HttpAddRequestHeadersW
HttpSendRequestW
HttpSendRequestExW
InternetWriteFile
HttpEndRequestW
InternetReadFile
HttpQueryInfoW

ws2_32

gethostname
gethostbyname
inet_ntoa
WSACleanup
WSAStartup

kernel32

GetFileInformationByHandle
CreateFileMappingW
MapViewOfFile
GetCurrentDirectoryW
SetCurrentDirectoryW
UnmapViewOfFile
LoadLibraryW
FreeLibrary
GetProcAddress
GetModuleHandleW
lstrcmpiW
LeaveCriticalSection
RaiseException
EnterCriticalSection
GetLastError
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetPrivateProfileStringW
GetCurrentThreadId
DecodePointer
GetCommandLineW
lstrlenW
CloseHandle
lstrlenA
GetTempPathW
DebugBreak
OutputDebugStringW
ResetEvent
LocalFree
FormatMessageW
SetEvent
MoveFileW
CopyFileW
GetCurrentProcess
FlushInstructionCache
SetLastError
CompareStringW
lstrcpyW
WideCharToMultiByte
LocalAlloc
GetFileSize
ReadFile
MulDiv
CreateEventW
WaitForSingleObject
CreateFileW
SetThreadPriority
ResumeThread
FileTimeToSystemTime
GetFileType
SetFilePointer
FileTimeToDosDateTime
WriteFile
GetLocalTime
SystemTimeToFileTime
GetOEMCP
IsValidCodePage
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
GetTimeFormatW
GetDateFormatW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
Sleep
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlCaptureContext
RtlUnwindEx
RtlLookupFunctionEntry
RtlPcToFileHeader
GetCPInfo
GetCommandLineA
GetTimeZoneInformation
HeapReAlloc
GetSystemTimeAsFileTime
DeleteFileW
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
GetProcessHeap
HeapFree
HeapAlloc
GetACP
IsDebuggerPresent
EncodePointer
GetStringTypeW
MultiByteToWideChar
GetModuleFileNameW
GetFullPathNameW
GetFileAttributesW
ExitProcess
GetModuleHandleExW
HeapSize
GetStdHandle
GetConsoleCP
GetConsoleMode
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
FlushFileBuffers
SetFilePointerEx
SetStdHandle
WriteConsoleW
ReadConsoleW
SetEndOfFile
CreateThread
SetEnvironmentVariableA

user32

CharLowerW
CharUpperW
ShowWindow
KillTimer
SetTimer
EnableWindow
MessageBeep
SetDlgItemTextW
BringWindowToTop
SetForegroundWindow
SystemParametersInfoW
PostMessageW
GetDlgItem
GetWindow
MonitorFromWindow
MessageBoxW
CharNextW
LoadStringW
GetActiveWindow
wvsprintfW
SetRectEmpty
UnregisterClassW
GetMonitorInfoW
GetWindowRect
MapWindowPoints
DestroyWindow
BeginPaint
EndPaint
FillRect
IsWindowEnabled
GetSysColor
DrawFocusRect
SetCursor
SetCapture
GetCapture
ReleaseCapture
GetDlgCtrlID
GetCursorPos
ScreenToClient
PtInRect
InvalidateRect
UpdateWindow
GetClassNameW
SetWindowLongW
SetWindowPos
LoadCursorW
CreateWindowExW
SetWindowTextW
GetDC
ReleaseDC
GetClientRect
GetWindowLongW
DrawTextW
OffsetRect
IsWindow
GetParent
SendMessageW
CallWindowProcW
GetWindowLongPtrW
SetWindowLongPtrW
SetFocus
DefWindowProcW
EndDialog
GetWindowTextW
GetWindowTextLengthW
DialogBoxParamW
GetFocus

gdi32

GetStockObject
SetTextColor
GetObjectW
CreateFontIndirectW
DeleteObject
SetBkMode
SelectObject

advapi32

RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegDeleteKeyW
RegCreateKeyW
RegCreateKeyExW
RegDeleteValueW
RegisterEventSourceW
ReportEventW
DeregisterEventSource
RegQueryValueExW
CryptAcquireContextW
CryptCreateHash
CryptReleaseContext
CryptHashData
CryptDestroyHash
CryptGetHashParam

shell32

ShellExecuteW

ole32

CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
CoInitialize
CoCreateGuid

oleaut32

VarUI4FromStr

comctl32

InitCommonControlsEx
_TrackMouseEvent

Sections

.text
Size: 274KB - Virtual size: 274KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5704ae267474d3748f80fe06acb46f19

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

shlwapi

rpcrt4

wininet

ws2_32

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

Sections

.text Size: 274KB - Virtual size: 274KB

.rdata Size: 96KB - Virtual size: 96KB

.data Size: 11KB - Virtual size: 24KB

.pdata Size: 12KB - Virtual size: 11KB

.rsrc Size: 1.3MB - Virtual size: 1.3MB

.text
Size: 274KB - Virtual size: 274KB

.rdata
Size: 96KB - Virtual size: 96KB

.data
Size: 11KB - Virtual size: 24KB

.pdata
Size: 12KB - Virtual size: 11KB

.rsrc
Size: 1.3MB - Virtual size: 1.3MB