bbf48e9e6efde3b96dcac6b37318a8b7c78924e5211283ff23787b1b76f2f9d2

Sharing

Copy URL

Twitter E-mail

General

Target

bbf48e9e6efde3b96dcac6b37318a8b7c78924e5211283ff23787b1b76f2f9d2
Size

94KB
MD5

3568eb4c82f3892e5df1557b21ab4fef
SHA1

e45b568a39d7c95236197849145284bbced7c7e3
SHA256

bbf48e9e6efde3b96dcac6b37318a8b7c78924e5211283ff23787b1b76f2f9d2
SHA512

c1bd8b7932284bce63bd38861e9c3cc6b8d147eca7b878830ec220f1947f40356826cabce2095bdb8e7f9a6253d9b2b4a20fb81f6fa9d707ec439bb2ba8e59b3
SSDEEP

1536:Sdyql1M7wIIEuti7rEYivykYkpaWj0OL+G7mJAm/lGAuJMLF4vsnXWkW316:SdV1Z1i3QKqSGCJr/lkJ6FQsnR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bbf48e9e6efde3b96dcac6b37318a8b7c78924e5211283ff23787b1b76f2f9d2

Files

bbf48e9e6efde3b96dcac6b37318a8b7c78924e5211283ff23787b1b76f2f9d2
.exe windows:4 windows x86 arch:x86

d2f8b54b620a14509449dc954d3f2b8b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

inet_addr
gethostbyname
WSAStartup
gethostname

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

kernel32

GetCurrentProcessId
GlobalAlloc
ReadFile
GetFileSize
CreateFileA
WriteFile
GetCurrentDirectoryA
GetWindowsDirectoryA
GetSystemDirectoryA
GetTempPathA
lstrcatA
lstrlenA
OpenMutexA
lstrcmpiA
GetModuleFileNameA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetCommandLineA
CreateProcessA
GetProcAddress
LoadLibraryA
GetModuleHandleA
OpenEventA
CopyFileA
DeleteFileA
MultiByteToWideChar
WideCharToMultiByte
OpenProcess
VirtualFree
lstrcmpA
SetFilePointer
SetFileAttributesA
GetFileAttributesA
CreateDirectoryA
SetFileTime
GetFileTime
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetSystemTimeAsFileTime
DeviceIoControl
GetVolumeInformationA
GetDriveTypeA
GetLogicalDrives
GetVersionExA
GetTimeZoneInformation
GetSystemDefaultLCID
ResumeThread
SetPriorityClass
GetCurrentProcess
GetCurrentThread
SetThreadPriority
SetEndOfFile
GetOEMCP
LocalAlloc
LocalFree
SetEvent
CreateMutexA
GetLastError
CreateEventA
GlobalFree
CreateThread
CloseHandle
SetCurrentDirectoryA
WaitForSingleObject
Sleep
VirtualProtect
GetSystemInfo
LCMapStringA
LCMapStringW
HeapSize
VirtualAlloc
GetACP
GetLocaleInfoA
GetCPInfo
GetStringTypeW
GetStringTypeA
FlushFileBuffers
SetStdHandle
VirtualQuery
InterlockedExchange
RtlUnwind
InitializeCriticalSection
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
HeapAlloc
HeapFree
GetStartupInfoA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapDestroy
HeapCreate
HeapReAlloc
SetHandleCount
GetStdHandle
GetFileType
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
ExitProcess
TerminateProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA

user32

wsprintfA

advapi32

QueryServiceStatus
GetUserNameA
ControlService
CreateServiceA
StartServiceA
RegSetValueExA
RegOpenKeyExA
RegCloseKey
OpenSCManagerA
OpenServiceA
CloseServiceHandle
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
SetServiceStatus

ole32

CoCreateInstance
CoInitializeSecurity
CoInitializeEx
CoUninitialize

wininet

HttpQueryInfoA
InternetGetConnectedState
InternetOpenA
InternetSetCookieA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle

urlmon

ObtainUserAgentString

iphlpapi

GetIpAddrTable
GetNetworkParams
GetAdaptersInfo
GetIfEntry

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d2f8b54b620a14509449dc954d3f2b8b

Headers

File Characteristics

Imports

ws2_32

version

kernel32

user32

advapi32

ole32

wininet

urlmon

iphlpapi

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 9KB - Virtual size: 9KB

.data Size: 30KB - Virtual size: 36KB

.rsrc Size: 1024B - Virtual size: 984B

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 30KB - Virtual size: 36KB

.rsrc
Size: 1024B - Virtual size: 984B