bc00fef073d78e021e5273735cd8a75b55261a7564a01af944ed35f4513aadf9

Sharing

Copy URL

Twitter E-mail

General

Target

bc00fef073d78e021e5273735cd8a75b55261a7564a01af944ed35f4513aadf9
Size

2.8MB
MD5

63ba5ec400ebbe6af65441f442652faa
SHA1

3b8807f8124c0e0d8c8cd816f9a7bc30476fbf5c
SHA256

bc00fef073d78e021e5273735cd8a75b55261a7564a01af944ed35f4513aadf9
SHA512

e240e9e07d88908057bba587e32ef1499d0c2d235eed61f1e996ce8959e1c323068ad483a96a7010ea0050440e12a0d82782e79baa186e880e4727452f3a4baf
SSDEEP

49152:2mVZpRE5HFjH4MLMmcX17+kSmn75+dEsgY5OK:fgvFcXV3cJ5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc00fef073d78e021e5273735cd8a75b55261a7564a01af944ed35f4513aadf9

Files

bc00fef073d78e021e5273735cd8a75b55261a7564a01af944ed35f4513aadf9
.exe windows:6 windows x64 arch:x64

05f2715d0397538255a9df69b1b5b827

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetModuleHandleA
GetProcAddress
LoadLibraryA
HeapCreate
WriteConsoleW
CloseHandle
CreateFileW
SetFilePointerEx
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
HeapReAlloc
HeapSize
GetProcessHeap
LCMapStringW
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
GetStringTypeW
GetFileType
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
MultiByteToWideChar
GetCommandLineW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
RtlUnwindEx
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
EncodePointer
RaiseException
RtlPcToFileHeader
GetStdHandle
WriteFile
GetModuleFileNameW
GetCurrentProcess
ExitProcess
TerminateProcess
GetModuleHandleExW
HeapAlloc
HeapFree
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA

ole32

OleGetAutoConvert
IsAccelerator
GetClassFile
MonikerRelativePathTo
CoGetObject
CoTreatAsClass
CoFileTimeToDosDateTime
CoIsOle1Class
CoGetInstanceFromFile
CoRevokeInitializeSpy
CoRevokeMallocSpy
CLSIDFromProgIDEx
CoFileTimeNow
CoTaskMemFree
CoTaskMemRealloc
CoInvalidateRemoteMachineBindings
CoGetInterceptor
ProgIDFromCLSID
IIDFromString
StringFromIID
CoSetCancelObject
CoRevertToSelf
CoQueryClientBlanket
CoQueryProxyBlanket
CoGetCallContext
CoLockObjectExternal
CoUnmarshalHresult
CoGetPSClsid
CoResumeClassObjects
CoGetObjectContext
CoGetCurrentLogicalThreadId
CoGetCallerTID
CoGetMalloc
CoGetTreatAsClass

Sections

.text
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

05f2715d0397538255a9df69b1b5b827

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ole32

Sections

.text Size: 2.7MB - Virtual size: 2.7MB

.rdata Size: 74KB - Virtual size: 74KB

.data Size: 44KB - Virtual size: 76KB

.pdata Size: 4KB - Virtual size: 3KB

_RDATA Size: 512B - Virtual size: 500B

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 2.7MB - Virtual size: 2.7MB

.rdata
Size: 74KB - Virtual size: 74KB

.data
Size: 44KB - Virtual size: 76KB

.pdata
Size: 4KB - Virtual size: 3KB

_RDATA
Size: 512B - Virtual size: 500B

.rsrc
Size: 2KB - Virtual size: 1KB