bBbs1IaRiS8v[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

bBbs1IaRiS8v.exe
Size

15.7MB
MD5

8bdb5b38b5d90328a2444015f634469a
SHA1

dbc51a3575959fd54c9a39139619ed64574bfa7a
SHA256

87f5a0464a7cfebb58be52a26b45420d4d47fa66359b463ca3c249ded6d1f83b
SHA512

6e48e7d6e0d5c014ae01f7108e75e917a984f235632403210c9754d2e8ddd49a7ce6a5fde75a50089cfb356d52b56e32deb03e58e60a9d6964a5cedcba9cfd5f
SSDEEP

393216:9ZKRwta8+2sALvyxSJsMRMEeUhd1KnwitxCV:XQ8J7RMqhqwitQV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bBbs1IaRiS8v.exe

Files

bBbs1IaRiS8v.exe
.exe windows:6 windows x64 arch:x64

e048a0077c68841c14dff6ecb5007484

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

SetPriorityClass

user32

CreateWindowExW

shell32

SHChangeNotify

ole32

CoCreateInstance

d3d9

Direct3DCreate9

d3dx9_43

D3DXCreateTextureFromFileInMemoryEx

ws2_32

send

crypt32

CertCloseStore

imm32

ImmReleaseContext

gdi32

GetDeviceCaps

advapi32

ReportEventW

bcrypt

BCryptGenRandom

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 857KB - Virtual size: 857KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.9MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 118KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.g49
Size: 4.8MB - Virtual size: 4.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.$iv
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

./_a
Size: 5.3MB - Virtual size: 5.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e048a0077c68841c14dff6ecb5007484

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

ole32

d3d9

d3dx9_43

ws2_32

crypt32

imm32

gdi32

advapi32

bcrypt

Sections

.text Size: 2.5MB - Virtual size: 2.5MB

.rdata Size: 857KB - Virtual size: 857KB

.data Size: 1.9MB - Virtual size: 2.0MB

.pdata Size: 118KB - Virtual size: 117KB

_RDATA Size: 9KB - Virtual size: 8KB

.g49 Size: 4.8MB - Virtual size: 4.8MB

.$iv Size: 512B - Virtual size: 240B

./_a Size: 5.3MB - Virtual size: 5.3MB

.rsrc Size: 103KB - Virtual size: 102KB

.reloc Size: 30KB - Virtual size: 29KB

.text
Size: 2.5MB - Virtual size: 2.5MB

.rdata
Size: 857KB - Virtual size: 857KB

.data
Size: 1.9MB - Virtual size: 2.0MB

.pdata
Size: 118KB - Virtual size: 117KB

_RDATA
Size: 9KB - Virtual size: 8KB

.g49
Size: 4.8MB - Virtual size: 4.8MB

.$iv
Size: 512B - Virtual size: 240B

./_a
Size: 5.3MB - Virtual size: 5.3MB

.rsrc
Size: 103KB - Virtual size: 102KB

.reloc
Size: 30KB - Virtual size: 29KB