b77eede10b2a2c9953ab596f101454cfc46106decb36286eaaee34fde304f95b

General

Target

b77eede10b2a2c9953ab596f101454cfc46106decb36286eaaee34fde304f95b
Size

729KB
MD5

4d94107344c104d2442e7303c9857c6b
SHA1

22ea180bf2ba97a0121eb11ca9b036de7211c934
SHA256

b77eede10b2a2c9953ab596f101454cfc46106decb36286eaaee34fde304f95b
SHA512

6bf55430100fd695135f5bd966fa9b2c2127e3e8d339dd2866ad0f144b66035386a71b775c3b6de213c02025ac190ccd452c7524aa68dbc167e7af7a35962f66
SSDEEP

6144:2JVhAiJfOU6MaxOb9jRq+lJbs7JVhAifN5SU6MaxOb9jRq+lJbfWJVhU:2dAEC6PqqbMdAN6PqqbOdU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b77eede10b2a2c9953ab596f101454cfc46106decb36286eaaee34fde304f95b

Files

b77eede10b2a2c9953ab596f101454cfc46106decb36286eaaee34fde304f95b
.dll windows:6 windows x86 arch:x86

e66d62d8d1d38995f81b50ac4950ce94

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Briqs\VSU\target\briqs2\retail\i386\CAMOD.pdb

Imports

msi

ord8
ord49
ord170
ord144
ord73
ord33
ord64
ord103
ord17
ord117
ord124
ord31
ord159
ord160

kernel32

LCMapStringW
RemoveDirectoryA
DeleteFileA
CopyFileA
CreateDirectoryA
GetLastError
GetTempPathA
GetCurrentThreadId
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
RtlUnwind
RaiseException
GetProcAddress
GetModuleHandleA
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
Sleep
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
UnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
IsDebuggerPresent
LCMapStringA
MultiByteToWideChar
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
WriteFile
LoadLibraryA
InitializeCriticalSection
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetFilePointer
GetConsoleCP
GetConsoleMode
HeapSize
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
CloseHandle
FlushFileBuffers

Exports

Exports

CopyFileToGacSubFolder
CopyFileToGacSubFolderRollbackCommit
CopyToGACFolder

Sections

.text
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e66d62d8d1d38995f81b50ac4950ce94

Headers

File Characteristics

PDB Paths

Imports

msi

kernel32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 56KB

.data Size: 8KB - Virtual size: 11KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 60KB - Virtual size: 56KB

.data
Size: 8KB - Virtual size: 11KB

.reloc
Size: 8KB - Virtual size: 5KB