bbb74599b7acec4bc5de2e52689133a0N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

bbb74599b7acec4bc5de2e52689133a0N.exe
Size

658KB
MD5

bbb74599b7acec4bc5de2e52689133a0
SHA1

1c09f58515303484ed0df208f99297d13e276108
SHA256

84857d9ed74d0be2ca0c9718274bd9ecc7109c68c2503db5df6f9ff07348df15
SHA512

490df038f4f666f8f14a92aad798e7dd98b74b18d0778d92db3fd9a0468992f20a8348149e512e7f123b83c4aafc955af81e82dc9a71581901c1445d25ce7c27
SSDEEP

12288:GlajmOlMGN5TY/2aTZyw2CqPruYE87kfq9X9UsGjz11gKYYmwQBrdbbbbVHyqtTq:SJeMb2aTZyfC8n79Lbbbb3tTJwNCFV8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bbb74599b7acec4bc5de2e52689133a0N.exe

Files

bbb74599b7acec4bc5de2e52689133a0N.exe
.exe windows:5 windows x86 arch:x86

c9423b2c083355043bd922ba44226f9d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrFormatByteSizeW
SHAutoComplete
PathRenameExtensionW
PathRemoveFileSpecW
PathCombineW

kernel32

ReleaseMutex
GetSystemTimeAsFileTime
Sleep
GetShortPathNameA
SetEvent
SearchPathA
TerminateThread
CreateThread
SetLastError
GetCurrentDirectoryW
MulDiv
lstrcpyW
FileTimeToSystemTime
FileTimeToLocalFileTime
lstrcpynW
WideCharToMultiByte
LockResource
FindResourceExW
lstrcmpW
FindFirstFileExW
FindClose
FindNextFileW
FindFirstFileW
lstrcatW
CloseHandle
lstrlenA
WriteFile
GlobalUnlock
GlobalLock
GlobalAlloc
CreateFileW
GetFileAttributesW
ExpandEnvironmentStringsA
LoadLibraryA
CreateFileA
SetEnvironmentVariableA
CompareStringW
SetStdHandle
FlushFileBuffers
GetConsoleMode
InitializeCriticalSectionAndSpinCount
SetFilePointer
GetCurrentProcessId
WaitForSingleObject
QueryPerformanceCounter
GetModuleHandleW
FreeEnvironmentStringsW
GetStringTypeW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetFileType
SetHandleCount
GetStdHandle
HeapCreate
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetStartupInfoW
HeapSetInformation
GetCommandLineW
ExitProcess
DeleteFileA
DecodePointer
EncodePointer
RtlUnwind
HeapSize
HeapReAlloc
HeapDestroy
InterlockedPopEntrySList
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedPushEntrySList
CreateMutexW
CreateEventW
GetCurrentProcess
FlushInstructionCache
GetModuleFileNameW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
LoadLibraryW
lstrcmpiW
FreeLibrary
InterlockedDecrement
GetTickCount
InterlockedIncrement
GetLastError
LeaveCriticalSection
EnterCriticalSection
RaiseException
GetProcAddress
lstrlenW
GetCurrentThreadId
GetEnvironmentStringsW
DeleteCriticalSection
GetConsoleCP
LCMapStringW
WriteConsoleW
SetEndOfFile
ReadFile
InterlockedCompareExchange

user32

GetWindow
MonitorFromWindow
GetMonitorInfoW
LoadIconW
GetDlgCtrlID
SetDlgItemTextW
GetWindowTextW
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
MessageBoxW
MapWindowPoints
LoadImageW
GetDesktopWindow
GetSysColorBrush
GetSysColor
FillRect
CallWindowProcW
EnableWindow
InvalidateRect
GetClientRect
GetDialogBaseUnits
RegisterWindowMessageW
LoadCursorW
SetCursor
PostMessageW
ReleaseDC
GetDlgItem
GetParent
SendMessageW
GetWindowTextLengthW
SetWindowTextW
GetActiveWindow
SetWindowPos
AdjustWindowRect
GetWindowRect
GetDC
SetWindowLongW
GetMessageW
DispatchMessageW
GetWindowLongW
PeekMessageW
TrackMouseEvent
ShowCursor
ShowWindow
ChangeDisplaySettingsW
CreateWindowExA
SetForegroundWindow
EnumDisplaySettingsW
DefWindowProcW
DestroyWindow
CharNextW
SetFocus
UnregisterClassA

gdi32

Polygon
CreatePen
CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC
GetTextMetricsW
SelectObject
GetDeviceCaps
CreateFontIndirectW
DeleteObject
SetDIBitsToDevice
GetObjectW

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

RegQueryValueExA
RegQueryValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegOpenKeyExW
RegOpenKeyExA

shell32

Shell_NotifyIconW
SHGetSpecialFolderPathA
SHGetPathFromIDListW
SHBrowseForFolderW

ole32

OleUninitialize
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
OleInitialize

oleaut32

VarDecCmp
VarDecFromStr
VarR8FromStr
VarI4FromStr
VarDateFromStr
VarUI4FromStr

comctl32

PropertySheetW
DestroyPropertySheetPage
InitCommonControlsEx
CreatePropertySheetPageW

Sections

.text
Size: 255KB - Virtual size: 254KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 286KB - Virtual size: 286KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c9423b2c083355043bd922ba44226f9d

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

Sections

.text Size: 255KB - Virtual size: 254KB

.rdata Size: 286KB - Virtual size: 286KB

.data Size: 23KB - Virtual size: 31KB

.rsrc Size: 75KB - Virtual size: 75KB

.reloc Size: 17KB - Virtual size: 17KB

.text
Size: 255KB - Virtual size: 254KB

.rdata
Size: 286KB - Virtual size: 286KB

.data
Size: 23KB - Virtual size: 31KB

.rsrc
Size: 75KB - Virtual size: 75KB

.reloc
Size: 17KB - Virtual size: 17KB