b34c4073fa2f7ec4abff2e0c0ddbd5b10c954264a66c2005edd63afc978edd0f

Sharing

Copy URL Twitter E-mail

General

Target

b34c4073fa2f7ec4abff2e0c0ddbd5b10c954264a66c2005edd63afc978edd0f
Size

994KB
MD5

4fccbaf56761985a6611bcfe52a36826
SHA1

06c0d5ac6c2a82b3c9c4f10447d936fa6430470c
SHA256

b34c4073fa2f7ec4abff2e0c0ddbd5b10c954264a66c2005edd63afc978edd0f
SHA512

d0da31bd257ea3d2e017ce4b53e8d8757c4ee2604ae07a66c1bf960b361ef6db505251e9d378b6ddbf338e22165e2adf6cebefd3350377b43de6bf78ea1cb15c
SSDEEP

24576:zsujM/r1hk9MOgvGksDXUYG1tf0fWmrsbbL1P/Zre4RvxJE1bUUwN:rjcr1hk9MOgvGUIsbBzvxGCUwN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b34c4073fa2f7ec4abff2e0c0ddbd5b10c954264a66c2005edd63afc978edd0f

Files

b34c4073fa2f7ec4abff2e0c0ddbd5b10c954264a66c2005edd63afc978edd0f
.exe windows:6 windows x86 arch:x86

fe5d42d0302ebb7553fae865f3da29c0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\dev\bld\sotr\release\149\osf\SC_Client\src\build\bin\smrtbund\Win32\Release\scbbund.pdb

Imports

kernel32

GetLastError
DeleteFileA
HeapReAlloc
RaiseException
HeapAlloc
GetLocalTime
DecodePointer
HeapDestroy
DeleteCriticalSection
GetCurrentProcessId
GetProcessHeap
CreateHardLinkA
ReadFile
GetModuleFileNameA
GetFileSizeEx
GetModuleFileNameW
CreateMutexA
MultiByteToWideChar
Sleep
GetFileInformationByHandle
CopyFileA
GetFileAttributesA
MoveFileExA
CreateFileA
CloseHandle
LoadLibraryW
GetProcAddress
GetModuleHandleW
FreeLibrary
WideCharToMultiByte
GetVolumePathNameA
AreFileApisANSI
TryEnterCriticalSection
HeapCreate
GetFullPathNameW
WriteFile
GetDiskFreeSpaceW
OutputDebugStringA
GetTempPathA
SetFilePointer
GetFullPathNameA
SetEndOfFile
UnlockFileEx
GetTempPathW
CreateMutexW
WaitForSingleObject
CreateFileW
GetFileAttributesW
GetCurrentThreadId
UnmapViewOfFile
HeapValidate
FormatMessageW
GetDiskFreeSpaceA
GetFileAttributesExW
OutputDebugStringW
FlushViewOfFile
LoadLibraryA
WaitForSingleObjectEx
DeleteFileW
GetSystemInfo
HeapCompact
UnlockFile
LocalFree
LockFileEx
GetFileSize
SystemTimeToFileTime
GetSystemTimeAsFileTime
GetSystemTime
FormatMessageA
CreateFileMappingW
MapViewOfFile
QueryPerformanceCounter
GetTickCount
FlushFileBuffers
ReadConsoleW
SetFilePointerEx
SetStdHandle
HeapSize
FindClose
InitializeCriticalSectionEx
InitializeCriticalSection
LeaveCriticalSection
FindNextFileA
EnterCriticalSection
HeapFree
FindFirstFileA
LockFile
GetFileAttributesExA
SetEnvironmentVariableW
FreeEnvironmentStringsW
EncodePointer
LCMapStringEx
GetStringTypeW
GetCPInfo
IsDebuggerPresent
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
CreateEventW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
GetStartupInfoW
InitializeSListHead
RtlUnwind
SetLastError
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
ExitProcess
GetStdHandle
GetCommandLineA
GetCommandLineW
GetConsoleOutputCP
GetConsoleMode
GetFileType
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetTimeZoneInformation
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
WriteConsoleW

advapi32

RegCloseKey
CryptAcquireContextW
CryptCreateHash
CryptHashData
RegSetValueExW
CryptDestroyHash
RegOpenKeyExW
CryptGetHashParam
RegQueryValueExW
CryptReleaseContext

shlwapi

PathFileExistsA

Sections

.text
Size: 844KB - Virtual size: 843KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fe5d42d0302ebb7553fae865f3da29c0

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

advapi32

shlwapi

Sections

.text Size: 844KB - Virtual size: 843KB

.rdata Size: 113KB - Virtual size: 112KB

.data Size: 9KB - Virtual size: 13KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 25KB - Virtual size: 24KB

.text
Size: 844KB - Virtual size: 843KB

.rdata
Size: 113KB - Virtual size: 112KB

.data
Size: 9KB - Virtual size: 13KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 25KB - Virtual size: 24KB