167c3a8a225760b5855031bba7235e7148aad6220d054b246a1d42d42267d9e2

Sharing

Copy URL

Twitter E-mail

General

Target

167c3a8a225760b5855031bba7235e7148aad6220d054b246a1d42d42267d9e2
Size

477KB
MD5

5b93d42d64486b3abc36f7085e2d6c67
SHA1

89c9258f7f7918ab52928c2bcc3936518e69576e
SHA256

167c3a8a225760b5855031bba7235e7148aad6220d054b246a1d42d42267d9e2
SHA512

3d3654be751d1690805910627963d0636efd315f59596beb890403b7c004c94d3ecd8fde9b57e266cc9d24098b94df417c3607cb9d5dafc4e0f40738d4eb2511
SSDEEP

12288:Nm6sXfct9lIRDC3vmk7nWOWO8AYOB5vbsv98qP2Xo+:NmbXfy9uRQWOWO8GBZa98quY+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/BTC_generator/btcgenerator.exe

Files

167c3a8a225760b5855031bba7235e7148aad6220d054b246a1d42d42267d9e2
.zip

Password: 2023
BTC_generator/btcgenerator.exe
.exe windows:6 windows x86 arch:x86

Password: 2023

6addd02d82538c2ca23958c8c292883b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
CreateThread
VirtualAllocEx
FreeConsole
RaiseException
InitOnceBeginInitialize
InitOnceComplete
CloseHandle
GetCurrentThreadId
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
TryAcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
GetLastError
FreeLibraryWhenCallbackReturns
CreateThreadpoolWork
SubmitThreadpoolWork
CloseThreadpoolWork
GetModuleHandleExW
IsProcessorFeaturePresent
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
QueryPerformanceCounter
EncodePointer
DecodePointer
MultiByteToWideChar
WideCharToMultiByte
LCMapStringEx
GetSystemTimeAsFileTime
GetModuleHandleW
GetProcAddress
GetStringTypeW
GetCPInfo
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
GetCurrentProcess
TerminateProcess
GetCurrentProcessId
InitializeSListHead
CreateFileW
RtlUnwind
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
ExitProcess
GetModuleFileNameW
GetStdHandle
WriteFile
GetCommandLineA
GetCommandLineW
HeapFree
HeapAlloc
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetFileType
GetFileSizeEx
SetFilePointerEx
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
ReadFile
ReadConsoleW
HeapReAlloc
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetProcessHeap
SetStdHandle
HeapSize
WriteConsoleW

Sections

.text
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.zzz
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 303KB - Virtual size: 307KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: 2023

Password: 2023

6addd02d82538c2ca23958c8c292883b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 121KB - Virtual size: 120KB

.zzz Size: 2KB - Virtual size: 1KB

.rdata Size: 42KB - Virtual size: 41KB

.data Size: 303KB - Virtual size: 307KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 121KB - Virtual size: 120KB

.zzz
Size: 2KB - Virtual size: 1KB

.rdata
Size: 42KB - Virtual size: 41KB

.data
Size: 303KB - Virtual size: 307KB

.reloc
Size: 8KB - Virtual size: 7KB