91b115c3baa17873cc27b0b695d0095eee60055ea38ea3e03948ab08f0165520

Sharing

Copy URL Twitter E-mail

General

Target

91b115c3baa17873cc27b0b695d0095eee60055ea38ea3e03948ab08f0165520
Size

11.7MB
MD5

22d2e4e73fe14fd3625d92ffb1ed94d1
SHA1

76e45937b661c3a4866a0f1bc510a357940e7006
SHA256

91b115c3baa17873cc27b0b695d0095eee60055ea38ea3e03948ab08f0165520
SHA512

cb4a9e4fc8cb9f6cf418a142c0eea28a37f251a6a5f0954fa9ec3f71694d821516284b5f7ca4b417e77579259242deef8e7779aba2879895222a86dd726e71f2
SSDEEP

196608:WZ3BoJpAP6p7WOAJpJMEeG/RBbDEG7WPJ39rqGsFbO31uPylfjhTBX:Wo+6p7WOspJMx0xV7yrqGsdO31uPylfD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
91b115c3baa17873cc27b0b695d0095eee60055ea38ea3e03948ab08f0165520

Files

91b115c3baa17873cc27b0b695d0095eee60055ea38ea3e03948ab08f0165520
.exe windows:6 windows x86 arch:x86

6b59f2957dbfeb49dd8b068d74bcc8d0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\win10\AppData\Local\Temp\Y\B3\debug\win32\debuger\B4.pdb

Imports

kernel32

GetVersionExW
QueryPerformanceCounter
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

LoadAcceleratorsW

gdi32

CreateCompatibleBitmap

advapi32

LookupPrivilegeValueW

shell32

SHGetMalloc

ole32

WriteClassStg

oleaut32

SafeArrayDestroyDescriptor

comctl32

ImageList_Create

msimg32

AlphaBlend

shlwapi

PathFindFileNameW

uxtheme

DrawThemeBackground

oledlg

OleUIConvertW

gdiplus

GdipGetImagePixelFormat

ws2_32

WSACleanup

oleacc

AccessibleObjectFromWindow

imm32

ImmGetOpenStatus

winmm

PlaySoundW

winspool.drv

DocumentPropertiesW

Exports

Exports

?get_active_implementation@simdutf@@YAAAV?$atomic_ptr@$$CBVimplementation@simdutf@@@internal@1@XZ
?get_available_implementations@simdutf@@YAABVavailable_implementation_list@internal@1@XZ

Sections

.text
Size: - Virtual size: 5.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.b4cr10
Size: - Virtual size: 9.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.b4cr11
Size: 10.3MB - Virtual size: 10.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6b59f2957dbfeb49dd8b068d74bcc8d0

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

msimg32

shlwapi

uxtheme

oledlg

gdiplus

ws2_32

oleacc

imm32

winmm

winspool.drv

Exports

Exports

Sections

.text Size: - Virtual size: 5.9MB

.rdata Size: 1.3MB - Virtual size: 1.3MB

.data Size: - Virtual size: 66KB

.b4cr10 Size: - Virtual size: 9.6MB

.b4cr11 Size: 10.3MB - Virtual size: 10.3MB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: - Virtual size: 5.9MB

.rdata
Size: 1.3MB - Virtual size: 1.3MB

.data
Size: - Virtual size: 66KB

.b4cr10
Size: - Virtual size: 9.6MB

.b4cr11
Size: 10.3MB - Virtual size: 10.3MB

.rsrc
Size: 6KB - Virtual size: 5KB