bbec6245f3327c69a9dfccd62af3fd52c93534759568276f39e6e860b1d28a1c

Sharing

Copy URL

Twitter E-mail

General

Target

bbec6245f3327c69a9dfccd62af3fd52c93534759568276f39e6e860b1d28a1c
Size

202KB
MD5

5b6c8154297391010bf1bc2842d079fd
SHA1

c2c42f7b8f3913d238f258ba905944e9dcbbe9de
SHA256

bbec6245f3327c69a9dfccd62af3fd52c93534759568276f39e6e860b1d28a1c
SHA512

c51b952a9783d88c833969cbae0414b689aeb8dac97949ee12f51d0306ad921ca0115104e9dfd21f4839c088689b0b5e8f6d77b82f676d3f08bbb0684583c47e
SSDEEP

6144:c6thzyoiegFZ5gXU1qNpRT3VAjoLd/xq:c6thzyoVmZ51M3V8oxJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bbec6245f3327c69a9dfccd62af3fd52c93534759568276f39e6e860b1d28a1c

Files

bbec6245f3327c69a9dfccd62af3fd52c93534759568276f39e6e860b1d28a1c
.exe windows:6 windows x86 arch:x86

fee8b554d21da9560d98f50aff6e6ca7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\develope\dvdcore\Release\spumux.pdb

Imports

kernel32

lstrlenW
CreateFileW
GetLastError
WriteFile
ReadFile
CloseHandle
FindClose
SetFilePointerEx
DeleteFileW
RaiseException
InitializeCriticalSectionEx
DeleteCriticalSection
DecodePointer
lstrcmpiW
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
MapViewOfFileEx
lstrcmpW
GetTickCount
GetCurrentProcess
GetCurrentThread
GetModuleFileNameW
GetCurrentThreadId
GetCurrentProcessId
TerminateProcess
SetUnhandledExceptionFilter
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
UnhandledExceptionFilter
GetProcAddress
GetModuleHandleW
WriteConsoleW
GetFileSizeEx
GetStringTypeW
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
MultiByteToWideChar
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetFileType
GetCommandLineW
GetCommandLineA
GetStdHandle
GetModuleHandleExW
ExitProcess
LoadLibraryExW
FreeLibrary
TlsFree
TlsSetValue
CreateEventW
TlsGetValue
TlsAlloc
EncodePointer
SetLastError
RtlUnwind
LocalFree
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
OutputDebugStringW

ole32

CoCreateInstance
CoInitializeEx

oleaut32

SysAllocString
SysFreeString

gdiplus

GdipResetWorldTransform
GdipScaleMatrix
GdipCreateMatrix
GdipSetTextRenderingHint
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipCreateFontFamilyFromName
GdipMeasureString
GdipGetGenericFontFamilySansSerif
GdipCreateFont
GdipDrawImageRectI
GdipSetInterpolationMode
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipCreateBitmapFromScan0
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipCloneImage
GdipAlloc
GdipFree
GdipLoadImageFromFile
GdiplusStartup
GdipSetWorldTransform
GdipDrawString
GdipDeleteFontFamily

ws2_32

ntohs
htonl
htons
ntohl

psapi

GetMappedFileNameW
GetProcessMemoryInfo

dbghelp

StackWalk
SymGetModuleBase
SymFunctionTableAccess
SymFromAddr
SymGetLineFromAddr
MiniDumpWriteDump

Sections

.text
Size: 134KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fee8b554d21da9560d98f50aff6e6ca7

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

ole32

oleaut32

gdiplus

ws2_32

psapi

dbghelp

Sections

.text Size: 134KB - Virtual size: 134KB

.rdata Size: 54KB - Virtual size: 54KB

.data Size: 3KB - Virtual size: 6KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 134KB - Virtual size: 134KB

.rdata
Size: 54KB - Virtual size: 54KB

.data
Size: 3KB - Virtual size: 6KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 8KB - Virtual size: 7KB