41126c5b9b2bb18d4d934e7c8937780e878c1b3bf2055797b69ad2c3ad01e853N

Sharing

Copy URL Twitter E-mail

General

Target

41126c5b9b2bb18d4d934e7c8937780e878c1b3bf2055797b69ad2c3ad01e853N
Size

156KB
MD5

e59f4030059558c225a4ee349f9ab270
SHA1

bd150db21d92e42688e6d40f9332a92d8a37c454
SHA256

41126c5b9b2bb18d4d934e7c8937780e878c1b3bf2055797b69ad2c3ad01e853
SHA512

9eedd0de29dc5a05156e48604cd2f9258e55103d9ba5463868376dcad6fd8863dc95cd75ac0534a9736c3e5b7569b23d3ffa2dc822fd0fa088b0cf5facf63f29
SSDEEP

3072:I137Rriyqipb+S5j9w7QXdJNlueAuwLeu+rSfva4SX6JE:IjFq0b+69w7QXdJGDKu6WpSX6y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41126c5b9b2bb18d4d934e7c8937780e878c1b3bf2055797b69ad2c3ad01e853N

Files

41126c5b9b2bb18d4d934e7c8937780e878c1b3bf2055797b69ad2c3ad01e853N
.exe windows:4 windows x86 arch:x86

c5f5bb5b024d2d9f41cc12fdff723890

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Program Files\Beqire.pdb

Imports

user32

AppendMenuA
FrameRect
ClientToScreen
RegisterClassExA
GetWindowTextLengthA
SetForegroundWindow
CheckRadioButton
SendDlgItemMessageA
IsClipboardFormatAvailable
SendMessageA
DestroyWindow
SetClipboardData
GetClientRect
GetWindowThreadProcessId
FillRect
TrackPopupMenu
DrawFrameControl
PostMessageA
IsDialogMessageA
GetActiveWindow
SystemParametersInfoA
GetWindowRect
DialogBoxIndirectParamA
CreatePopupMenu
GetSysColorBrush
DispatchMessageA
GetForegroundWindow
CreateDialogIndirectParamA

gdi32

RestoreDC
SaveDC
ExtTextOutA
CreateFontIndirectA
StartDocA
StartPage
PatBlt
GetTextExtentPoint32A
SetPixel
StretchBlt
SelectObject
Rectangle

winspool.drv

SetFormA
ScheduleJob
ResetPrinterA
OpenPrinterA
GetPrintProcessorDirectoryA
GetJobA
EnumPrinterDriversA
EnumPrinterDataA
EnumPrinterDataExA
DeletePrinter
DeletePrintProvidorA
DeletePrintProcessorA
DeletePortA

mprapi

MprAdminInterfaceConnect
MprInfoCreate
MprInfoBlockSet
MprInfoBlockRemove
MprInfoBlockQuerySize
MprInfoBlockFind
MprAdminPortGetInfo
MprAdminPortEnum
MprAdminPortDisconnect
MprAdminPortClearStats
MprAdminMIBEntryGet
MprAdminMIBEntryDelete
MprAdminMIBEntryCreate
MprAdminInterfaceTransportGetInfo
MprAdminInterfaceTransportAdd
MprAdminInterfaceDeviceGetInfo
MprAdminInterfaceGetCredentialsEx
MprAdminInterfaceSetCredentials

odbc32

ord154
ord58
ord59
ord72
ord24
ord26
ord28
ord135
ord136
ord37
ord138
ord139
ord173
ord74

kernel32

SetConsoleCtrlHandler
VirtualQuery
InterlockedExchange
GetCPInfo
GetOEMCP
GetACP
LoadLibraryA
QueryPerformanceCounter
IsBadReadPtr
HeapSize
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
VirtualProtect
GetSystemInfo
IsBadCodePtr
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetLastError
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetModuleFileNameA
GetStdHandle
WriteFile
GetCurrentProcess
TerminateProcess
ExitProcess
SetUnhandledExceptionFilter
HeapFree
HeapAlloc
GetVersionExA
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
RaiseException
RtlUnwind
VerLanguageNameA
SetTapePosition
RemoveDirectoryA
GetCurrentThreadId
SetFileAttributesA
CreateProcessA
GetProcAddress

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 721KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c5f5bb5b024d2d9f41cc12fdff723890

Headers

File Characteristics

PDB Paths

Imports

user32

gdi32

winspool.drv

mprapi

odbc32

kernel32

Sections

.text Size: 40KB - Virtual size: 36KB

.rdata Size: 40KB - Virtual size: 38KB

.data Size: 64KB - Virtual size: 721KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 40KB - Virtual size: 36KB

.rdata
Size: 40KB - Virtual size: 38KB

.data
Size: 64KB - Virtual size: 721KB

.reloc
Size: 8KB - Virtual size: 5KB