8114326f5d97a91713c5ffe49374d244fe94ae59440127cacdfdbeab4b57b710N

Sharing

Copy URL Twitter E-mail

General

Target

8114326f5d97a91713c5ffe49374d244fe94ae59440127cacdfdbeab4b57b710N
Size

668KB
MD5

303b5f1cf3ee8b83cb57d9e4e59b2c00
SHA1

a8c1551c55275a1029daf1143f36e2c61d02ffc7
SHA256

8114326f5d97a91713c5ffe49374d244fe94ae59440127cacdfdbeab4b57b710
SHA512

e3738e26efb282c59965903c05ab77050aad958848af67f5ac9d449cbf4ddc6aa20b0667d1ef292fd0d9ec3769754305cae982072e4e752ff6a32d5a3f9775d6
SSDEEP

6144:7SFLf3CrvLYxxVsg2IWS/m0GONvd3MhNsJwGyRm+Bb/RvbwJuKZmsriZfnLzQmRw:cSrgVsg2IWr0KgShlvRrbfT07pz9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8114326f5d97a91713c5ffe49374d244fe94ae59440127cacdfdbeab4b57b710N

Files

8114326f5d97a91713c5ffe49374d244fe94ae59440127cacdfdbeab4b57b710N
.exe windows:4 windows x86 arch:x86

6a487a208edae7ac87fb8fdb44dbc917

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\BNS\Program\engine\External\libcef\lib\Release\BnsCefSubProcess.pdb

Imports

libcef

cef_v8value_create_object
cef_v8value_create_function
cef_string_list_free
cef_string_list_alloc
cef_execute_process
cef_api_hash
cef_process_message_create
cef_log
cef_string_list_append
cef_string_map_append
cef_string_multimap_append
cef_string_map_value
cef_string_map_key
cef_string_map_size
cef_string_multimap_value
cef_string_multimap_key
cef_string_multimap_size
cef_string_list_value
cef_string_list_size
cef_string_map_free
cef_string_map_alloc
cef_string_multimap_free
cef_string_multimap_alloc
cef_string_list_copy
cef_string_userfree_utf16_free
cef_string_utf16_cmp
cef_string_utf16_set
cef_string_utf16_clear
cef_string_utf8_to_utf16

kernel32

GetSystemTimeAsFileTime
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoA
InterlockedCompareExchange
Sleep
InterlockedExchange
GetCurrentProcessId

msvcp80

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??_D?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?str@?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?_Throw@std@@YAXABVexception@stdext@@@Z
?_Raise_handler@std@@3P6AXABVexception@stdext@@@ZA
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WI@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

msvcr80

_amsg_exit
__getmainargs
_cexit
_exit
_XcptFilter
_ismbblead
exit
_acmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_encode_pointer
__set_app_type
_crt_debugger_hook
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_unlock
__dllonexit
_lock
_onexit
_decode_pointer
_except_handler4_common
_invoke_watson
_controlfp_s
_purecall
??3@YAXPAX@Z
_invalid_parameter_noinfo
__CxxFrameHandler3
??_V@YAXPAX@Z
??2@YAPAXI@Z
memset
memmove_s

Sections

.text
Size: 144KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 456KB - Virtual size: 456KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6a487a208edae7ac87fb8fdb44dbc917

Headers

File Characteristics

PDB Paths

Imports

libcef

kernel32

msvcp80

msvcr80

Sections

.text Size: 144KB - Virtual size: 142KB

.rdata Size: 48KB - Virtual size: 44KB

.data Size: 16KB - Virtual size: 13KB

.rsrc Size: 456KB - Virtual size: 456KB

.text
Size: 144KB - Virtual size: 142KB

.rdata
Size: 48KB - Virtual size: 44KB

.data
Size: 16KB - Virtual size: 13KB

.rsrc
Size: 456KB - Virtual size: 456KB