bb894171229d21637bc00c3360afcbf4aa4973e1ca61f424cc15a8f26a06956b

Sharing

Copy URL

Twitter E-mail

General

Target

bb894171229d21637bc00c3360afcbf4aa4973e1ca61f424cc15a8f26a06956b
Size

372KB
MD5

6c5dcbdf374073249f3477d0fd439039
SHA1

ed2165fe0e5ed5c608230f6c125713d2a0934c28
SHA256

bb894171229d21637bc00c3360afcbf4aa4973e1ca61f424cc15a8f26a06956b
SHA512

d75b96e95f6972013c41c99cb54e892ee7f7ee54e996465d0ef2f2d21ba9941869b7b06c49bbdcf36814f19ef0105475aea99c3f49098a5f44bcb810bbf21c0f
SSDEEP

6144:MLKewcnJHLFaz1ZXmkjr7ZVyf9Mcfj0bGGCM:Dfwh6ZXmk/fcfo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb894171229d21637bc00c3360afcbf4aa4973e1ca61f424cc15a8f26a06956b

Files

bb894171229d21637bc00c3360afcbf4aa4973e1ca61f424cc15a8f26a06956b
.exe windows:5 windows x86 arch:x86

bf2d799cb59ce43b83a63fa8fe6d611f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
CreateActCtxA
HeapUnlock
GetModuleHandleA
InterlockedExchangeAdd
WaitNamedPipeW
GetLastError
GetPrivateProfileSectionW
CancelDeviceWakeupRequest
EnterCriticalSection
LocalHandle
WriteFile
SetFileShortNameW
ReadProcessMemory
OpenEventW
SetEvent
SetConsoleTextAttribute
SetConsoleTitleW
AllocConsole
LoadLibraryA
LocalAlloc
VirtualAlloc
GetFileAttributesW
GetAtomNameW
HeapAlloc
lstrcpyW
GetSystemDefaultLCID
GetConsoleAliasW
GetModuleHandleW
CreateMailslotW
GetCPInfoExA
SetEnvironmentVariableA
CommConfigDialogW
GetConsoleAliasesLengthW
DeleteTimerQueue
GetFileAttributesExW
SetCalendarInfoW
HeapLock
ReleaseMutex
WaitForSingleObject
lstrlenW
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
InterlockedCompareExchange
InterlockedExchange
MultiByteToWideChar
Sleep
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
RtlUnwind
RaiseException
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStartupInfoW
LCMapStringA
LCMapStringW
GetCPInfo
GetStringTypeW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
HeapCreate
VirtualFree
HeapReAlloc
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
CloseHandle
ExitProcess
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
GetStringTypeA
HeapSize
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
InitializeCriticalSectionAndSpinCount
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA

Sections

.text
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 193KB - Virtual size: 758KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mud
Size: 512B - Virtual size: 23B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.yewiva
Size: 512B - Virtual size: 6B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.leyil
Size: 1024B - Virtual size: 963B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rewi
Size: 512B - Virtual size: 346B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bf2d799cb59ce43b83a63fa8fe6d611f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 106KB - Virtual size: 106KB

.data Size: 193KB - Virtual size: 758KB

.mud Size: 512B - Virtual size: 23B

.yewiva Size: 512B - Virtual size: 6B

.leyil Size: 1024B - Virtual size: 963B

.rewi Size: 512B - Virtual size: 346B

.rsrc Size: 59KB - Virtual size: 58KB

.reloc Size: 9KB - Virtual size: 9KB

.text
Size: 106KB - Virtual size: 106KB

.data
Size: 193KB - Virtual size: 758KB

.mud
Size: 512B - Virtual size: 23B

.yewiva
Size: 512B - Virtual size: 6B

.leyil
Size: 1024B - Virtual size: 963B

.rewi
Size: 512B - Virtual size: 346B

.rsrc
Size: 59KB - Virtual size: 58KB

.reloc
Size: 9KB - Virtual size: 9KB