ba55f3463c43088cdb961e4224cbde5d611a809d0619cde08b13df0ebf9740ec

Sharing

Copy URL Twitter E-mail

General

Target

ba55f3463c43088cdb961e4224cbde5d611a809d0619cde08b13df0ebf9740ec
Size

96KB
MD5

b5891770fb3daa4701ea9abb60fecaaa
SHA1

bc1230cbd6b492890ab5699e33ee9b0d81347e6c
SHA256

ba55f3463c43088cdb961e4224cbde5d611a809d0619cde08b13df0ebf9740ec
SHA512

da8d845f6a397aa65a02c9e493ac315e8086663f1ba1024be4bba7804ae534a0ef37be99c8940592f3d8c284e8c3d47dce61e660619b19af503ce8f1bd68a5b3
SSDEEP

1536:imoT5w9xKd6gmOD75snqzJ1puFDGS0nHPownq5o9:ljuoEmiXJ9Jnq5o9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba55f3463c43088cdb961e4224cbde5d611a809d0619cde08b13df0ebf9740ec

Files

ba55f3463c43088cdb961e4224cbde5d611a809d0619cde08b13df0ebf9740ec
.exe windows:5 windows x86

2732c2208cb763008697564d4761a080

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
GetCurrentProcess
CloseHandle
CreateFileA
lstrcpyA
GetModuleFileNameA
SetLastError
GetModuleHandleA
TerminateProcess
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetFilePointer
InitializeCriticalSectionAndSpinCount
FlushFileBuffers
SetStdHandle
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
MultiByteToWideChar
GetLastError
InterlockedDecrement
GetCurrentThreadId
LocalFree
Sleep
GetProcAddress
LoadLibraryA
FreeLibrary
lstrlenA
GetTickCount
FreeEnvironmentStringsW
DeleteFileA
SetEndOfFile
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
HeapSize
GetCurrentProcessId
QueryPerformanceCounter
ReadFile
ExitProcess
GetConsoleMode
GetConsoleCP
WriteFile
VirtualAlloc
VirtualFree
HeapCreate
IsValidCodePage
HeapFree
GetProcessHeap
InterlockedIncrement
InterlockedExchange
RtlUnwind
GetSystemTimeAsFileTime
HeapAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
HeapReAlloc
GetCommandLineA
GetStartupInfoA
LCMapStringA
LCMapStringW
GetCPInfo
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetHandleCount
GetStdHandle
GetFileType
GetACP
GetOEMCP
GetEnvironmentStringsW

user32

DefWindowProcA
PostMessageA
CreateWindowExA
DestroyWindow
TranslateMessage
RegisterClassExA
GetMessageA
wsprintfA
DispatchMessageA
PostQuitMessage

advapi32

RegQueryValueExA
RegSetValueExA
RegOpenKeyExA
RegCloseKey
RegCreateKeyExA

oleaut32

VariantClear

Sections

.text
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2732c2208cb763008697564d4761a080

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

oleaut32

Sections

.text Size: 75KB - Virtual size: 75KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 5KB - Virtual size: 12KB

.rsrc Size: 512B - Virtual size: 448B

.text
Size: 75KB - Virtual size: 75KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 5KB - Virtual size: 12KB

.rsrc
Size: 512B - Virtual size: 448B