baccc9ab4433c502f4b83bb70af2786f097be4b69526f70e4446cdfaf303628f

Sharing

Copy URL Twitter E-mail

General

Target

baccc9ab4433c502f4b83bb70af2786f097be4b69526f70e4446cdfaf303628f
Size

4.7MB
MD5

07d5824548ff36c138ad6039c6469737
SHA1

b3ef192065cd6d8e6caab1b4fa383fd5888cb6f1
SHA256

baccc9ab4433c502f4b83bb70af2786f097be4b69526f70e4446cdfaf303628f
SHA512

8fb0b036b2391d5786724cdad4a956225fd3e555c42f07cbd69ef53ccf0cbdd6d4707ce87f983bcf32ec7b30f7547816be97c2c538e7baad1acc2a52020da9a7
SSDEEP

49152:wke2Qw/8Gn9IHCQUWnghZMSIX5Q6HkDRMj6DM/3WMyjJoXJ7nTQkSUnrP1a1tD04:wke2Qs8h5Qt7ZMyknTQkSUu0Sq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
baccc9ab4433c502f4b83bb70af2786f097be4b69526f70e4446cdfaf303628f

Files

baccc9ab4433c502f4b83bb70af2786f097be4b69526f70e4446cdfaf303628f
.exe windows:5 windows x64 arch:x64

4f714d43441a22aa806e134075be5aee

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msacm32

acmStreamPrepareHeader
acmStreamConvert
acmStreamClose
acmStreamOpen

winmm

waveOutPause
waveOutReset
PlaySoundA
waveOutOpen
waveOutClose
waveOutPrepareHeader
waveOutUnprepareHeader
waveOutWrite

kernel32

ReadConsoleW
SetFilePointerEx
GetStartupInfoW
GetTimeZoneInformation
GetConsoleCP
RtlCaptureContext
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
CreateEventW
TerminateProcess
CreateThread
FatalAppExitA
SetConsoleCtrlHandler
IsValidCodePage
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
OutputDebugStringW
GetStringTypeW
GetDateFormatW
GetTimeFormatW
LCMapStringW
IsValidLocale
EnumSystemLocalesW
CreateFileW
SetEnvironmentVariableA
VirtualQuery
VirtualAlloc
GetSystemInfo
WriteConsoleW
GetFileType
GetStdHandle
GetCommandLineA
AreFileApisANSI
FindClose
ExitProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetSystemTimeAsFileTime
RtlUnwindEx
RtlLookupFunctionEntry
RtlPcToFileHeader
GetConsoleMode
LocalLock
FindResourceExW
GetUserDefaultLCID
ReplaceFileA
GetDiskFreeSpaceA
VirtualProtect
SearchPathA
GetProfileIntA
GetTempFileNameA
VerifyVersionInfoA
VerSetConditionMask
GetTickCount
GetWindowsDirectoryA
lstrcpyA
GetCurrentDirectoryA
GetCPInfo
GetOEMCP
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GetACP
GlobalFlags
GetAtomNameA
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
SetStdHandle
HeapQueryInformation
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
SetErrorMode
SystemTimeToFileTime
SetFileTime
SetFileAttributesA
LocalFileTimeToFileTime
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetFileAttributesA
GetCurrentProcessId
WritePrivateProfileStringA
LocalUnlock
ExitThread
CopyFileW
GetTempPathW
DeleteFileW
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcmpA
GetCurrentThread
GetVersionExA
ResumeThread
SuspendThread
SetThreadPriority
CreateEventA
WaitForSingleObject
SetEvent
CompareStringA
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
FindResourceA
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetModuleHandleW
FreeResource
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
FreeLibrary
CopyFileA
FormatMessageA
MulDiv
LocalFree
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
GetStringTypeExA
GetThreadLocale
MultiByteToWideChar
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
GetVolumeInformationA
MoveFileA
LoadLibraryW
lstrcmpiA
GetShortPathNameA
LoadLibraryExA
GetProcAddress
GetModuleHandleExW
GetModuleHandleA
GetModuleFileNameW
GetCurrentProcess
SetLastError
DuplicateHandle
CloseHandle
OutputDebugStringA
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
CreateFileA
RaiseException
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
DecodePointer
GetTempPathA
FileTimeToSystemTime
FileTimeToLocalFileTime
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
GetModuleFileNameA
GetLastError
WideCharToMultiByte
FindResourceW
SizeofResource
LoadResource
LockResource
Sleep
FindFirstFileA
DeleteFileA
CreateSemaphoreW

user32

GetUpdateRect
SubtractRect
SendNotifyMessageA
InSendMessage
CreateMenu
DestroyCursor
GetWindowRgn
WindowFromDC
GetTabbedTextExtentA
GetTabbedTextExtentW
MapVirtualKeyExA
IsCharLowerA
GetKeyboardLayout
PostThreadMessageA
IsZoomed
GetComboBoxInfo
TrackMouseEvent
MonitorFromPoint
UpdateLayeredWindow
IsMenu
UnionRect
SetWindowRgn
DrawFrameControl
DrawEdge
LoadImageW
DrawStateA
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
EnumDisplayMonitors
SetLayeredWindowAttributes
RegisterClipboardFormatA
ReuseDDElParam
UnpackDDElParam
GetMenuBarInfo
InsertMenuItemA
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
BringWindowToTop
GetMenuDefaultItem
CreatePopupMenu
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
GetAsyncKeyState
DrawIconEx
LoadImageA
SetRectEmpty
DrawFocusRect
MessageBeep
GetNextDlgGroupItem
IsRectEmpty
SetRect
InvalidateRgn
CopyAcceleratorTableA
CharNextA
WindowFromPoint
DestroyIcon
InvalidateRect
DeleteMenu
GetDialogBaseUnits
CopyImage
RealChildWindowFromPoint
GetSysColorBrush
SystemParametersInfoA
GetMenuItemInfoA
DestroyMenu
IntersectRect
InflateRect
MapDialogRect
SetWindowContextHelpId
GetWindowThreadProcessId
ShowOwnedPopups
PostQuitMessage
FillRect
ClientToScreen
EndPaint
BeginPaint
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
MapVirtualKeyA
GetKeyNameTextA
TranslateMessage
IsClipboardFormatAvailable
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconA
CallNextHookEx
SetWindowsHookExA
GetLastActivePopup
GetTopWindow
GetClassNameA
GetClassLongPtrA
GetClassLongA
SetWindowLongPtrA
GetWindowLongPtrA
EqualRect
GetSysColor
MapWindowPoints
MessageBoxA
AdjustWindowRectEx
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
ScrollWindow
ValidateRect
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenuEx
TrackPopupMenu
SetMenu
GetMenu
GetCapture
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
DestroyWindow
IsChild
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetScrollPos
SetScrollPos
KillTimer
WaitMessage
PeekMessageA
DispatchMessageA
RemoveMenu
InsertMenuA
GetMenuItemCount
GetMenuItemID
GetMenuState
GetMenuStringA
IsDialogMessageA
GetWindow
GetParent
SetWindowLongA
GetWindowLongA
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
ScrollWindowEx
IsWindowEnabled
GetFocus
SetFocus
GetDlgCtrlID
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
DrawMenuBar
GetDCEx
EnumChildWindows
FrameRect
CharUpperBuffA
ModifyMenuA
SetMenuDefaultItem
CopyIcon
GetDoubleClickTime
SetClassLongPtrA
LockWindowUpdate
SetCursorPos
DestroyAcceleratorTable
CreateAcceleratorTableA
LoadAcceleratorsW
ToAsciiEx
GetKeyboardState
GetMessageA
SetParent
SendDlgItemMessageA
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetDlgItemTextA
SetDlgItemTextA
GetDlgItemInt
SetDlgItemInt
GetDlgItem
SetWindowPos
MoveWindow
ShowWindow
IsWindow
UnhookWindowsHookEx
CharUpperA
UnregisterClassW
UnregisterClassA
GetIconInfo
LoadIconW
LoadCursorA
CopyRect
ReleaseDC
GetDC
DrawIcon
AppendMenuA
GetSubMenu
GetSystemMenu
LoadMenuW
GetSystemMetrics
IsIconic
GetDesktopWindow
OffsetRect
SetCursor
GetWindowRect
GetClientRect
RedrawWindow
SetTimer
SetCapture
GetKeyState
EnableWindow
SendMessageA
LoadCursorW
PtInRect
ScreenToClient
GetCursorPos
ReleaseCapture
PostMessageA
MessageBoxW
GetWindowDC

gdi32

SetTextJustification
PlayMetaFileRecord
EnumMetaFile
SetWorldTransform
ModifyWorldTransform
SetColorAdjustment
StartDocA
ArcTo
PolyDraw
SelectClipPath
SetArcDirection
ExtCreatePen
MoveToEx
SetGraphicsMode
TextOutA
ExtTextOutA
PolyBezierTo
PolylineTo
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CombineRgn
CreateFontIndirectA
GetMapMode
SetRectRgn
DPtoLP
GetTextMetricsA
GetBkColor
GetTextColor
GetRgnBox
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
SetPixel
SetTextAlign
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
Rectangle
EnumFontFamiliesExA
OffsetRgn
CreateRoundRectRgn
GetCharWidthA
GetCurrentObject
RoundRect
FrameRgn
PtInRegion
SetPixelV
ExtFloodFill
SetPaletteEntries
FillRgn
GetBoundsRect
GetWindowOrgEx
LPtoDP
GetViewportOrgEx
EndDoc
StartPage
EndPage
AbortDoc
SetAbortProc
GetROP2
GetBkMode
GetNearestColor
GetPolyFillMode
GetStretchBltMode
GetTextAlign
GetTextExtentPointA
GetTextExtentPoint32W
GetTextFaceA
CloseMetaFile
CreateMetaFileA
DeleteMetaFile
SetMapperFlags
SetBkMode
SelectPalette
SetTextCharacterExtra
SetStretchBltMode
CreateCompatibleBitmap
SetWinMetaFileBits
ExtTextOutW
SetEnhMetaFileBits
PlayEnhMetaFile
GetEnhMetaFilePaletteEntries
GetEnhMetaFileHeader
DeleteEnhMetaFile
SetROP2
SetPolyFillMode
GetLayout
SetLayout
StretchBlt
StretchDIBits
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
PlayMetaFile
OffsetClipRgn
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetCurrentPositionEx
GetClipRgn
GetClipBox
ExcludeClipRect
Escape
DeleteObject
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateDIBPatternBrushPt
BitBlt
PatBlt
CreateRectRgnIndirect
GetObjectA
SetTextColor
SetBkColor
CreateBitmap
GetDeviceCaps
CreateDCA
CopyMetaFileA
SelectObject
GetTextExtentPoint32A
GetDIBits
GetBitmapBits
CreateFontA
CreateCompatibleDC
SetMapMode

msimg32

AlphaBlend
TransparentBlt

winspool.drv

ClosePrinter
DocumentPropertiesA
GetJobA
OpenPrinterA

advapi32

SetFileSecurityA
RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueA
RegOpenKeyExW
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
GetFileSecurityA

shell32

SHBrowseForFolderA
SHGetFileInfoA
SHAddToRecentDocs
ExtractIconA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetDesktopFolder
ShellExecuteExA
SHAppBarMessage
ShellExecuteA
SHGetMalloc
DragFinish
DragQueryFileA

shlwapi

PathStripToRootA
PathFindExtensionA
PathFindFileNameA
PathRemoveExtensionA
PathRemoveFileSpecW
PathIsUNCA
StrFormatKBSizeA

uxtheme

GetThemeSysColor
GetThemePartSize
IsAppThemed
IsThemeBackgroundPartiallyTransparent
GetCurrentThemeName
GetThemeColor
DrawThemeBackground
CloseThemeData
OpenThemeData
DrawThemeParentBackground
DrawThemeText
GetWindowTheme

ole32

StringFromCLSID
CoTaskMemAlloc
CoTaskMemFree
CoTreatAsClass
DoDragDrop
OleSetMenuDescriptor
CreateBindCtx
ReadClassStg
WriteClassStg
WriteFmtUserTypeStg
ReadFmtUserTypeStg
OleDuplicateData
ReleaseStgMedium
OleRegGetUserType
SetConvertStg
CoUninitialize
CoInitializeEx
CoCreateInstance
CoCreateGuid
CoInitialize
CLSIDFromString
CLSIDFromProgID
StringFromGUID2
CoDisconnectObject
CoGetClassObject
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
OleRun
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
CreateStreamOnHGlobal
CoRegisterClassObject
CoRevokeClassObject
OleSetClipboard
OleFlushClipboard
OleIsCurrentClipboard
CreateOleAdviseHolder
CreateDataAdviseHolder
GetRunningObjectTable
CoGetMalloc
OleIsRunning
OleQueryCreateFromData
OleQueryLinkFromData
OleRegEnumVerbs
OleRegGetMiscStatus
PropVariantCopy
GetHGlobalFromILockBytes
OleGetIconOfClass
OleSetContainedObject
OleSaveToStream
OleSave
OleLoad
OleCreateFromFile
OleCreateLinkToFile
OleCreateStaticFromData
OleCreateLinkFromData
OleCreateFromData
OleCreate
WriteClassStm
CreateItemMoniker
CreateGenericComposite
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CreateFileMoniker
StgIsStorageFile
StgOpenStorage
StgCreateDocfile
OleLockRunning
CoRegisterMessageFilter

oleaut32

SysFreeString
SysAllocString
OleCreateFontIndirect
VarDecFromStr
VarBstrFromDec
VarBstrFromDate
VarBstrFromCy
VarCyFromStr
VarDateFromStr
VariantCopy
SafeArrayPtrOfIndex
SafeArrayCopy
SafeArrayPutElement
SafeArrayGetElement
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayUnlock
SafeArrayLock
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayRedim
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SafeArrayCreate
SafeArrayAllocData
SafeArrayAllocDescriptor
VariantTimeToSystemTime
SystemTimeToVariantTime
SysReAllocStringLen
RegisterTypeLi
LoadRegTypeLi
LoadTypeLi
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysAllocStringByteLen
SysStringByteLen
SysStringLen

oledlg

ord8

ws2_32

WSACleanup
accept
bind
closesocket
connect
getpeername
getsockname
htonl
htons
inet_addr
inet_ntoa
ntohs
recv
recvfrom
select
send
sendto
socket
gethostbyname
WSAStartup
WSASetLastError
WSAAsyncSelect
WSAGetLastError

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

gdiplus

GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromStreamICM
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdiplusShutdown
GdipCreateBitmapFromFileICM
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromFile
GdipSetInterpolationMode
GdipDrawImageRectI
GdipRemovePropertyItem
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipAlloc
GdipSaveImageToFile

Sections

.text
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 183KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4f714d43441a22aa806e134075be5aee

Headers

DLL Characteristics

File Characteristics

Imports

msacm32

winmm

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

oledlg

ws2_32

oleacc

imm32

gdiplus

Sections

.text Size: 3.2MB - Virtual size: 3.2MB

.rdata Size: 1.2MB - Virtual size: 1.2MB

.data Size: 50KB - Virtual size: 232KB

.pdata Size: 183KB - Virtual size: 182KB

.rsrc Size: 33KB - Virtual size: 33KB

.text
Size: 3.2MB - Virtual size: 3.2MB

.rdata
Size: 1.2MB - Virtual size: 1.2MB

.data
Size: 50KB - Virtual size: 232KB

.pdata
Size: 183KB - Virtual size: 182KB

.rsrc
Size: 33KB - Virtual size: 33KB