00ba1b562d49b162912c6dc8948d9555

General

Target

00ba1b562d49b162912c6dc8948d9555
Size

43KB
MD5

00ba1b562d49b162912c6dc8948d9555
SHA1

6382ad06fa49c589052b10943c9ce8af206a91fb
SHA256

107cc11fd3d2dea4618c486f4dbdf1b1ca8ddcc09a126d96f868bb51a70c3f87
SHA512

0838895316e4a17683f50afa0d59486808feab8f061a55499f2b1a5d98c1fec7939e4d00be3498bda286c1f1423724d5115bafc1e6051482abccabbddaba4e0b
SSDEEP

768:3rV2SOzhYzlqnWVqB0xKTveBe6VTdTl9wg4ele0pk:3rBQh7xTveBewSr0y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00ba1b562d49b162912c6dc8948d9555

Files

00ba1b562d49b162912c6dc8948d9555
.exe windows:4 windows x86 arch:x86

73a5e7cd9f2a30972ab0cd91c6601b4b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCPInfo
FreeLibrary
lstrcpynA
DeleteFileA
GetStringTypeW
CloseHandle
GetLastError
lstrcatA
lstrlenA
GetStringTypeA
SetLastError
lstrcmpA
GetCommandLineA
GetDateFormatA
GetFileAttributesA
Sleep
HeapFree
GetModuleHandleA

user32

DrawIconEx
DialogBoxParamW
CopyIcon
AlignRects
LoadMenuA
BlockInput
CopyImage
IsMenu
GetFocus
InsertMenuA
CopyRect
DrawTextA
AppendMenuA
GetCursor
DialogBoxParamA
CloseWindow
AppendMenuW
GetMenu
DrawIcon

comctl32

ImageList_LoadImageA
ImageList_DragLeave
ImageList_EndDrag
ImageList_DrawIndirect
ImageList_ReplaceIcon
ImageList_LoadImage
ImageList_GetIcon
ImageList_AddMasked
InitCommonControls
ImageList_BeginDrag
ImageList_DrawEx
ImageList_Draw
ImageList_Replace
ImageList_GetImageRect
ImageList_Create
ImageList_DragShowNolock
ImageList_GetImageCount
ImageList_Merge

advapi32

RegReplaceKeyW
RegQueryValueExW
RegEnumKeyExA
RegLoadKeyW
RegEnumValueW
RegQueryValueA
RegDeleteValueA
RegEnumKeyW
RegLoadKeyA
RegOpenKeyA
RegCreateKeyExA
RegReplaceKeyA
RegDeleteKeyW
RegEnumKeyExW
RegDeleteKeyA
RegQueryInfoKeyW
RegFlushKey

Sections

.Vvrn
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.TskbJQ
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.TPNxaO
Size: 1KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ODKvx
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

73a5e7cd9f2a30972ab0cd91c6601b4b

Headers

File Characteristics

Imports

kernel32

user32

comctl32

advapi32

Sections

.Vvrn Size: 10KB - Virtual size: 10KB

.TskbJQ Size: 25KB - Virtual size: 24KB

.TPNxaO Size: 1KB - Virtual size: 55KB

.ODKvx Size: 2KB - Virtual size: 2KB

.Vvrn
Size: 10KB - Virtual size: 10KB

.TskbJQ
Size: 25KB - Virtual size: 24KB

.TPNxaO
Size: 1KB - Virtual size: 55KB

.ODKvx
Size: 2KB - Virtual size: 2KB