maggotbaits[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

maggotbaits.exe
Size

2.1MB
MD5

e8d781e73dfc5c0c10ca066e851f143f
SHA1

0a619e03bc2953fbd069b8513b107b201d30e9a7
SHA256

9ca7f5d5c96e3cbb0a508526b312cd94c2c03dc438ae52844693d53c52588360
SHA512

3a1b2d57915bd03de9aff42e653be6038ca375977fc6f7e338d525d8dc68facfb12b583429f770978bc8265294c776e34668709ec89f6fed80283f4221fe2f5b
SSDEEP

24576:uwyrakfSnKfqy5RkPClBuaCE+iWDBGgAGIj9TD2iRG5zWlUNO8y6XI6NdvldjfBx:uhxKyGQsOCVj1KGR/5CJXX/OTlRu8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
maggotbaits.exe

Files

maggotbaits.exe
.exe windows:4 windows x86 arch:x86

Password: settings.exe

71b2038c5e67f1806d2697acd5d71cf3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDirectoryA
GlobalAlloc
ResetEvent
GlobalLock
GlobalUnlock
RemoveDirectoryA
DeleteFileA
CopyFileA
CreateDirectoryA
GetModuleHandleA
GlobalMemoryStatus
GetLocalTime
FindNextFileA
GetVersionExA
GetTempFileNameA
SetThreadIdealProcessor
SetThreadPriority
GetExitCodeProcess
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
FormatMessageA
GetSystemDefaultLangID
GetUserDefaultLangID
GetSystemInfo
CreateEventA
HeapAlloc
HeapFree
HeapReAlloc
SetFilePointer
ReadFile
ExitProcess
TerminateProcess
GetCurrentProcess
InterlockedDecrement
InterlockedIncrement
ResumeThread
CreateThread
TlsSetValue
ExitThread
GetFileType
CreateFileA
GetTimeZoneInformation
GetSystemTime
GetCurrentThreadId
GetCommandLineA
GetVersion
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
RtlUnwind
SetStdHandle
SetHandleCount
GetStdHandle
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
LCMapStringW
TlsAlloc
SetLastError
TlsGetValue
UnhandledExceptionFilter
WriteFile
HeapSize
SetEndOfFile
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeA
GetStringTypeW
FlushFileBuffers
RaiseException
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetCurrentProcessId
GetProcessHeap
IsProcessorFeaturePresent
lstrcmpiA
GetFullPathNameA
InterlockedCompareExchange
InterlockedExchange
CreateFileW
GetFileSize
OutputDebugStringA
GetStartupInfoA
CreateProcessA
FindClose
FindFirstFileA
GlobalFree
lstrcpyA
LoadLibraryA
GetProcAddress
WaitForMultipleObjects
LeaveCriticalSection
EnterCriticalSection
FreeLibrary
FindResourceA
SizeofResource
LoadResource
LockResource
FreeResource
GetLastError
GetModuleFileNameA
GetFileAttributesA
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
WaitForSingleObject
SetEvent
SetCurrentDirectoryA
CreateMutexA
CloseHandle
Sleep
ReleaseMutex
DeleteCriticalSection
InitializeCriticalSection
IsBadWritePtr

user32

CreateIconIndirect
OpenIcon
AdjustWindowRectEx
SetRect
GetWindowLongA
SetWindowLongA
RegisterClassExA
SetWindowRgn
GetClassNameA
SendMessageTimeoutA
IsWindowVisible
SetWindowPlacement
EnableWindow
MoveWindow
DestroyIcon
PostQuitMessage
DefWindowProcA
GetWindowPlacement
SetFocus
ChangeDisplaySettingsExA
EnumDisplaySettingsA
DrawMenuBar
InsertMenuItemA
CreateMenu
DialogBoxParamA
SystemParametersInfoA
GetSystemMetrics
SetCursorPos
SetMenu
ShowCursor
DestroyMenu
DestroyWindow
LoadCursorA
SetClassLongA
ClientToScreen
SetCursor
GetWindowTextA
DeleteMenu
GetSystemMenu
LoadIconA
GetWindowRect
CreateWindowExA
RegisterClassA
GetDC
ReleaseDC
FindWindowA
SetForegroundWindow
GetMessageA
TranslateMessage
DispatchMessageA
PeekMessageA
GetDlgItem
SetWindowTextA
SetWindowPos
EndDialog
GetKeyboardState
SetKeyboardState
GetCursorPos
ScreenToClient
PostMessageA
ShowWindow
GetSubMenu
TrackPopupMenu
RedrawWindow
MessageBoxA
IsIconic
SendMessageA
GetClipboardData
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
GetClientRect
EnumWindows
UpdateWindow
ChangeDisplaySettingsA

gdi32

SelectObject
TextOutA
CreateCompatibleDC
CreateFontIndirectA
SetBkMode
SetTextColor
CreateBitmap
ExtCreateRegion
GetDIBits
GetObjectA
GetDeviceCaps
DeleteObject
DeleteDC
GetStockObject
SetStretchBltMode
StretchDIBits
CreateDIBSection
EnumFontFamiliesExA

shell32

DragQueryFileA
DragAcceptFiles
Shell_NotifyIconA
FindExecutableA
ShellExecuteExA
SHGetSpecialFolderPathA
DragFinish

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA

comctl32

ord17

ole32

CoUninitialize
CoInitialize
CoCreateInstance

winmm

waveInGetNumDevs
waveOutGetDevCapsA
timeGetTime
joyGetPosEx
waveInGetDevCapsA
timeEndPeriod
mmioStringToFOURCCA
mmioOpenA
waveOutGetNumDevs
mciSendCommandA
timeGetDevCaps
timeBeginPeriod
joyGetNumDevs
mciSendStringA
mmioClose
mmioAscend
mmioDescend
mmioRead

msacm32

acmFormatSuggest
acmStreamSize
acmStreamPrepareHeader
acmStreamConvert
acmStreamUnprepareHeader
acmStreamClose
acmStreamOpen

imm32

ImmAssociateContext

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

d3d9

Direct3DCreate9

dsound

ord1

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 158KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 117KB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data1
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 282KB - Virtual size: 281KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: settings.exe

71b2038c5e67f1806d2697acd5d71cf3

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

winmm

msacm32

imm32

version

d3d9

dsound

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 158KB - Virtual size: 158KB

.data Size: 117KB - Virtual size: 2.3MB

_RDATA Size: 25KB - Virtual size: 24KB

.data1 Size: 512B - Virtual size: 224B

.sxdata Size: 512B - Virtual size: 8B

.rsrc Size: 282KB - Virtual size: 281KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 158KB - Virtual size: 158KB

.data
Size: 117KB - Virtual size: 2.3MB

_RDATA
Size: 25KB - Virtual size: 24KB

.data1
Size: 512B - Virtual size: 224B

.sxdata
Size: 512B - Virtual size: 8B

.rsrc
Size: 282KB - Virtual size: 281KB