ba1b822ff231153e410e36c720ee45f0

Sharing

Copy URL Twitter E-mail

General

Target

ba1b822ff231153e410e36c720ee45f0
Size

216KB
MD5

ba1b822ff231153e410e36c720ee45f0
SHA1

0ed98c19a1989075cfd5fa44187c152b7defdbc3
SHA256

3a15f78896003607f6a6f35cc7219a99348164abf5b38daa99ae4fd6529769c4
SHA512

c92459804d8a89fd2ad2090cbb61d819e3a753a51d491a4f647663b43c50082b28977fcb27106307339c6a3b0f7a7ea11bce46a939ab5126f3ee85b2878f1117
SSDEEP

1536:BaVUOSVzXUZQb7GLSetN2NANjmafmOfjA3WUrgJmgNotuUM:UViz8a7GX2yjDlA3WTmOotuU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba1b822ff231153e410e36c720ee45f0

Files

ba1b822ff231153e410e36c720ee45f0
.exe windows:5 windows x86 arch:x86

4664597f6037999c1a7e83f5de73de70

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateFontIndirectA
LineTo
RectVisible
PatBlt
GetTextMetricsA
SetTextColor
SelectPalette
SetMapMode
GetStockObject
GetObjectA
CreateCompatibleDC
GetPixel
DeleteDC
SetStretchBltMode
CreatePen
GetClipBox
CreateSolidBrush
RestoreDC
SaveDC
CreatePalette
SetTextAlign
SetPixel
SelectObject
GetDeviceCaps
DeleteObject

kernel32

GetVersion
GetOEMCP
lstrcmpiW
GetConsoleOutputCP
GetThreadLocale
GetProcessHeap
GetDriveTypeA
GlobalFindAtomW
lstrcmpiA
GetTickCount
GetUserDefaultLangID
IsDebuggerPresent
GetCurrentProcess
SetCurrentDirectoryA
GetCurrentThreadId
GetCommandLineA
lstrcmpA
DeleteFileA
CopyFileA
GetACP
GetModuleHandleA
DeleteFileW
RemoveDirectoryW
lstrlenW
GetCurrentThread
GetWindowsDirectoryA
RemoveDirectoryA
GlobalFindAtomA
GetModuleHandleW
QueryPerformanceCounter
MulDiv
GetStartupInfoA
GetCurrentProcessId
lstrlenA
GetCommandLineW
VirtualAlloc
VirtualFree

user32

GetDesktopWindow
GetParent
GetSystemMetrics
TranslateMessage
CharNextA

glu32

gluQuadricCallback

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

slfytui
Size: 72KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

hwjtiot
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4664597f6037999c1a7e83f5de73de70

Headers

File Characteristics

Imports

gdi32

kernel32

user32

glu32

Sections

.text Size: 13KB - Virtual size: 12KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 79KB - Virtual size: 79KB

.rsrc Size: 44KB - Virtual size: 72KB

slfytui Size: 72KB - Virtual size: 100KB

hwjtiot Size: - Virtual size: 4KB

.text
Size: 13KB - Virtual size: 12KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 79KB - Virtual size: 79KB

.rsrc
Size: 44KB - Virtual size: 72KB

slfytui
Size: 72KB - Virtual size: 100KB

hwjtiot
Size: - Virtual size: 4KB