ba61ab73a33457b7d6283faa60eaeb84

Sharing

Copy URL

Twitter E-mail

General

Target

ba61ab73a33457b7d6283faa60eaeb84
Size

64KB
MD5

ba61ab73a33457b7d6283faa60eaeb84
SHA1

59334e55181f5ffa9e2e8f35af13c57329c9fb6d
SHA256

18b46fda34f13aea0f58b3ce68390036e924ffdaca386e8e62d61c0f053f2b17
SHA512

0fbfbedd2e45e25028d94b884f93aad10fcca2e8aa8131bdc2c12fb138cdb68ef7b132a9ab444d93a476183dedd492ae3f6941d0bc74b80b8543ddb5ae166fc1
SSDEEP

1536:CHLmN+VqHbYKe4daVLUoPib5uBqTY/8A:iLnqHkKe4daVLUyUuN0A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba61ab73a33457b7d6283faa60eaeb84

Files

ba61ab73a33457b7d6283faa60eaeb84
.dll windows:4 windows x86 arch:x86

051d2f1f39bb70a7464dd28b45129fcd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LocalFileTimeToFileTime
SetFileTime
SetFilePointer
WriteFile
ReadFile
CreateFileA
SizeofResource
LockResource
FreeResource
GetTempPathA
CreateProcessA
WaitForSingleObject
GetExitCodeProcess
FreeLibrary
GetVersionExA
TerminateThread
ResetEvent
CreateThread
SetCurrentDirectoryA
CreateEventA
SetEvent
CreateMutexA
FindResourceA
LoadResource
GetCommandLineA
GetStartupInfoA
GetProcAddress
IsDBCSLeadByte
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
FindClose
GetModuleFileNameA
GetWindowsDirectoryA
DosDateTimeToFileTime
_lopen
_llseek
_lclose
FindFirstFileA
lstrcmpA
SetFileAttributesA
DeleteFileA
FindNextFileA
lstrcpyA
RemoveDirectoryA
GetSystemDirectoryA
GetShortPathNameA
lstrcatA
lstrcmpiA
lstrlenA
GetPrivateProfileIntA
GetPrivateProfileStringA
GetFileAttributesA
LocalFree
CloseHandle
LoadLibraryA
GetCurrentProcess
GetLastError
LocalAlloc
ExitThread
HeapAlloc
GetProcessHeap
HeapFree
QueryPerformanceFrequency
GetTimeZoneInformation
SetThreadPriority
MoveFileWithProgressA
FindAtomA
IsValidLanguageGroup
GetTempFileNameA
GetSystemInfo
GetDriveTypeA
lstrcpynA
GetVolumeInformationA
GetCurrentDirectoryA
LoadLibraryExA
GetModuleHandleA
CreateDirectoryA
ExpandEnvironmentStringsA
FormatMessageA
EnumResourceLanguagesA
MulDiv
GetDiskFreeSpaceA
Beep
WritePrivateProfileStringA
ExitProcess

user32

GetDesktopWindow
EnableWindow
SendDlgItemMessageA
SetWindowTextA
SetForegroundWindow
GetDlgItem
CallWindowProcA
GetWindowLongA
wsprintfA
SetWindowLongA
CharPrevA
CharUpperA
CharNextA
ExitWindowsEx
DispatchMessageA
LoadStringA
PeekMessageA
MessageBoxA
SetWindowPos
ReleaseDC
GetDC
GetWindowRect
ShowWindow
DialogBoxIndirectParamA
SetDlgItemTextA
MessageBeep
SendMessageA
GetDlgItemTextA
MsgWaitForMultipleObjects
GetSystemMetrics
EndDialog

advapi32

RegQueryInfoKeyA
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA
RegOpenKeyExA
RegDeleteValueA
FreeSid
LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken
GetTokenInformation
EqualSid
AllocateAndInitializeSid
RegCloseKey

gdi32

GetDeviceCaps

Exports

Exports

bpttvrqel

Sections

.code_1
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 636B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

051d2f1f39bb70a7464dd28b45129fcd

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

Exports

Exports

Sections

.code_1 Size: 32KB - Virtual size: 29KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 13KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 4KB - Virtual size: 636B

.code_1
Size: 32KB - Virtual size: 29KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 13KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 636B