baa14892eaaa0ef610fb3c1349529d61

Sharing

Copy URL

Twitter E-mail

General

Target

baa14892eaaa0ef610fb3c1349529d61
Size

33KB
MD5

baa14892eaaa0ef610fb3c1349529d61
SHA1

53b7eb9c9b6f40d9f3b3bd65f8d6213164645f14
SHA256

8d8a2f05c6cd7cf8887f7f434eedc5cf9338afd5bf40eaf321f1575ef9a86cd8
SHA512

b0b9d0ae1a6990c320f42ea5536e8b867cd80b1ddaf59efda357662cd753278d28addc768fbfca034555cea4c85dbb1f7f215af656d60da66d3ca6e5eaabfd55
SSDEEP

768:7ttttttttttMlryFstI/1qwya/HB5Jbn6ioaORAgpm/K4SbtkpDzNp/:INU4Ja/h5JbXORmSbtkND

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
baa14892eaaa0ef610fb3c1349529d61

Files

baa14892eaaa0ef610fb3c1349529d61
.exe windows:4 windows x86 arch:x86

b1b5b590ed7795d36ad1117ab71181d0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

samlib

SamRemoveMultipleMembersFromAlias
SamConnectWithCreds

kernel32

TlsSetValue
GetStartupInfoA
GetVersionExA
GetModuleFileNameW
CreateSemaphoreA
GetTempFileNameA
DuplicateHandle
_lread
ExitProcess
SizeofResource
lstrcmpiA
WaitForSingleObject
GlobalDeleteAtom
UnhandledExceptionFilter
SetStdHandle
GetSystemTime
CreateFileA
GetLocaleInfoA
lstrcpyA
FreeEnvironmentStringsW
LoadLibraryExA
FindFirstFileA
LockResource
SetCurrentDirectoryA
InterlockedIncrement
HeapDestroy
LeaveCriticalSection
GetDateFormatA
ReleaseSemaphore
GlobalUnlock
HeapAlloc
LCMapStringW
FormatMessageA
ReadFile
DeleteCriticalSection
ExitThread
lstrcatA
FindResourceA
FileTimeToLocalFileTime
GlobalSize
GetCPInfo
LCMapStringA
DeleteFileA
SetFilePointer
CreateThread
GetCurrentThreadId
GetOEMCP
LoadResource
GetModuleFileNameA
GetProfileStringA
SetFileAttributesA
_lwrite
InterlockedDecrement
TlsGetValue
CloseHandle
FlushInstructionCache
OpenProcess
lstrlenA
VirtualProtect
GetSystemDefaultLCID
MulDiv
FreeResource
GetStringTypeW
lstrcpynA
FindClose
_lclose
SetFileTime
GlobalAlloc
SearchPathA
GetTempPathA
WriteFile
SetEndOfFile
GetFileTime
GetSystemDirectoryA
FlushFileBuffers
GetFullPathNameA
GetEnvironmentStringsW
GetLastError
GlobalFree
GetCommandLineA
CreateEventA
Sleep
SetEnvironmentVariableA
GetACP
VirtualAlloc
IsBadCodePtr
GetStringTypeExA
GetVersion
RaiseException
GetCurrentProcess
GetStringTypeA
HeapFree
GetTimeZoneInformation
WideCharToMultiByte
GlobalHandle
SetLocalTime
TerminateProcess
GlobalReAlloc
EnterCriticalSection
GetSystemDefaultLangID
GetFileAttributesA
GlobalLock
RemoveDirectoryA
IsBadReadPtr
LockFile
GlobalAddAtomA
GetFileType
HeapCreate
HeapSize
SetEvent
SetHandleCount
CompareStringW
CreateDirectoryA
GetEnvironmentStrings
VirtualFree
LoadLibraryA
FindNextFileA
HeapReAlloc
SystemTimeToFileTime
ResetEvent
GetModuleHandleA
IsDBCSLeadByte
SetLastError
RtlUnwind
CompareStringA
GetLocalTime
SetErrorMode
FreeLibrary
WinExec
InitializeCriticalSection
GetProcAddress
GetTickCount
MoveFileA
CreateProcessW
FormatMessageW
GetCurrentProcessId
GetExitCodeProcess
lstrcmpA
TlsFree
FreeEnvironmentStringsA
CreateProcessA
VirtualQuery
GetSystemInfo
GetStdHandle
GetUserDefaultLangID
GetWindowsDirectoryA
GetDriveTypeA
MultiByteToWideChar
TlsAlloc
GetUserDefaultLCID
GetVolumeInformationA
lstrcmpiW
UnlockFile
_llseek
FileTimeToSystemTime
GetShortPathNameA
GetCurrentDirectoryA

advapi32

LookupPrivilegeValueA
ReportEventA
RegCloseKey
RegEnumKeyW
RegEnumValueW
SetSecurityDescriptorDacl
RegQueryInfoKeyA
RegDeleteValueW
RegOpenKeyExA
DeregisterEventSource
RegSetValueExW
RegQueryValueExW
RegDeleteKeyW
RegEnumValueA
RegCreateKeyA
AdjustTokenPrivileges
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyA
RegDeleteValueA
RegOpenKeyW
RegisterEventSourceA
RegSetValueA
InitializeSecurityDescriptor
RegQueryValueExA
RegQueryValueA
OpenProcessToken
RegCreateKeyW
RegSetValueExA

user32

DdeInitializeA
MessageBoxIndirectA
EqualRect
IsDialogMessageA
FillRect
EndDialog
AttachThreadInput
SetWindowRgn
CharToOemA
RegisterClipboardFormatA
DdePostAdvise
CopyRect
WindowFromPoint
EmptyClipboard
CreateDialogParamA
DdeQueryConvInfo
GetWindowTextLengthA
DdeGetData
SendDlgItemMessageA
DdeCmpStringHandles
SetPropA
DestroyWindow
SetActiveWindow
GetClassNameA
GetDCEx
DefWindowProcA
AppendMenuA
GetFocus
EnumClipboardFormats
DdeConnect
PostQuitMessage
GetClassInfoA
ToAscii
DrawFrameControl
EnumThreadWindows
SetTimer
MessageBeep
ClipCursor
KillTimer
UnregisterClassA
BeginPaint
CopyAcceleratorTableA
CharNextA
GetCursor
GetLastActivePopup
RegisterClassA
GetQueueStatus
WaitForInputIdle
LoadCursorA
CreateCaret
DialogBoxParamA
OpenClipboard
SetCursor
GetWindowTextA
GetClassInfoExA
GetCaretBlinkTime
DestroyAcceleratorTable
CallNextHookEx
GetKeyState
DrawFocusRect
IsWindowVisible
DefFrameProcA
DdeClientTransaction
CharUpperBuffA
GetWindowDC
SetKeyboardState
GetWindowThreadProcessId
GetWindowRect
GetCursorPos
EnableMenuItem
DefMDIChildProcA
DrawMenuBar
SetWindowTextA
IsWindow
CallWindowProcA
FindWindowA
InvalidateRect
ModifyMenuA
ClientToScreen
SetParent
GetSystemMenu
DdeCreateDataHandle
RemoveMenu
SetScrollPos
SetForegroundWindow
CharLowerA
GetKeyboardLayout
GetMenuStringA
SetMenu
IsRectEmpty
DeleteMenu
CharPrevA
SetWindowsHookExA
GetWindowLongA
SetScrollInfo
SetWindowsHookExW
GetMessagePos
WinHelpA
VkKeyScanW
GetMenuItemCount
GetMenuItemID
DdeFreeStringHandle
GetDesktopWindow
keybd_event
SetCaretPos
GetCaretPos
SetRect
GetCapture
SetWindowLongA
RegisterClassExA
PostMessageA
DestroyIcon
DdeUninitialize
CreateWindowExA
CharLowerBuffW
GetScrollInfo
SetWindowPos
SetScrollRange
ShowWindow
GetActiveWindow
GetMenu
GetWindow
CreateIcon
GetDlgItem
CreateMenu
DdeFreeDataHandle
DrawTextA
DdeAbandonTransaction
GetUpdateRgn
GetTabbedTextExtentA
CreateAcceleratorTableA
SystemParametersInfoA
GetClipboardData
ReleaseCapture
GetMenuItemInfoA
IsWindowEnabled
GetSubMenu
TrackPopupMenu
OemToCharA
CreateCursor
LoadBitmapA
PtInRect
FindWindowW
EndPaint
DdeNameService
TabbedTextOutA
DestroyCursor
SetMenuDefaultItem
GetSystemMetrics
EndDeferWindowPos
CheckMenuItem
UnhookWindowsHookEx
GetWindowRgn
InflateRect
SetDlgItemTextA
CharUpperBuffW
DestroyMenu
DdeCreateStringHandleA
SetWindowContextHelpId
InsertMenuA
AdjustWindowRectEx
CharToOemBuffA
LockWindowUpdate
TranslateMDISysAccel
IsClipboardFormatAvailable
SetFocus
MapWindowPoints
CharUpperA
DdeGetLastError
CharLowerBuffA
DestroyCaret
GetPropA
RemovePropA
CreatePopupMenu
BeginDeferWindowPos
SetCursorPos
SetCapture
DrawIcon
GetSysColor
LoadAcceleratorsA
FrameRect
HideCaret
AdjustWindowRect
DdeSetUserHandle
ScreenToClient
ShowCaret
GetDoubleClickTime
LoadStringA
SetClipboardData
GetScrollPos
wsprintfA
LoadImageA
IsZoomed
ReleaseDC
SubtractRect
GetIconInfo
WaitMessage
EnableWindow
IsCharAlphaA
GetParent
GetClientRect
MsgWaitForMultipleObjects
GetDC
InvalidateRgn
GetKeyboardState
ShowScrollBar
IntersectRect
CloseClipboard
PostMessageW
MoveWindow
GetClipboardFormatNameA
GetAsyncKeyState
GetUpdateRect
TranslateMessage
PostThreadMessageA
SetMenuItemInfoA
PeekMessageW
UpdateWindow
DeferWindowPos
IsChild
BringWindowToTop
DdeDisconnect
GetMessageTime
PeekMessageA
ShowCursor
LoadIconA
OffsetRect
GetMenuState
DdeQueryStringA
DispatchMessageA
SendMessageA
GetForegroundWindow
IsIconic
MessageBoxA
VkKeyScanA

ddraw

DirectDrawEnumerateA

ws2_32

setsockopt

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b1b5b590ed7795d36ad1117ab71181d0

Headers

DLL Characteristics

File Characteristics

Imports

samlib

kernel32

advapi32

user32

ddraw

ws2_32

Sections

.text Size: 1KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 80KB

.idata Size: 11KB - Virtual size: 10KB

.rsrc Size: 10KB - Virtual size: 10KB

.rdata Size: 8KB - Virtual size: 7KB

.reloc Size: 512B - Virtual size: 56B

.text
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 80KB

.idata
Size: 11KB - Virtual size: 10KB

.rsrc
Size: 10KB - Virtual size: 10KB

.rdata
Size: 8KB - Virtual size: 7KB

.reloc
Size: 512B - Virtual size: 56B