ba9aee1479ff57d4626d187b4ff80095

General

Target

ba9aee1479ff57d4626d187b4ff80095
Size

401KB
MD5

ba9aee1479ff57d4626d187b4ff80095
SHA1

eba7e49dfcff03b1d1691c10369b484f65bceee9
SHA256

34fe04dfaa6ba1bdb4f32512caeb16969dcf33bdf2af34bc39604308644befac
SHA512

7d5485580c0436c656b310c2085c5abbe162eae8569b2e254e0a0e53c4b13b8797d19b9bbaf5c7dd874ac07581c9b557a02290379d718b74cdb3488bf37871ae
SSDEEP

12288:2+DFlerB1L6V7/rv0iexCTohR7QakZFeti7KEvDF2e2:2+qrB52/reEo/7ZQ7KEvD8e2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba9aee1479ff57d4626d187b4ff80095

Files

ba9aee1479ff57d4626d187b4ff80095
.exe windows:4 windows x86 arch:x86

ec79dc6dbb5ba593cde5ba6299e86481

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EnumDisplaySettingsExA
SetCaretPos
InflateRect
DdeAccessData
OemToCharBuffA
GetListBoxInfo
GetMenu
IsMenu
GetCursorInfo
GetKeyboardLayoutNameW
SendMessageTimeoutA
MessageBoxIndirectA
SetPropA
GetClassWord
ChangeMenuW

comdlg32

ChooseFontA
ChooseColorW
ReplaceTextW
GetSaveFileNameW

kernel32

GetVersion
GetModuleFileNameA
TlsFree
GetModuleHandleA
GetProcAddress
GetVersionExA
HeapDestroy
RtlUnwind
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsW
LeaveCriticalSection
GetModuleFileNameW
HeapAlloc
QueryPerformanceCounter
HeapFree
TlsAlloc
VirtualQuery
LoadLibraryA
GetCommandLineW
ExitProcess
GetFileType
TlsSetValue
GetCommandLineA
UnhandledExceptionFilter
GetTickCount
HeapCreate
GetCurrentThreadId
GetStartupInfoW
FreeEnvironmentStringsA
IsBadWritePtr
GetSystemTimeAsFileTime
WriteFile
GetEnvironmentStringsW
VirtualAlloc
GetNamedPipeHandleStateW
GetCurrentThread
SetLastError
GetEnvironmentStrings
MultiByteToWideChar
VirtualFree
InterlockedExchange
TlsGetValue
HeapReAlloc
TerminateProcess
GetLastError
GetCurrentProcess
WaitForDebugEvent
InitializeCriticalSection
GetSystemDefaultLangID
EnterCriticalSection
GetCurrentProcessId
DeleteCriticalSection
GetStdHandle

Sections

.text
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 276KB - Virtual size: 275KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ec79dc6dbb5ba593cde5ba6299e86481

Headers

File Characteristics

Imports

user32

comdlg32

kernel32

Sections

.text Size: 119KB - Virtual size: 118KB

.rdata Size: 3KB - Virtual size: 19KB

.data Size: 276KB - Virtual size: 275KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 119KB - Virtual size: 118KB

.rdata
Size: 3KB - Virtual size: 19KB

.data
Size: 276KB - Virtual size: 275KB

.rsrc
Size: 2KB - Virtual size: 2KB