ba9b5294b9a4c095f0d96be879f22549

Sharing

Copy URL Twitter E-mail

General

Target

ba9b5294b9a4c095f0d96be879f22549
Size

429KB
MD5

ba9b5294b9a4c095f0d96be879f22549
SHA1

85f24d58a781b5b8d3c13f4fcf6fdd26fc073aee
SHA256

af788ce7b955db00b405a9295eab3238484cb8142c2df38d89fbb541266d2e34
SHA512

5e69043189f0373626b6c9c09e83045acf583bc70700f19941a554ddce3916fd1b5ae1e8ee306f780cea3276a7a07a443c9320d11668dbb5f2fa297e2dee1842
SSDEEP

6144:Y76jgjXRugfi1YIGQNm+wMmo5PrUlrfCbV3GQHpMxgMLtoPzrVRMjbPFqcxKNIxH:Lct6PoMmaPrKCbIKS2rV2nokY/uKTUI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba9b5294b9a4c095f0d96be879f22549

Files

ba9b5294b9a4c095f0d96be879f22549
.exe windows:4 windows x86 arch:x86

3721a9200dd594562b1198c220e1dda9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSetValueW
LookupPrivilegeNameA
CryptDecrypt
LookupAccountNameW
RevertToSelf
CryptSetProviderA
CryptVerifySignatureA
InitializeSecurityDescriptor
RegCreateKeyExW
RegEnumKeyA

gdi32

GetPixelFormat
RectVisible
SetMagicColors
SetPixelFormat
SetPaletteEntries
SetRectRgn
SetArcDirection
DeleteColorSpace
PlayEnhMetaFile
AbortDoc
SetStretchBltMode

kernel32

LCMapStringA
GetOEMCP
SetEnvironmentVariableA
ExitProcess
GetCurrentProcess
GetSystemTimeAsFileTime
TlsFree
IsDebuggerPresent
GetCurrencyFormatW
GetFileType
GetProcAddress
FreeEnvironmentStringsA
IsValidCodePage
GlobalAddAtomA
GetModuleHandleW
GetWindowsDirectoryW
TlsSetValue
InitializeCriticalSectionAndSpinCount
GetStdHandle
HeapAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetUserDefaultLCID
Sleep
GetCurrentThread
RtlUnwind
GetLocaleInfoA
WritePrivateProfileSectionA
GetACP
CompareStringA
SetLastError
TerminateProcess
LeaveCriticalSection
GetEnvironmentStringsW
VirtualQuery
GetCPInfo
HeapCreate
DeleteFileA
GetDateFormatA
LCMapStringW
SetHandleCount
GetMailslotInfo
GetModuleHandleA
GetEnvironmentStrings
EnumResourceTypesW
GetLastError
InterlockedDecrement
SetFileAttributesW
IsValidLocale
GetCommandLineA
FreeLibrary
GetStartupInfoA
EnterCriticalSection
SetUnhandledExceptionFilter
VirtualFree
HeapSize
HeapFree
DeleteCriticalSection
TlsGetValue
ReadFile
GetStringTypeA
GetCurrentThreadId
HeapDestroy
InterlockedIncrement
CompareStringW
GetFileAttributesExW
TlsAlloc
WriteFile
SetConsoleCtrlHandler
GetStringTypeW
GetLocaleInfoW
InterlockedExchange
GetTickCount
GetCurrentProcessId
WideCharToMultiByte
VirtualAlloc
GetTimeFormatA
QueryPerformanceCounter
MultiByteToWideChar
SetVolumeLabelW
GetModuleFileNameA
GetTimeZoneInformation
HeapReAlloc
EnumSystemLocalesA
LoadLibraryA

user32

SetLastErrorEx
GetFocus
SetMenuItemInfoW
GetClipboardFormatNameW
CreateMDIWindowW
DrawTextExA
WindowFromDC
LoadIconW
GetQueueStatus
SetWindowRgn

comdlg32

GetFileTitleW
PrintDlgA
ReplaceTextA
GetSaveFileNameA

wininet

SetUrlCacheConfigInfoA

Sections

.text
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 278KB - Virtual size: 278KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3721a9200dd594562b1198c220e1dda9

Headers

File Characteristics

Imports

advapi32

gdi32

kernel32

user32

comdlg32

wininet

Sections

.text Size: 129KB - Virtual size: 129KB

.rdata Size: 9KB - Virtual size: 33KB

.data Size: 278KB - Virtual size: 278KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 129KB - Virtual size: 129KB

.rdata
Size: 9KB - Virtual size: 33KB

.data
Size: 278KB - Virtual size: 278KB

.rsrc
Size: 11KB - Virtual size: 10KB