bac052459f3d561eb82e8ab81efef68b

Sharing

Copy URL

Twitter E-mail

General

Target

bac052459f3d561eb82e8ab81efef68b
Size

416KB
MD5

bac052459f3d561eb82e8ab81efef68b
SHA1

3e3667ca699602514097978b2b164bf4b35f7eb3
SHA256

426760bbc06d7c5c98c73a254a502e42726b346a6f11a1a94c0f6dbf46863b2d
SHA512

352cc2989e53d31fb564294661ca1b7c4d2103507f9d5deae7c80f7e1849b76a20612d2ce006a092d1f468b4bea2093064f7b823c8e78758621dbd37a4c13fcd
SSDEEP

6144:addh8AJslC1P7L0vkuqT0A/Imq+Mh0TfGSLkCwHouO:adlJgCxH0vkui/SF4ACIoB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bac052459f3d561eb82e8ab81efef68b

Files

bac052459f3d561eb82e8ab81efef68b
.exe windows:4 windows x86 arch:x86

d2b2a3465225b1376c0a6a4d01893396

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\selgpzjbn\fzle\topjae\taaeqt.pdb

Imports

shell32

SHGetInstanceExplorer
SHInvokePrinterCommandW
SHGetDesktopFolder

user32

PeekMessageA
GetClassNameA
MessageBoxA
CountClipboardFormats
DefWindowProcW
CallWindowProcW
GetWindowTextW
RegisterClassExA
CharUpperBuffW
DragObject
SetScrollInfo
RegisterClassA
BroadcastSystemMessage
SetUserObjectInformationA
GetSysColor
CreateDialogIndirectParamA
DialogBoxIndirectParamA
MonitorFromWindow
DestroyWindow
DefWindowProcA
GetClipboardFormatNameW
SetSysColors
GetKeyboardLayoutNameA
SendMessageTimeoutW
DeferWindowPos
DdeImpersonateClient
CreateWindowExA
IsDialogMessageW
LoadStringW
MapVirtualKeyW
LookupIconIdFromDirectory
ShowWindow

advapi32

RegLoadKeyW
RegCloseKey

kernel32

LCMapStringW
HeapFree
TerminateProcess
LockResource
ExpandEnvironmentStringsW
GetFileAttributesA
HeapAlloc
GetAtomNameW
GetSystemTimeAsFileTime
GetLastError
GetVersionExA
MultiByteToWideChar
ReadFile
LeaveCriticalSection
VirtualFree
GetCurrentProcessId
DeleteCriticalSection
DeleteAtom
SetFilePointer
QueryPerformanceCounter
LCMapStringA
GetStartupInfoA
CompareStringA
GetCurrentThreadId
SetThreadContext
InterlockedExchange
SetHandleCount
SetStdHandle
CompareStringW
CreateMutexA
GetTimeZoneInformation
MapViewOfFileEx
FreeEnvironmentStringsW
SetEnvironmentVariableA
TlsGetValue
WaitForDebugEvent
InterlockedIncrement
GetConsoleMode
WriteFile
InitializeCriticalSection
VirtualQuery
TlsAlloc
SetUnhandledExceptionFilter
InterlockedDecrement
HeapCreate
GetLocaleInfoW
GetConsoleCP
GetNamedPipeHandleStateW
GetStringTypeW
EnumSystemCodePagesA
IsDebuggerPresent
ExitProcess
GetEnvironmentStrings
GetFileType
GetModuleFileNameA
GetSystemDirectoryA
HeapSize
GetOEMCP
GetProcessHeap
GlobalUnfix
GetACP
RaiseException
GetStdHandle
GetDiskFreeSpaceW
EnterCriticalSection
EnumTimeFormatsW
GetCommandLineA
OpenWaitableTimerW
SetLastError
TlsFree
CloseHandle
VirtualAlloc
GetProcAddress
TlsSetValue
GetLongPathNameA
GetUserDefaultLCID
WriteConsoleW
CreateFileA
GetTimeFormatW
GetDiskFreeSpaceExW
GetDateFormatA
IsValidLocale
GetCurrentThread
GetTickCount
OpenMutexA
FlushFileBuffers
GetTimeFormatA
GetLocaleInfoA
GlobalAlloc
EnumSystemLocalesA
FreeEnvironmentStringsA
SetConsoleCursorPosition
GetVolumeInformationW
RtlUnwind
WriteConsoleOutputAttribute
GetConsoleOutputCP
DosDateTimeToFileTime
GetCurrentProcess
WriteProfileStringW
RemoveDirectoryW
WriteConsoleA
InterlockedExchangeAdd
LocalFree
GetModuleHandleA
SetConsoleCtrlHandler
GetStringTypeA
UnhandledExceptionFilter
FreeLibrary
OpenFile
WideCharToMultiByte
IsValidCodePage
Sleep
HeapDestroy
GetEnvironmentStringsW
HeapReAlloc
GetCPInfo
LoadLibraryA

comctl32

DrawStatusText
InitCommonControlsEx
CreateUpDownControl
CreatePropertySheetPage
ImageList_LoadImage
ImageList_Copy
CreateToolbar

Sections

.text
Size: 168KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d2b2a3465225b1376c0a6a4d01893396

Headers

File Characteristics

PDB Paths

Imports

shell32

user32

advapi32

kernel32

comctl32

Sections

.text Size: 168KB - Virtual size: 164KB

.rdata Size: 76KB - Virtual size: 74KB

.data Size: 92KB - Virtual size: 118KB

.rsrc Size: 76KB - Virtual size: 72KB

.text
Size: 168KB - Virtual size: 164KB

.rdata
Size: 76KB - Virtual size: 74KB

.data
Size: 92KB - Virtual size: 118KB

.rsrc
Size: 76KB - Virtual size: 72KB