bab0532e4677e8eb6cf4f4819ab2c6f5

General

Target

bab0532e4677e8eb6cf4f4819ab2c6f5
Size

39KB
MD5

bab0532e4677e8eb6cf4f4819ab2c6f5
SHA1

1ff18ac5b44f9c1144bb4ba1f6ba8a54ec8e6e34
SHA256

426aaf386521c910a88e9bc9cc7baf70f05168761a1b37c3bc62f6cb25a103f6
SHA512

7bccf9cac7f7da567023331a873734ca849f14f8632490161a9e01296cbeda2454c395e0eb24a443cb4035f00b150e1074987457e3adee47d72e7bda3efb8484
SSDEEP

768:mbdEq888vky0ea0xbxQwnSOKcfmoiukKpm8FX8oqRmYBGnWLv:eET88IunKcfVGdRknWL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bab0532e4677e8eb6cf4f4819ab2c6f5

Files

bab0532e4677e8eb6cf4f4819ab2c6f5
.exe windows:4 windows x86 arch:x86

9aca63dcbf5b9bce1167aa8b33ebec56

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ConvertDefaultLocale
CreateRemoteThread
EnumCalendarInfoA
EnumResourceTypesW
EnumSystemCodePagesW
EnumTimeFormatsA
ExitProcess
GenerateConsoleCtrlEvent
GetComputerNameA
GetCurrencyFormatW
GetCurrentDirectoryA
GetSystemTime
GetTimeZoneInformation
InitAtomTable
InitializeCriticalSection
IsProcessorFeaturePresent
OutputDebugStringW
SetHandleInformation
SystemTimeToFileTime
TransmitCommChar
VirtualProtect
WritePrivateProfileSectionW
WritePrivateProfileStringA
_lclose

user32

AnimateWindow
CharPrevExA
ChildWindowFromPoint
DdeCreateDataHandle
DdeCreateStringHandleW
DlgDirListComboBoxW
DlgDirSelectExA
DrawFrame
FlashWindowEx
GetClassInfoW
GetClassLongA
GetMenuState
GetScrollInfo
IsChild
RedrawWindow
RemovePropA
SendIMEMessageExW
SetPropA
SwitchDesktop
WaitForInputIdle

gdi32

Arc
ChoosePixelFormat
CreateBitmapIndirect
CreateColorSpaceW
CreateCompatibleDC
CreateDCA
CreatePen
ExcludeClipRect
ExtTextOutA
FixBrushOrgEx
GdiGetBatchLimit
GetBrushOrgEx
GetEnhMetaFileBits
GetKerningPairsW
GetMapMode
GetMetaRgn
GetWindowExtEx
GetWorldTransform
OffsetWindowOrgEx
PolyPolyline
RealizePalette
ResetDCA
SetICMMode
SetMiterLimit
SetViewportOrgEx
WidenPath

Sections

.text
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 38KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9aca63dcbf5b9bce1167aa8b33ebec56

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 512B - Virtual size: 20KB

.data Size: 38KB - Virtual size: 52KB

.idata Size: - Virtual size: 16KB

.rsrc Size: - Virtual size: 4KB

.text
Size: 512B - Virtual size: 20KB

.data
Size: 38KB - Virtual size: 52KB

.idata
Size: - Virtual size: 16KB

.rsrc
Size: - Virtual size: 4KB