bac123f17901f9f50dbfebd74e5b47bf

Sharing

Copy URL

Twitter E-mail

General

Target

bac123f17901f9f50dbfebd74e5b47bf
Size

1.0MB
MD5

bac123f17901f9f50dbfebd74e5b47bf
SHA1

18710e0e8bbd83d77db4e82919475118ce59c2fa
SHA256

30205694696d835adaa8338884e423171698830948eece63dc87287abbb60b40
SHA512

4f64719e25c1f2b96f6e98a8a25f3cd1bff798cf44a850d53c82c4e6acb572f387bf9255936e38e42137aaabbd8d3f2e700b3d41a9f2046e15e54f3d81d4bc86
SSDEEP

24576:eD0IDMyDGxDaLDTKDomZDQDDMkPp37URgKFoAERXFgyNtKcRGTeziE:eDDDMyDiDaLDTKDpZDQDDD9mgKF2XVN6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bac123f17901f9f50dbfebd74e5b47bf

Files

bac123f17901f9f50dbfebd74e5b47bf
.exe windows:5 windows x86 arch:x86

3b0faf8e8c2fd32d0bea62275d244a4a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msacm32

acmStreamClose

msvcrt

_except_handler3
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
_exit

kernel32

DeleteFileA
DeleteFileW
DeviceIoControl
DuplicateHandle
FindClose
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
FindResourceW
FlushFileBuffers
FormatMessageA
FormatMessageW
FreeConsole
FreeEnvironmentStringsW
GetACP
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentThread
GetDiskFreeSpaceW
GetDriveTypeA
GetDriveTypeW
GetEnvironmentStringsW
GetExitCodeProcess
GetExitCodeThread
GetFileAttributesA
GetFileAttributesExW
GetFileAttributesW
GetFullPathNameA
GetFullPathNameW
GetLastError
GetLocaleInfoA
GetLocalTime
GetLogicalDrives
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetPrivateProfileIntA
GetPrivateProfileIntW
GetPrivateProfileStringA
GetPrivateProfileStringW
GetProcAddress
GetStartupInfoW
GetStdHandle
GetSystemDefaultLangID
GetSystemDirectoryA
GetSystemDirectoryW
GetSystemInfo
GetSystemTimeAsFileTime
GetTempPathA
GetTempPathW
DeleteCriticalSection
GetThreadLocale
GetTimeZoneInformation
GetVersionExA
GetVersionExW
GetVolumeInformationA
GetSystemPowerStatus
GetWindowsDirectoryA
GetVolumeInformationW
GetWindowsDirectoryW
GlobalAddAtomW
GlobalDeleteAtom
GlobalFindAtomW
InterlockedCompareExchange
InterlockedExchange
IsBadCodePtr
IsBadReadPtr
IsBadStringPtrW
IsBadWritePtr
LoadLibraryExA
LoadLibraryW
LoadResource
LocalFree
LockResource
lstrcpyW
lstrlenA
lstrlenW
MapViewOfFile
MoveFileA
MoveFileW
MulDiv
MultiByteToWideChar
OpenEventA
OpenEventW
OpenFileMappingA
OpenFileMappingW
OutputDebugStringA
OutputDebugStringW
PeekNamedPipe
QueryDosDeviceW
ReadFile
ReleaseMutex
RemoveDirectoryA
RemoveDirectoryW
ResetEvent
ResumeThread
SetConsoleTitleW
SetEndOfFile
SetEvent
SetFileAttributesA
SetFileAttributesW
SetFilePointer
SetFileTime
SetHandleInformation
SetLastError
SetThreadExecutionState
SetUnhandledExceptionFilter
SetVolumeLabelW
Sleep
SuspendThread
SystemTimeToFileTime
TerminateProcess
TerminateThread
UnmapViewOfFile
VirtualAlloc
VirtualFree
WaitForSingleObject
WideCharToMultiByte
WinExec
WriteConsoleW
DefineDosDeviceW
WritePrivateProfileStringA
WritePrivateProfileStringW
GetStartupInfoA
DefineDosDeviceA
CreateThread
CreateProcessW
CreateProcessA
CreatePipe
CreateMutexW
CreateFileW
CreateFileA
CreateEventW
CreateEventA
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetVersion
GetCommandLineA
InitializeCriticalSection
EnterCriticalSection
GetTickCount
ExitProcess
LeaveCriticalSection
LoadLibraryA
GetThreadContext
WriteFile

user32

GetMenuDefaultItem
GetMenuItemCount
GetMenuItemID
GetMenuItemInfoW
GetMenuItemRect
GetMenuState
GetMessagePos
GetParent
GetPropW
GetScrollInfo
GetSubMenu
GetSysColorBrush
GetSystemMenu
GetWindowDC
GetWindowLongW
GetWindowRect
GetWindowTextW
GrayStringW
InflateRect
InsertMenuW
IntersectRect
InvalidateRect
IsChild
IsDlgButtonChecked
IsIconic
IsMenu
IsRectEmpty
IsWindowVisible
IsZoomed
KillTimer
LoadBitmapW
LoadCursorW
LoadIconW
LoadImageW
LoadMenuW
MessageBeep
MessageBoxW
ModifyMenuW
MoveWindow
OffsetRect
PeekMessageW
PostMessageW
PtInRect
RedrawWindow
RegisterClassW
ReleaseCapture
ReleaseDC
EndDialog
GetKeyState
SendMessageA
SendMessageW
SetCapture
SetCursor
SetForegroundWindow
SetParent
SetPropW
SetRect
SetScrollInfo
SetTimer
SetWindowLongW
SetWindowPos
SetWindowRgn
SetWindowsHookExW
SetWindowTextW
ShowWindow
SystemParametersInfoW
TabbedTextOutW
TranslateMessage
UnhookWindowsHookEx
UpdateWindow
WindowFromDC
WindowFromPoint
wsprintfW
DrawTextW
DrawTextExW
DrawStateW
DrawMenuBar
DrawIconEx
DrawFocusRect
DrawEdge
DispatchMessageW
DestroyMenu
DestroyIcon
DestroyCursor
DeleteMenu
DefWindowProcW
CreateWindowExW
CreatePopupMenu
CopyRect
CopyIcon
ClientToScreen
CharUpperW
CharUpperA
CharPrevA
EnableWindow
GetIconInfo
GetFocus
GetDlgItemTextA
GetDlgCtrlID
GetDesktopWindow
GetDCEx
GetCursorPos
GetClientRect
GetClassNameW
GetCapture
GetAsyncKeyState
FrameRect
FillRect
ExitWindowsEx
ScreenToClient
EnumDisplaySettingsW
RemovePropW
EnableMenuItem

advapi32

SetThreadToken
RevertToSelf
RegUnLoadKeyW
RegUnLoadKeyA
RegSetValueExW
RegSetKeySecurity
RegSaveKeyW
RegQueryValueW
RegQueryValueExW
RegQueryInfoKeyW
RegOpenKeyW
RegOpenKeyExW
RegOpenKeyA
RegLoadKeyW
RegLoadKeyA
RegGetKeySecurity
RegFlushKey
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
RegQueryValueExA
RegOpenKeyExA
GetAclInformation
GetLengthSid
GetSecurityDescriptorControl
GetSecurityDescriptorDacl
GetSecurityDescriptorGroup
GetSecurityDescriptorLength
GetSecurityDescriptorOwner
GetSecurityDescriptorSacl
GetTokenInformation
GetUserNameW
ImpersonateSelf
InitializeAcl
IsValidSid
LookupAccountNameW
LookupPrivilegeValueW
MakeSelfRelativeSD
OpenProcessToken
OpenThreadToken
RegCreateKeyExW
RegDeleteKeyW
RegCloseKey

ole32

CoInitialize

Sections

.text
Size: 420KB - Virtual size: 419KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 14.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.recl
Size: 560KB - Virtual size: 557KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3b0faf8e8c2fd32d0bea62275d244a4a

Headers

File Characteristics

Imports

msacm32

msvcrt

kernel32

user32

advapi32

ole32

Sections

.text Size: 420KB - Virtual size: 419KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 14.0MB

.recl Size: 560KB - Virtual size: 557KB

.rsrc Size: 72KB - Virtual size: 72KB

.text
Size: 420KB - Virtual size: 419KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 14.0MB

.recl
Size: 560KB - Virtual size: 557KB

.rsrc
Size: 72KB - Virtual size: 72KB