bac903483e665a1407e4b4ceaf6c8d31

Sharing

Copy URL

Twitter E-mail

General

Target

bac903483e665a1407e4b4ceaf6c8d31
Size

463KB
MD5

bac903483e665a1407e4b4ceaf6c8d31
SHA1

4e065e8952a07df9dd8b5852e56fe5fcddc49aec
SHA256

ddc087c8fe619dc7830e9906b6829a699852c6f53ae98be1214332faf9f9cd93
SHA512

0607fc39b2e72c00ba1e7f1257198b1cf0faa16e62674edfcee9213106346a70d695839b0ebf6d733dc68126c2a887b200162a5af06f577272c0109d028004db
SSDEEP

12288:6HhoqEYcYxIvnIgNDEblkZbkrIs0a8gP8Qh8ShpMk:6BoqTcYYNQblWkIe8o8ahpM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bac903483e665a1407e4b4ceaf6c8d31

Files

bac903483e665a1407e4b4ceaf6c8d31
.exe windows:4 windows x86 arch:x86

568b6f17060d2e22f66f397ccf392ea8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
LeaveCriticalSection
VirtualFree
TlsAlloc
SetFilePointer
GetStringTypeW
GetProcAddress
HeapCreate
LCMapStringA
GetStartupInfoW
VirtualQuery
SetEnvironmentVariableA
LCMapStringW
GetCurrentProcessId
UnhandledExceptionFilter
FillConsoleOutputCharacterW
SetStdHandle
GetWindowsDirectoryW
GetTimeZoneInformation
CloseHandle
QueryPerformanceCounter
InterlockedIncrement
WriteFile
LoadLibraryA
SetHandleCount
InterlockedDecrement
ExitProcess
TerminateProcess
GetStartupInfoA
GetCurrentThread
IsBadWritePtr
GetLastError
HeapReAlloc
InterlockedExchange
GetCurrentThreadId
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTime
TlsFree
VirtualAlloc
EnterCriticalSection
OpenMutexA
GetCPInfo
GetModuleFileNameW
RtlUnwind
GetVersion
WideCharToMultiByte
MultiByteToWideChar
TlsSetValue
GetStringTypeA
SetLastError
OpenProcess
HeapDestroy
InitializeCriticalSection
GetFileType
GetTickCount
GetCommandLineA
CreateMutexA
GetModuleFileNameA
GetEnvironmentStrings
HeapFree
FreeEnvironmentStringsA
GetLocalTime
FlushFileBuffers
ReadFile
GetCurrentProcess
CompareStringA
GetCommandLineW
TlsGetValue
CompareStringW
GetStdHandle
GetModuleHandleA
GetSystemTimeAsFileTime
DeleteCriticalSection

comctl32

InitCommonControlsEx

comdlg32

LoadAlterBitmap

user32

RegisterClassA
RegisterClassExA
SetWindowPlacement

wininet

InternetCloseHandle
InternetSetCookieA
FindFirstUrlCacheEntryExA
InternetSecurityProtocolToStringA
SetUrlCacheEntryInfoA

advapi32

RegReplaceKeyW
RegCreateKeyExW
RegLoadKeyW
InitiateSystemShutdownA
DuplicateTokenEx
CryptCreateHash
LookupPrivilegeDisplayNameA
CryptGetDefaultProviderW
RegQueryValueW
CryptGenKey
RegSetValueExW
RegCreateKeyExA
CryptDestroyHash
CryptGenRandom
RegDeleteKeyW
LookupAccountNameW
CryptGetHashParam
RegQueryValueExA
CryptSetHashParam
RegRestoreKeyA
RegConnectRegistryA
LogonUserW
RegQueryMultipleValuesW
CreateServiceA

Sections

.text
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 311KB - Virtual size: 310KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

568b6f17060d2e22f66f397ccf392ea8

Headers

File Characteristics

Imports

kernel32

comctl32

comdlg32

user32

wininet

advapi32

Sections

.text Size: 137KB - Virtual size: 137KB

.rdata Size: 4KB - Virtual size: 24KB

.data Size: 311KB - Virtual size: 310KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 137KB - Virtual size: 137KB

.rdata
Size: 4KB - Virtual size: 24KB

.data
Size: 311KB - Virtual size: 310KB

.rsrc
Size: 9KB - Virtual size: 9KB