bac9624936d7348957c717adade4bcd8

Sharing

Copy URL Twitter E-mail

General

Target

bac9624936d7348957c717adade4bcd8
Size

1.8MB
MD5

bac9624936d7348957c717adade4bcd8
SHA1

3ab19697a357d00969aac8e2d2c813d872002e90
SHA256

c1b31d5120f30e942115ba6f051adabea43d995685b252c87bef94a9b955bf5f
SHA512

c69828661f953285d349d88bcf906603b2e251a6ebd6f4b8c062bbe9343bd59864ce63e0d82b2814f7cbcfaf83c08683c4d83fc7b4c5debeabb0e3f7d972bd0c
SSDEEP

24576:uMKLGS5tgvx9cXWzJN+2z0Iiao6+Hr9fEwXMeDsIMwTZad/6XExB9m0hYqwjS6xM:iN5Cb0Ifo3L9fEbbwT+/Nm1qOS67m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bac9624936d7348957c717adade4bcd8

Files

bac9624936d7348957c717adade4bcd8
.exe windows:4 windows x86 arch:x86

f77e9449a59c93d2bf7b9a8d1ed594a9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegSetValueExA
RegQueryValueExA
RegDeleteKeyA

kernel32

GetModuleHandleA
GetCurrentProcessId
GetCommandLineA
GetTickCount
GetVersion
GetCurrentThread
GetLastError
GetCurrentThreadId
ExitProcess
HeapAlloc
GetProcessHeap
GetOEMCP
VirtualAlloc
FindResourceA
Sleep
VirtualFree
UnmapViewOfFile
IsValidCodePage
SizeofResource
SetStdHandle
GetModuleHandleW
GetACP
lstrcpynA
CloseHandle
ReadFile
MapViewOfFile
RaiseException
WideCharToMultiByte
GetCommandLineW
LockResource
GetEnvironmentStrings
RemoveDirectoryA
GetEnvironmentStringsW
LCMapStringA
GetConsoleCP
GlobalFree
lstrlenA
HeapCreate
LCMapStringW
CreateFileA
GetFileType
CreateEventA
CreateFileW
CreateEventW
GlobalLock
WaitForMultipleObjects
FindFirstFileW
CompareStringA
FindFirstFileA
lstrcmpA
CompareStringW
GetSystemInfo
GetProcAddress
DeleteFileW
GetEnvironmentVariableA
DeleteFileA
GetFileSize
GetStartupInfoA
LoadLibraryA
FlushFileBuffers
TlsAlloc
QueryPerformanceCounter
FreeLibrary
LoadLibraryW
SetHandleCount
EnterCriticalSection
WriteConsoleW
GetLocaleInfoA
SetEndOfFile
WriteConsoleA
TerminateProcess
MulDiv
SetUnhandledExceptionFilter
CreateThread
SetFilePointer
MultiByteToWideChar
LoadLibraryExW
UnhandledExceptionFilter
GetModuleFileNameA
GetVersionExA
IsDebuggerPresent
GetModuleFileNameW
InitializeCriticalSection
SetLastError
FormatMessageA
InterlockedDecrement
FindClose
LoadResource
GetTimeZoneInformation
LocalFree
SetEvent
GetSystemTimeAsFileTime
WriteFile
InterlockedExchange
GetCPInfo
FreeEnvironmentStringsW
LocalAlloc
GetConsoleMode
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
GetFileAttributesW
HeapFree
HeapDestroy
FindNextFileA
GetDriveTypeA
WaitForSingleObject
GetFileAttributesA
FileTimeToSystemTime
GetStdHandle

user32

SetCursor
GetClientRect
SendMessageA
InvalidateRect
SystemParametersInfoA
GetSysColor
MessageBoxA
EndDialog
GetDesktopWindow
LoadCursorA
GetDlgItem
DispatchMessageA
SetWindowTextA
SetWindowLongA
SetCapture
GetSystemMetrics
DefWindowProcA
BeginPaint
SetFocus
GetSubMenu
CreateWindowExA
GetWindowLongA
EnableMenuItem
TranslateMessage
ShowWindow
DestroyWindow
GetKeyState
ReleaseDC
GetDC
EndPaint
SetWindowPos
PostQuitMessage
SetForegroundWindow

Sections

.text
Size: 1.7MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f77e9449a59c93d2bf7b9a8d1ed594a9

Headers

File Characteristics

Imports

advapi32

kernel32

user32

Sections

.text Size: 1.7MB - Virtual size: 2.1MB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 11KB - Virtual size: 10KB

.rsrc Size: 32KB - Virtual size: 31KB

.text
Size: 1.7MB - Virtual size: 2.1MB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 11KB - Virtual size: 10KB

.rsrc
Size: 32KB - Virtual size: 31KB