bacd7f16f64ab2e108d72804f53e1618

Sharing

Copy URL Twitter E-mail

General

Target

bacd7f16f64ab2e108d72804f53e1618
Size

339KB
MD5

bacd7f16f64ab2e108d72804f53e1618
SHA1

9cea1a61b279dc4bb432491d1a70819bd103e514
SHA256

71d00a754c3148b3e02db1c187b6277c76e32a1c730bf2d6fbac723f7ddea298
SHA512

6d0a77bd6863fd7382f15aad81e06c373831605772d7a45cc625e8d49603c6fad0050f4148eac1a5e935435a08567db1bf057bbefa8531f8c847b0f5c6d75754
SSDEEP

6144:F3fJggsQUGcv/AvATB0P3jxMpDYB47iFibANp2p7rE2pi:F3fJggsQUGcgvATmPFfDs6AR9Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bacd7f16f64ab2e108d72804f53e1618

Files

bacd7f16f64ab2e108d72804f53e1618
.exe windows:5 windows x86 arch:x86

cf1a1716721455a64b58d6ac1e5686d2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\hucataresa.pdb

Imports

kernel32

GetFileSize
FindFirstFileW
lstrlenA
WritePrivateProfileStructA
CopyFileExW
SetComputerNameExA
CommConfigDialogA
SetEndOfFile
BuildCommDCBAndTimeoutsA
FreeLibrary
CallNamedPipeA
WaitNamedPipeA
WritePrivateProfileSectionA
SetEnvironmentVariableW
GetModuleHandleExW
SetComputerNameW
OpenSemaphoreA
EnumTimeFormatsW
GetPriorityClass
LoadLibraryW
GetPrivateProfileStructW
SetVolumeMountPointA
GlobalFlags
SetConsoleMode
VerifyVersionInfoA
WriteConsoleW
ReadFile
GetModuleFileNameW
CreateFileW
CreateActCtxA
CompareStringW
CreateDirectoryA
InterlockedExchange
SetThreadLocale
GetCPInfoExW
FillConsoleOutputCharacterW
GlobalFix
GetHandleInformation
GetLastError
SetLastError
GetProcAddress
GetTapeStatus
WriteProfileSectionA
SetStdHandle
ResetEvent
OpenWaitableTimerA
GetAtomNameA
LoadLibraryA
Process32FirstW
LocalAlloc
SetConsoleWindowInfo
AddAtomA
FindAtomA
GetPrivateProfileSectionNamesA
ContinueDebugEvent
OpenFileMappingW
FreeEnvironmentStringsW
BuildCommDCBA
VirtualProtect
GetCurrentDirectoryA
GetCurrentThreadId
GetVersionExA
ReadConsoleInputW
GetWindowsDirectoryW
FileTimeToLocalFileTime
ReadConsoleOutputCharacterW
TlsFree
LCMapStringW
GetVolumeInformationW
CloseHandle
RaiseException
OpenMutexW
GetComputerNameA
GetCommandLineW
HeapSetInformation
GetStartupInfoW
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
InterlockedIncrement
InterlockedDecrement
DecodePointer
GetModuleHandleW
ExitProcess
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
HeapValidate
IsBadReadPtr
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
HeapCreate
WriteFile
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
EnterCriticalSection
LeaveCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
GetModuleFileNameA
HeapReAlloc
HeapSize
HeapQueryInformation
HeapFree
RtlUnwind
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeW
OutputDebugStringA
OutputDebugStringW
IsProcessorFeaturePresent
SetFilePointer
GetConsoleCP
GetConsoleMode
FlushFileBuffers

user32

GetMessageTime
GetMenuInfo

advapi32

RevertToSelf

Sections

.text
Size: 248KB - Virtual size: 248KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cf1a1716721455a64b58d6ac1e5686d2

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

Sections

.text Size: 248KB - Virtual size: 248KB

.rdata Size: 36KB - Virtual size: 36KB

.data Size: 20KB - Virtual size: 40KB

.rsrc Size: 33KB - Virtual size: 32KB

.text
Size: 248KB - Virtual size: 248KB

.rdata
Size: 36KB - Virtual size: 36KB

.data
Size: 20KB - Virtual size: 40KB

.rsrc
Size: 33KB - Virtual size: 32KB