bacdfc6609c9737e94cccf3f89d0611d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bacdfc6609c9737e94cccf3f89d0611d
Size

167KB
MD5

bacdfc6609c9737e94cccf3f89d0611d
SHA1

e63b15067619b30aa64c4de1ca79752e092a89e9
SHA256

e656bde4eae822c8e82754002ffb79d905040e73a17cabefd0bc485e277ac302
SHA512

a8a341d671849e3b5a6d9b1ef3ee08dc22fa8ee1de7eab932d97581b2cf59dee7779539de629c90297f603a63c9b63af02a7237773dd17e6327d04c29d0ed74f
SSDEEP

3072:JJY1WMQi/qcUzmRoUSPIR5BmI7Mt7AqJxS/+l7HBZEshat:JoWm/qcuAXBFbqbS/+l7Ishat

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bacdfc6609c9737e94cccf3f89d0611d

Files

bacdfc6609c9737e94cccf3f89d0611d
.exe windows:4 windows x86 arch:x86

aae563f8c7df88e1445cd13851ce1200

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvfw32

ICSendMessage
ICOpen
ICClose
ICDecompress

advapi32

RegDeleteKeyW
RegSetValueExW
RegEnumKeyExW
RegCloseKey
RegCreateKeyW
RegQueryValueExW
RegOpenKeyExW
RegSetValueW

user32

GetClientRect
GetWindowPlacement
InvalidateRect
AdjustWindowRectEx
SetCursor
SetRectEmpty
PostMessageW
FillRect

kernel32

GlobalFree
GetLongPathNameW
GetLastError
CloseHandle
SetThreadContext
GetCurrentProcessId
GetCurrentThreadId
EnumResourceTypesW
GetModuleHandleW
ExitProcess
UnhandledExceptionFilter
CreateFileW
GetProcAddress
LoadLibraryW
GetVersionExW

Sections

.text
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ