bad4d670728c39f96d98e04439895358

General

Target

bad4d670728c39f96d98e04439895358
Size

68KB
MD5

bad4d670728c39f96d98e04439895358
SHA1

83b5d3a4c5c6bd1095edfe76b2990b93dec5e0d6
SHA256

e30f542b15b25e88a5899663b0606d2fd9574c34b886cedd3873ee5838a410cf
SHA512

e96711ba6ca76255cf123869ea20d2be1129b294f0d1e0cfdf3016fae5dc020b4e2272e771cac0f11745be649af546fbebe918a41e96363a23b028f890928f0a
SSDEEP

1536:YU0yRvCaizscGcteIl8RN7LJ9QegetldM:+yxCXztvtefNP0hw7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bad4d670728c39f96d98e04439895358

Files

bad4d670728c39f96d98e04439895358
.dll windows:4 windows x86 arch:x86

41c91edc260ecd5ea9d6b991d9d29040

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CompareStringA
VirtualAlloc
GetCommandLineW
GetDiskFreeSpaceExA
GetConsoleWindow
GetModuleFileNameA
GetDevicePowerState
ReadFileEx
ReadConsoleInputA
GlobalFree
GetModuleFileNameA
ReleaseSemaphore
CreateThread
GetSystemDefaultLCID
SetConsoleInputExeNameA
GetSystemRegistryQuota
PeekNamedPipe
OpenMutexA
RemoveDirectoryA
GetCommandLineA
GetConsoleCommandHistoryLengthA
WriteConsoleOutputCharacterA
LZCopy
EnumSystemLanguageGroupsA
GetExitCodeProcess
IsWow64Process
ExitProcess

wininet

HttpQueryInfoW
HttpAddRequestHeadersW
HttpSendRequestW
InternetConnectW
InternetReadFile
InternetOpenW
HttpOpenRequestW

user32

RealGetWindowClassA
GetKeyNameTextA
PrivateExtractIconsA
GetPropA
CallWindowProcA
CharLowerBuffA
SetMenuDefaultItem
MapDialogRect
LoadImageA
DrawFrame
ReplyMessage
MessageBoxTimeoutW
DragDetect
EnumDesktopWindows
CreateWindowStationW
UnhookWindowsHookEx
ShowScrollBar
GetSubMenu
GetClassInfoA
BuildReasonArray
GetWindowTextA
CopyRect
GetClipboardOwner
RealChildWindowFromPoint
GetMenu

Exports

Exports

CloseTixjbbosc
CloseHicdhmee

Sections

.itext
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 56KB - Virtual size: 185KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

41c91edc260ecd5ea9d6b991d9d29040

Headers

File Characteristics

Imports

kernel32

wininet

user32

Exports

Exports

Sections

.itext Size: - Virtual size: 3KB

.text Size: 56KB - Virtual size: 185KB

.idata Size: 4KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 1KB

.itext
Size: - Virtual size: 3KB

.text
Size: 56KB - Virtual size: 185KB

.idata
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 1KB