baf94649bc36825e74a39ae99185bac6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

baf94649bc36825e74a39ae99185bac6
Size

183KB
MD5

baf94649bc36825e74a39ae99185bac6
SHA1

71f05450da8340523d9e86106f342ddf713bdbda
SHA256

cd11e7503906fc46b36548cbebb64df304ee22d1bcf8712542eba9404397b2da
SHA512

6c332733c10162378890ba7252eb59422495aef799980f73cf2ec0a6e0662f6291cf45006dddab42f92068d9349202b363ff026c2db4c92e76e9ffd0955789d0
SSDEEP

3072:bbCi9Xk4NJy8Le12ktqPN1vY9suUelDw5+EiSZ3duK3jzjM1Q8pQDyXUfy+g:bbCsJy8L2mcb5w52etubQ8Zkfyp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
baf94649bc36825e74a39ae99185bac6

Files

baf94649bc36825e74a39ae99185bac6
.exe windows:4 windows x86 arch:x86

8fef078a9f318eed4b21836fe5de77d8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CreatePopupMenu
SetParent
InvalidateRect
SetWindowPos
LoadCursorW
RedrawWindow
GetFocus
IsWindow
GetDesktopWindow
SetCursor
ClipCursor
EnableWindow
DestroyMenu
TrackPopupMenuEx
PtInRect

kernel32

CreateFileW
GetShortPathNameA
GetModuleHandleW
GetLastError
GetHandleInformation
LoadLibraryW
GetCurrentProcessId
EnumResourceTypesW
ExitProcess
CloseHandle
UnhandledExceptionFilter
GlobalFree
GetCurrentThreadId
GetProcAddress
GetVersionExW

msvfw32

ICClose
ICSendMessage
ICOpen
ICDecompress

ole32

StgCreateDocfile
StgOpenStorage

Sections

.text
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 368KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ