baf9755435d05c9d8c2c29142ee89af0

Sharing

Copy URL Twitter E-mail

General

Target

baf9755435d05c9d8c2c29142ee89af0
Size

864KB
MD5

baf9755435d05c9d8c2c29142ee89af0
SHA1

77a58fddb411158b8d6aaf21a13236b200c33281
SHA256

10ecd0cdd81c1a2d03a4a01116b70fd08ad64224cb8786f604d01223907fb4be
SHA512

48d201fe006e9162e9ac6cec1a19d62c8b509f255c3fc01635a9fb1d3b3819792f32c8f25fd1d4274d151898b89fb471cf694be96c2a18ba9861185d5de3356e
SSDEEP

12288:m25EDCK0UpDKwPjCoWUGi9i7qSDHykiiUnUPzwWLVvV04E7tCRGsgYF7dH3gwWQ7:pEDCK0UcAjlWZiQe4DUKw+StFwWQk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
baf9755435d05c9d8c2c29142ee89af0

Files

baf9755435d05c9d8c2c29142ee89af0
.exe windows:4 windows x86 arch:x86

7c4a428c540995c4787091c48ca0f045

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadIconA
PackDDElParam
EndMenu
SetClipboardData
CreateWindowExA
SendMessageTimeoutA
GetWindowWord
GetUserObjectSecurity
IsMenu
GetTopWindow
ScrollDC
GetSystemMenu
RemovePropA
RedrawWindow
GetShellWindow
TileWindows
LookupIconIdFromDirectory
TranslateAccelerator
PostQuitMessage
GetMenuState
GetClipboardFormatNameA
LoadMenuIndirectA
DrawFrame
LoadAcceleratorsA
GetDoubleClickTime
SetWindowRgn
GetKBCodePage
DrawMenuBar
DlgDirSelectExA
GetAsyncKeyState
ChildWindowFromPointEx
DdeUnaccessData
CharToOemBuffA
DdeClientTransaction
ChangeMenuA
SendIMEMessageExA
CheckMenuItem
GetDC
CharNextExA
GetLastActivePopup
CreateDialogParamA
IsCharLowerA
IsDialogMessage
GetNextDlgTabItem
GetProcessDefaultLayout
RegisterWindowMessageA
IMPGetIMEA
BringWindowToTop
DestroyMenu
CopyIcon
wvsprintfA
ExcludeUpdateRgn
GetKeyboardLayoutList

advapi32

GetTrusteeTypeA
PrivilegeCheck
AddAce
CryptEncrypt
GetSecurityDescriptorControl
GetSecurityDescriptorOwner
ControlService
CryptSignHashA
EnumDependentServicesA
RegConnectRegistryA
CopySid
RegFlushKey
GetServiceDisplayNameA
OpenEventLogA
RegUnLoadKeyA
GetMultipleTrusteeA
InitializeAcl
IsTextUnicode
GetExplicitEntriesFromAclA
CryptSetKeyParam
CryptGenKey
DeregisterEventSource
CryptHashSessionKey
SetEntriesInAuditListA
AccessCheck
CryptGetKeyParam
QueryServiceObjectSecurity
BuildSecurityDescriptorA
ObjectDeleteAuditAlarmA
GetAclInformation
CryptDestroyHash
AllocateAndInitializeSid
SetServiceStatus
CryptContextAddRef
FindFirstFreeAce
ChangeServiceConfigA
BackupEventLogA

kernel32

CreateMailslotA

Sections

.rqrq
Size: 638KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.epupy
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lofev
Size: 19KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ongf
Size: 512B - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.inexy
Size: 6KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.psrcf
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mrcf
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.razm
Size: 49KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hqxst
Size: 125KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7c4a428c540995c4787091c48ca0f045

Headers

File Characteristics

Imports

user32

advapi32

kernel32

Sections

.rqrq Size: 638KB - Virtual size: 1.3MB

.epupy Size: 6KB - Virtual size: 8KB

.lofev Size: 19KB - Virtual size: 27KB

.ongf Size: 512B - Virtual size: 21KB

.inexy Size: 6KB - Virtual size: 15KB

.psrcf Size: 512B - Virtual size: 56B

.mrcf Size: 512B - Virtual size: 24B

.razm Size: 49KB - Virtual size: 77KB

.hqxst Size: 125KB - Virtual size: 1.7MB

.rsrc Size: 18KB - Virtual size: 20KB

.rqrq
Size: 638KB - Virtual size: 1.3MB

.epupy
Size: 6KB - Virtual size: 8KB

.lofev
Size: 19KB - Virtual size: 27KB

.ongf
Size: 512B - Virtual size: 21KB

.inexy
Size: 6KB - Virtual size: 15KB

.psrcf
Size: 512B - Virtual size: 56B

.mrcf
Size: 512B - Virtual size: 24B

.razm
Size: 49KB - Virtual size: 77KB

.hqxst
Size: 125KB - Virtual size: 1.7MB

.rsrc
Size: 18KB - Virtual size: 20KB