bae81f6cffe9cf23c68661aa5e612d04

General

Target

bae81f6cffe9cf23c68661aa5e612d04
Size

156KB
MD5

bae81f6cffe9cf23c68661aa5e612d04
SHA1

c711d088e794af824503490b751bffe71e0f4f06
SHA256

2c0678b298704c987804018d2da30db2e1a14517d403d7a069a73ea118aada38
SHA512

a717d06751ac8da5190f845959107381a2adfc90f21f402dc89a9013ce1b9b6744c83cdc466da18029a2391e216ddeb05aad6a0884cf6df1910096cfa78a0e45
SSDEEP

3072:lRaBoO/H3Z2P/Sv3z9hGHTkoEkoOVbRCUy6:lABPrv3JcH4gfz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bae81f6cffe9cf23c68661aa5e612d04

Files

bae81f6cffe9cf23c68661aa5e612d04
.exe windows:4 windows x86 arch:x86

926721ea933a3ccb38f0c1a37a7024d6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LockResource
GlobalAlloc
LoadResource
SizeofResource
FindResourceA
GetModuleHandleA
WriteProcessMemory
MultiByteToWideChar
OpenProcess
GetSystemDirectoryA
Process32First
CreateToolhelp32Snapshot
GlobalFree
WinExec
CopyFileA
GetModuleFileNameA
VirtualAlloc
GetCurrentProcess
Sleep
CreateFileA
WriteFile
CreateMutexA
GetLastError
CloseHandle
LoadLibraryA
GetProcAddress
Process32Next
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
TerminateProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
HeapAlloc
HeapReAlloc
SetStdHandle
FlushFileBuffers
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
SetEndOfFile
ReadFile
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

advapi32

OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA
RegSetValueExA
RegCloseKey

Sections

.text
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

926721ea933a3ccb38f0c1a37a7024d6

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 28KB - Virtual size: 24KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 12KB - Virtual size: 18KB

.rsrc Size: 108KB - Virtual size: 107KB

.text
Size: 28KB - Virtual size: 24KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 18KB

.rsrc
Size: 108KB - Virtual size: 107KB