bdac4798c3d5576bcd5209220bd5bcd9

Sharing

Copy URL Twitter E-mail

General

Target

bdac4798c3d5576bcd5209220bd5bcd9
Size

92KB
MD5

bdac4798c3d5576bcd5209220bd5bcd9
SHA1

c03d4667f06e7bf2a8b4f6537f80153719003198
SHA256

7796407b776fdc6f157a27dd3356cf16bb012cf5918159076c2b5982a077fa99
SHA512

44f891f0500f984c195d1b43dfb2a9873900f88b163d9c6cc66eaf55abe9ce85e4adb115a37c98a8220e7b3bbc5f3051da6b2319e5d014c0866086d2b213bef9
SSDEEP

1536:pAhvkBB2EDL2xeYEzMdLiSNcGSoBmy7jeVzTe/ssFe4m8:os+sL2xeDzMdmSNN7BmujCzTe/sId

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bdac4798c3d5576bcd5209220bd5bcd9

Files

bdac4798c3d5576bcd5209220bd5bcd9
.exe windows:4 windows x86 arch:x86

70acabc625e3a22c1882892dcecf4845

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_DragShowNolock
ImageList_Write
ImageList_DrawEx

gdi32

GetBkMode
GetBkColor

user32

LoadKeyboardLayoutA
GetSystemMetrics
EnableScrollBar
IsWindow
SetFocus
IsRectEmpty
GetSystemMenu
GetWindowDC
DefFrameProcA
GetMenuItemID
PostMessageA
GetClientRect
GetForegroundWindow
IsZoomed
RegisterClipboardFormatA
GetClassInfoA
FrameRect
DispatchMessageA
SetActiveWindow
GetMessagePos
GetKeyState
GetKeyboardState
GetDC
GetClipboardData
ShowWindow
OpenClipboard
CreateWindowExA
GetWindow
IsIconic
SetScrollPos
LoadIconA
UpdateWindow
CharUpperA
DrawMenuBar
FindWindowA
RegisterClassA
GetSysColor
AdjustWindowRectEx
SendMessageA
IsWindowVisible
GetMenuItemInfoA
DrawIcon
GetKeyNameTextA
LoadBitmapA
GetWindowLongW
SetTimer
GetScrollPos
RegisterWindowMessageA
DestroyCursor
OpenIcon
GetMenu
GetWindowPlacement
IsMenu
ScrollWindow
DrawTextA
GetSubMenu
CreateIcon
SetWindowTextA
KillTimer
SetCursor
GetWindowRect
MoveWindow
WindowFromPoint

kernel32

DeleteCriticalSection
GetACP
GetTickCount
SetErrorMode
FreeLibrary
HeapDestroy
lstrcmpA
GlobalDeleteAtom
LoadLibraryA
LocalFree
FormatMessageA
ExitProcess
GetCommandLineA
CreateFileA
InitializeCriticalSection
GetCurrentThreadId
RaiseException
GetFullPathNameA
lstrlenW
VirtualAllocEx
GlobalAddAtomA
lstrcpynA
CreateThread

Exports

Exports

_lg2aKLPxnBhb

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.badata
Size: 512B - Virtual size: 336B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

70acabc625e3a22c1882892dcecf4845

Headers

File Characteristics

Imports

comctl32

gdi32

user32

kernel32

Exports

Exports

Sections

.text Size: 21KB - Virtual size: 20KB

.rdata Size: 9KB - Virtual size: 9KB

.data Size: 47KB - Virtual size: 47KB

.edata Size: 4KB - Virtual size: 3KB

.badata Size: 512B - Virtual size: 336B

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 21KB - Virtual size: 20KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 47KB - Virtual size: 47KB

.edata
Size: 4KB - Virtual size: 3KB

.badata
Size: 512B - Virtual size: 336B

.rsrc
Size: 8KB - Virtual size: 8KB