BakkesModInjector[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

BakkesModInjector.zip
Size

5.2MB
MD5

3539796664f114a987951029f6840117
SHA1

6c69c7d92463efd0cfc0e2aa762f4ac571aa5d5e
SHA256

cf72f55a0b5e1595fb7a94666b23146d2a8a43425cd05e3339c0f2c4a32de340
SHA512

99e2eba749580d73ff7e8ecff42dbefc7636a53be6f820d7997beb132d4e0b0d09dafce3f7acd31786fdfd54dd61452e3b6f8a33a0ac4315bf218eb7399a307f
SSDEEP

98304:+Vjc34EQwGI0u8Z63WcEUkeXKRvq3iffg+UOp5FLMcSBpQJolKeGBQJylLjrC8d:+n3IO63WcHVKRv8S1U8LMcS7tP5J0C8d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/BakkesMod.exe

Files

BakkesModInjector.zip
.zip
BakkesMod.exe
.exe windows:6 windows x86 arch:x86

8c6bb9744a3197e6c2533dbf6dad7692

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindCloseChangeNotification
QueryPerformanceCounter
QueryPerformanceFrequency
FormatMessageW
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeW
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
DeleteCriticalSection
GetCurrentThreadId
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetTickCount
EncodePointer
DecodePointer
CompareStringW
LCMapStringW
GetLocaleInfoW
GetCPInfo
SetEvent
ResetEvent
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetCurrentProcessId
InitializeSListHead
GetUserDefaultLCID
GetCommandLineW
LocalFree
OutputDebugStringW
GetConsoleWindow
DuplicateHandle
Sleep
CreateThread
GetCurrentThread
SetThreadPriority
GetThreadPriority
TerminateThread
ResumeThread
GetSystemInfo
WaitForMultipleObjects
FindFirstChangeNotificationW
GetLocalTime
CreateFileW
FlushFileBuffers
GetFileType
GetLogicalDrives
ReadFile
SetEndOfFile
SetFilePointerEx
WriteFile
UnmapViewOfFile
MoveFileExW
GetCurrentDirectoryW
GetFileAttributesExW
GetFileInformationByHandle
GetFullPathNameW
GetLongPathNameW
SetErrorMode
DeviceIoControl
LoadLibraryW
CopyFileW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetDateFormatW
GetTimeFormatW
GetCurrencyFormatW
GetUserDefaultUILanguage
GetSystemDirectoryW
FindFirstFileExW
FreeLibrary
GetTimeZoneInformation
GetGeoInfoW
GetUserGeoID
LoadLibraryA
ExitProcess
SetHandleInformation
GetVolumeInformationW
GetDriveTypeW
lstrcmpW
InitializeCriticalSection
IsValidLanguageGroup
IsValidLocale
ExpandEnvironmentStringsW
GetUserDefaultLangID
CheckRemoteDebuggerPresent
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalSize
ReleaseMutex
CreateMutexW
VirtualAlloc
VirtualFree
SignalObjectAndWait
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
GetThreadTimes
FreeLibraryAndExitThread
LoadLibraryExW
GetVersionExW
VirtualProtect
ReleaseSemaphore
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
CreateTimerQueue
RaiseException
RtlUnwind
PeekNamedPipe
SetFileTime
TzSpecificLocalTimeToSystemTime
SystemTimeToFileTime
GetModuleHandleExW
GetStdHandle
GetCommandLineA
ExitThread
SetStdHandle
GetConsoleMode
ReadConsoleW
GetConsoleCP
HeapAlloc
HeapFree
EnumSystemLocalesW
GetFileSizeEx
HeapReAlloc
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetProcessHeap
HeapSize
WriteConsoleW
FindNextChangeNotification
GetModuleHandleW
GetModuleFileNameW
SetFileAttributesW
RemoveDirectoryW
GetFileAttributesW
FindNextFileW
FindFirstFileW
FindClose
CreateDirectoryW
DeleteFileW
K32GetModuleFileNameExW
K32EnumProcessModules
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetProcAddress
GetModuleHandleA
VirtualFreeEx
MapViewOfFile
CreateFileMappingW
WriteProcessMemory
VirtualAllocEx
CreateRemoteThread
WaitForSingleObject
MoveFileW
GetTickCount64
OpenProcess
CreateProcessW
TerminateProcess
GetLastError
CloseHandle
GetSystemTime
GetTempPathW

advapi32

RegCloseKey
CopySid
FreeSid
GetLengthSid
GetTokenInformation
RegCreateKeyExW
RegDeleteKeyW
RegEnumKeyExW
RegEnumValueW
RegFlushKey
RegQueryInfoKeyW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegDeleteValueW
RegCreateKeyW
OpenProcessToken

shell32

SHGetPathFromIDListW
SHBrowseForFolderW
SHGetSpecialFolderPathW
SHGetMalloc
SHGetFileInfoW
SHGetKnownFolderPath
ShellExecuteW
Shell_NotifyIconW
CommandLineToArgvW

oleaut32

SysAllocString
SysFreeString
SysAllocStringLen
SysStringLen
VariantInit
VariantChangeType
VariantClear
SystemTimeToVariantTime

ws2_32

bind
closesocket
getpeername
WSAGetLastError
gethostbyname
WSASocketW
WSASendTo
WSASend
WSARecvFrom
__WSAFDIsSet
getsockname
WSARecv
WSANtohs
gethostname
WSAStartup
WSACleanup
WSAAsyncSelect
htonl
getsockopt
inet_addr
ntohl
WSANtohl
WSAIoctl
WSAHtonl
htons
listen
select
setsockopt
WSAAccept
WSAConnect
gethostbyaddr

crypt32

CertGetCertificateChain
CertFreeCertificateChain
CertFreeCertificateContext
CertCreateCertificateContext

iphlpapi

GetAdaptersAddresses
GetAdaptersInfo

user32

SetWindowTextW
GetWindowRect
AdjustWindowRectEx
SetCursor
ClientToScreen
ScreenToClient
GetDesktopWindow
GetParent
SetParent
DestroyCursor
GetAncestor
GetKeyboardLayoutList
GetClassInfoW
RegisterClassExW
GetFocus
GetClientRect
GetCursorPos
ChildWindowFromPointEx
GetSysColorBrush
LoadImageW
GetMonitorInfoW
EnumDisplayMonitors
LoadIconW
SetClipboardViewer
ChangeClipboardChain
RegisterClipboardFormatW
GetAsyncKeyState
GetKeyboardLayout
CreateCaret
DestroyCaret
HideCaret
SetCaretPos
IsZoomed
GetKeyState
GetKeyboardState
ToAscii
ToUnicode
MapVirtualKeyW
GetMenu
TrackPopupMenuEx
SetMenuItemInfoW
NotifyWinEvent
GetClipboardFormatNameW
SetCursorPos
GetUpdateRect
LoadCursorW
CreateCursor
CreateIconIndirect
GetIconInfo
GetCursorInfo
TrackMouseEvent
GetMessageExtraInfo
GetWindowTextW
EnumWindows
RealGetWindowClassW
EndPaint
DestroyIcon
GetWindowThreadProcessId
GetSystemMetrics
SendMessageW
RegisterWindowMessageW
ReleaseDC
GetDC
EnableMenuItem
GetSystemMenu
SystemParametersInfoW
MessageBoxW
CharNextExA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
SetWindowLongW
GetWindowLongW
KillTimer
SetTimer
MsgWaitForMultipleObjectsEx
GetQueueStatus
DestroyWindow
CreateWindowExW
UnregisterClassW
RegisterClassW
DefWindowProcW
PostMessageW
PeekMessageW
DispatchMessageW
TranslateMessage
DrawIconEx
BeginPaint
SetForegroundWindow
InvalidateRect
GetForegroundWindow
ReleaseCapture
SetCapture
GetCapture
SetFocus
IsIconic
IsWindowVisible
SetWindowPlacement
GetWindowPlacement
SetWindowPos
MoveWindow
FlashWindowEx
ShowWindow
IsChild
MessageBeep
GetCaretBlinkTime
GetDoubleClickTime
SetWindowRgn
GetCursor
GetSysColor

gdi32

GetObjectW
ChoosePixelFormat
SetPixelFormat
DescribePixelFormat
GetPixelFormat
SwapBuffers
GetBitmapBits
GetCharABCWidthsW
GetTextMetricsW
GetFontData
CreateFontIndirectW
EnumFontFamiliesExW
CreateDCW
CreateCompatibleBitmap
GetDeviceCaps
RemoveFontMemResourceEx
GetCharABCWidthsFloatW
CombineRgn
GetStockObject
AddFontMemResourceEx
RemoveFontResourceExW
AddFontResourceExW
CreateBitmap
GetGlyphOutlineW
GetOutlineTextMetricsW
GetTextExtentPoint32W
GetCharABCWidthsI
SetBkMode
SetGraphicsMode
SetTextColor
OffsetRgn
BitBlt
GdiFlush
CreateDIBSection
SelectObject
SelectClipRgn
GetRegionData
DeleteObject
DeleteDC
CreateRectRgn
CreateCompatibleDC
GetDIBits
SetTextAlign
GetTextFaceW
ExtTextOutW
SetWorldTransform

ole32

CoGetMalloc
ReleaseStgMedium
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleGetClipboard
OleSetClipboard
OleUninitialize
CoTaskMemAlloc
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
StringFromGUID2
CoTaskMemFree
CoCreateGuid
CoInitialize
CoCreateInstance
OleInitialize
CoUninitialize

imm32

ImmGetDefaultIMEWnd
ImmGetContext
ImmReleaseContext
ImmAssociateContext
ImmGetCompositionStringW
ImmNotifyIME
ImmSetCompositionWindow
ImmSetCandidateWindow
ImmGetVirtualKey

winmm

PlaySoundW

Sections

.text
Size: 7.2MB - Virtual size: 7.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qtmetad
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 292B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 162KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 252KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8c6bb9744a3197e6c2533dbf6dad7692

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

shell32

oleaut32

ws2_32

crypt32

iphlpapi

user32

gdi32

ole32

imm32

winmm

Sections

.text Size: 7.2MB - Virtual size: 7.2MB

.rdata Size: 3.0MB - Virtual size: 3.0MB

.data Size: 68KB - Virtual size: 112KB

.qtmetad Size: 1024B - Virtual size: 588B

_RDATA Size: 512B - Virtual size: 292B

.rsrc Size: 162KB - Virtual size: 162KB

.reloc Size: 252KB - Virtual size: 252KB

.text
Size: 7.2MB - Virtual size: 7.2MB

.rdata
Size: 3.0MB - Virtual size: 3.0MB

.data
Size: 68KB - Virtual size: 112KB

.qtmetad
Size: 1024B - Virtual size: 588B

_RDATA
Size: 512B - Virtual size: 292B

.rsrc
Size: 162KB - Virtual size: 162KB

.reloc
Size: 252KB - Virtual size: 252KB