ba39f9645334a8b6470332caf8a6c189d566ee155a3cf3e1e88a5ae3b79648a8

Sharing

Copy URL Twitter E-mail

General

Target

ba39f9645334a8b6470332caf8a6c189d566ee155a3cf3e1e88a5ae3b79648a8
Size

4.6MB
MD5

53193c5aa3438f70d6a96c2ee758b20a
SHA1

2a73b026a419a1820f6dd5efeddf19a1fecf2cbe
SHA256

ba39f9645334a8b6470332caf8a6c189d566ee155a3cf3e1e88a5ae3b79648a8
SHA512

29484e6576019fbf5fa32311f4b75434d88bc050de83752845c28f27a1ad1b5b3babca62cd40236220013685a69d6b1d45932e4b3fc7f463ea34a19b1115dd57
SSDEEP

49152:OS55c2y3tb1+wqK1zw2h7iKokhNLOulw+pWigyD:Z5cp3tbUnAMYTOul34ig

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba39f9645334a8b6470332caf8a6c189d566ee155a3cf3e1e88a5ae3b79648a8

Files

ba39f9645334a8b6470332caf8a6c189d566ee155a3cf3e1e88a5ae3b79648a8
.exe windows:4 windows x86 arch:x86

6f185e018944258698b6ecd32e3e5002

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualQuery
SetCurrentDirectoryA
GetProcAddress
LoadLibraryA
FreeLibrary
GetCurrentThread
GetModuleFileNameA
IsBadReadPtr
lstrcmpiA
TerminateProcess
CreateToolhelp32Snapshot
Module32First
CreateFileW
lstrlenA
SetEndOfFile
GetLocaleInfoW
SetEnvironmentVariableA
SetStdHandle
GetCurrentProcessId
IsBadCodePtr
VirtualProtect
CompareStringW
CompareStringA
IsValidCodePage
Module32Next
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetOEMCP
GetACP
GetStringTypeW
GetCurrentProcess
GetLastError
GetVersionExA
GetTickCount
CreateProcessA
CloseHandle
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
Sleep
GetCurrentDirectoryA
IsDebuggerPresent
GetStringTypeA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
GetTimeZoneInformation
IsBadWritePtr
VirtualAlloc
VirtualFree
GetModuleHandleA
CreateDirectoryA
HeapCreate
HeapDestroy
SetUnhandledExceptionFilter
HeapSize
TlsGetValue
TlsSetValue
TlsFree
SetLastError
TlsAlloc
GetCPInfo
LCMapStringW
LCMapStringA
HeapReAlloc
MultiByteToWideChar
CreateThread
ExitThread
GetCommandLineA
GetStartupInfoA
CopyFileA
DeleteFileA
IsValidLocale
GetFileAttributesA
GetCurrentThreadId
FindClose
FindNextFileA
FindFirstFileA
QueryPerformanceCounter
QueryPerformanceFrequency
IsProcessorFeaturePresent
WaitForSingleObject
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InterlockedExchange
InitializeCriticalSection
ReadFile
WriteFile
SetFilePointer
GetFileSize
FlushFileBuffers
CreateFileA
UnmapViewOfFile
GetSystemInfo
MapViewOfFile
CreateFileMappingA
GetVersion
lstrlenW
FormatMessageA
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte
GetSystemTimeAsFileTime
RtlUnwind
RaiseException
HeapFree
HeapAlloc
ExitProcess
GetLocalTime

user32

LoadIconA
SetRectEmpty
SetCursor
GetCursorPos
GetClipboardData
GetCaretBlinkTime
SetCapture
ReleaseCapture
SetFocus
InflateRect
ShowWindow
GetMenu
AdjustWindowRectEx
GetClientRect
ChangeDisplaySettingsA
PostMessageA
GetKeyState
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
GetDC
ReleaseDC
UpdateWindow
GetAsyncKeyState
SendMessageA
SetCursorPos
ClientToScreen
IntersectRect
OffsetRect
MessageBoxA
EnumDisplaySettingsA
PostQuitMessage
PtInRect
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
LoadCursorA
SetForegroundWindow
DialogBoxParamA
EndDialog
GetWindowRect
GetSystemMetrics
SetWindowPos
MoveWindow
DefWindowProcA
GetWindowLongA
SystemParametersInfoA
SetWindowLongA
CreateWindowExA
RegisterClassExA
IsIconic

gdi32

CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
SetBkColor
SetTextColor
TextOutA
GetPixel
DeleteObject
DeleteDC
CreateFontIndirectA
GetClipBox
GetDeviceCaps
GetGlyphOutlineA
GetTextMetricsA

advapi32

RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

iphlpapi

GetAdaptersInfo

d3d8

Direct3DCreate8

dsound

ord11

winmm

timeGetTime

ws2_32

WSAStartup
WSACleanup
gethostbyname
inet_addr
setsockopt
getsockopt
closesocket
bind
htons
htonl
socket
connect
WSAGetLastError
recv
send
shutdown

imm32

ImmReleaseContext
ImmGetContext
ImmAssociateContext

ole32

CoUninitialize
CoCreateInstance
CoInitializeEx

Sections

.text
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 320KB - Virtual size: 319KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 164KB - Virtual size: 199KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6f185e018944258698b6ecd32e3e5002

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

iphlpapi

d3d8

dsound

winmm

ws2_32

imm32

ole32

Sections

.text Size: 2.8MB - Virtual size: 2.8MB

.rdata Size: 320KB - Virtual size: 319KB

.data Size: 164KB - Virtual size: 199KB

.tls Size: 4KB - Virtual size: 1KB

.data1 Size: 12KB - Virtual size: 9KB

.rsrc Size: 1.3MB - Virtual size: 1.3MB

.text
Size: 2.8MB - Virtual size: 2.8MB

.rdata
Size: 320KB - Virtual size: 319KB

.data
Size: 164KB - Virtual size: 199KB

.tls
Size: 4KB - Virtual size: 1KB

.data1
Size: 12KB - Virtual size: 9KB

.rsrc
Size: 1.3MB - Virtual size: 1.3MB