ba88b990778790fc7646066a0246a760N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

ba88b990778790fc7646066a0246a760N.exe
Size

624KB
MD5

ba88b990778790fc7646066a0246a760
SHA1

f899f4e21595f91081769ae8a799021df7d87a89
SHA256

925b1c6e34e452ced4a6ab8ccdeebac5bbfeffabe2a0a669bd3ca0c491457e2e
SHA512

05474ed3ea923d29913fbc6bb2556864bc3da4f2bf39f1b04fce55b9db52137923b3f40d14df256270a5edab5481a301663abb2170a8cadb1bf60f221916f265
SSDEEP

12288:bIWN4Y2CAdwp/zWIWN4Y2CAdwp/zWIWN4Y2CAdwp/z:b5GYswp/C5GYswp/C5GYswp/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba88b990778790fc7646066a0246a760N.exe

Files

ba88b990778790fc7646066a0246a760N.exe
.exe windows:4 windows x86 arch:x86

00f0cb2eb2cf989efbc9c98f144014af

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
GetProcAddress
DosDateTimeToFileTime
GetLogicalDriveStringsA
CreateNamedPipeW
GetModuleHandleA
SetCalendarInfoA
MultiByteToWideChar
GetVersionExA
TlsAlloc

user32

GetClassNameA
GetMenuItemInfoW
GetTopWindow
GetDlgItem
SetDlgItemTextW
SetActiveWindow
CloseWindow
LoadMenuA
IsWindow
GetWindowRect
UnregisterClassW
DeleteMenu
RegisterClassW
CreateAcceleratorTableA
WinHelpW
CreateWindowExA
CreatePopupMenu
InsertMenuItemA
EnableWindow
CreateDialogIndirectParamW
GetForegroundWindow
SendDlgItemMessageA
CheckMenuItem
ClientToScreen
SendMessageA
wvsprintfA
GetSysColorBrush
InvalidateRgn
MessageBeep
GetScrollPos
InvalidateRect
DefDlgProcA
ActivateKeyboardLayout
TrackPopupMenuEx
GetDCEx
CallWindowProcA
SetWindowRgn

gdi32

CreateEnhMetaFileA
ResetDCA
GetCharWidthW
CreateEnhMetaFileW
GetLayout
PolylineTo
GetColorSpace
GetTextExtentExPointW

advapi32

RegDeleteKeyA
RegOpenKeyW
RegDeleteValueA
RegCreateKeyExW
RegOpenKeyW
RegReplaceKeyA

shlwapi

PathRemoveBackslashA
DllGetVersion
PathBuildRootA
SHDeleteValueW
StrStrNW
PathCommonPrefixW
SHRegSetUSValueW
PathRemoveBlanksA
StrRChrIA
SHCreateStreamOnFileEx
UrlGetLocationA

comdlg32

GetSaveFileNameA
LoadAlterBitmap
ChooseFontA
GetOpenFileNameW
GetSaveFileNameW
GetFileTitleW

oleaut32

VarI4FromUI1
VarBstrFromR8
VarUI1FromR8
VarUI1FromStr
VarDateFromDisp
VarIdiv
VectorFromBstr

Sections

.FrbNhz
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.oMkBIA
Size: 3KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.YsUsFU
Size: 2KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.kJecJt
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bl
Size: 5KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 171KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 964B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

00f0cb2eb2cf989efbc9c98f144014af

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shlwapi

comdlg32

oleaut32

Sections

.FrbNhz Size: 11KB - Virtual size: 10KB

.oMkBIA Size: 3KB - Virtual size: 26KB

.YsUsFU Size: 2KB - Virtual size: 51KB

.kJecJt Size: 13KB - Virtual size: 12KB

.bl Size: 5KB - Virtual size: 296KB

.rsrc Size: 171KB - Virtual size: 170KB

.reloc Size: 1024B - Virtual size: 964B

.FrbNhz
Size: 11KB - Virtual size: 10KB

.oMkBIA
Size: 3KB - Virtual size: 26KB

.YsUsFU
Size: 2KB - Virtual size: 51KB

.kJecJt
Size: 13KB - Virtual size: 12KB

.bl
Size: 5KB - Virtual size: 296KB

.rsrc
Size: 171KB - Virtual size: 170KB

.reloc
Size: 1024B - Virtual size: 964B