ba8527bf9da5e7e25c836c9a5801a454d61f709412b6070f7bd058abb039565c

General

Target

ba8527bf9da5e7e25c836c9a5801a454d61f709412b6070f7bd058abb039565c
Size

212KB
MD5

13d8e1764ccc818f4c81cb17803a9a8a
SHA1

1e210ebf45655b809b4a9630fd6add486aa470e9
SHA256

ba8527bf9da5e7e25c836c9a5801a454d61f709412b6070f7bd058abb039565c
SHA512

7c9cfac1124f69b35d62ea0da97d078f0f25162fb39c2d4c4ba3fb74d96462fda1192b35d48aafc4e7072f85ca562f24c2dcd568f1d0eccfb1b17a7d7652802d
SSDEEP

6144:5zR2XCS9NvTVIUHyDH7+HNKNjMpyb6V3+9wDOaHK:5l2VNvHy+tKNjMzgWDhq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba8527bf9da5e7e25c836c9a5801a454d61f709412b6070f7bd058abb039565c

Files

ba8527bf9da5e7e25c836c9a5801a454d61f709412b6070f7bd058abb039565c
.exe windows:5 windows x86 arch:x86

eb332fa6c9f32efa0d5f1e1dac137bd0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ulib

?GetStandardInput@PROGRAM@@UAEPAVSTREAM@@XZ
?Fatal@PROGRAM@@UBEXXZ
??1PATH_ARGUMENT@@UAE@XZ
??0PATH@@QAE@XZ
?IsValueSet@ARGUMENT@@QAEEXZ
??1ARGUMENT_LEXEMIZER@@UAE@XZ
??0LONG_ARGUMENT@@QAE@XZ
??0FLAG_ARGUMENT@@QAE@XZ
?Initialize@PATH_ARGUMENT@@QAEEPADE@Z
?Initialize@ARGUMENT_LEXEMIZER@@QAEEPAVARRAY@@@Z
?DisplayMessage@PROGRAM@@UBEEKW4MESSAGE_TYPE@@@Z

kernel32

GetVersionExA
GetCommandLineA
GetModuleHandleA
LoadLibraryA
GetFileType
lstrcatW
LocalAlloc
lstrcpyA
InterlockedIncrement
GetStartupInfoA
GetSystemDirectoryW
GetStartupInfoW
CreateEventW
CreateFileA
InitializeCriticalSection
lstrlenA
GetVersion

ntdll

NtOpenKey
RtlFreeUnicodeString
NtWriteFile
NtQueryValueKey
RtlAnsiStringToUnicodeString
RtlOemToUnicodeN
_allmul
NtQueryInformationFile
RtlEnumerateGenericTableWithoutSplaying
RtlInitializeGenericTable
RtlFindMessage
wcsstr
RtlInitializeBitMap
RtlCopySid
RtlSizeHeap
NtShutdownSystem
RtlNormalizeProcessParams

msvcrt

exit
__mb_cur_max
_pctype
wcslen
time
fputs
_adjust_fdiv
__winitenv
__initenv
_stricmp
_XcptFilter
_acmdln
printf
__p__fmode
??3@YAXPAX@Z
_strnicmp

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

eb332fa6c9f32efa0d5f1e1dac137bd0

Headers

File Characteristics

Imports

ulib

kernel32

ntdll

msvcrt

Sections

.text Size: 26KB - Virtual size: 26KB

.rdata Size: 23KB - Virtual size: 22KB

.data Size: 19KB - Virtual size: 72KB

.text
Size: 26KB - Virtual size: 26KB

.rdata
Size: 23KB - Virtual size: 22KB

.data
Size: 19KB - Virtual size: 72KB