ba4602c4ca21b3795263eefab24a4eb8a9c48afa63c7080e458e39d81b56a736

Sharing

Copy URL Twitter E-mail

General

Target

ba4602c4ca21b3795263eefab24a4eb8a9c48afa63c7080e458e39d81b56a736
Size

89KB
MD5

207a6e9ff97637d497d002580c228ec4
SHA1

90be55b74c9e9c0994e306b242ddd6e1db58b1f8
SHA256

ba4602c4ca21b3795263eefab24a4eb8a9c48afa63c7080e458e39d81b56a736
SHA512

419e084650f6fdfbb3444c7f7a8456fac9c837b165a553e6ec75e50e0a3d100cd5c8fab36840c1b5f46b24029c2c7a4e76dd18bc84486c7d23100473917b4542
SSDEEP

1536:TDXe8cFTtMvJBGFt70SQiVUjoqBL3hm/vQM3t0KKGEFBsCS:TDXe8AhuJBGncqUjoIbhktKGEFBsb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba4602c4ca21b3795263eefab24a4eb8a9c48afa63c7080e458e39d81b56a736

Files

ba4602c4ca21b3795263eefab24a4eb8a9c48afa63c7080e458e39d81b56a736
.exe windows:5 windows x86 arch:x86

eb81d281e37d041fa8b65df01d2d7a00

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoTaskMemFree
CoTaskMemRealloc
CoCreateInstance
CoTaskMemAlloc

user32

DialogBoxParamA
DialogBoxParamW
EnableWindow
EndDialog
GetActiveWindow
GetDesktopWindow
GetDlgCtrlID
GetDlgItem
GetParent
GetSystemMetrics
GetWindow
GetWindowLongA
GetWindowRect
GetWindowTextA
GetWindowTextW
IsDlgButtonChecked
IsWindow
LoadBitmapA
LoadCursorA
LoadIconA
LoadStringA
LoadStringW
MessageBoxA
MessageBoxW
MoveWindow
OffsetRect
PostMessageA
CharUpperBuffW
CheckDlgButton
SendMessageA
SendMessageW
SetCursor
SetFocus
SetWindowLongA
SetWindowTextA
SetWindowTextW
ShowWindow
wsprintfA

gdi32

DeleteDC
DeleteMetaFile
CloseMetaFile
GetDeviceCaps
CreateDCA
LPtoDP
RestoreDC
SaveDC
SetMapMode
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
CreateMetaFileA
CreateRectRgnIndirect

advapi32

CreateServiceW
DeleteService
DeregisterEventSource
GetAce
GetFileSecurityW
GetPrivateObjectSecurity
GetSecurityDescriptorDacl
GetSecurityDescriptorLength
GetSidIdentifierAuthority
GetTokenInformation
GetUserNameW
InitializeSecurityDescriptor
IsValidSecurityDescriptor
MakeSelfRelativeSD
OpenProcessToken
OpenSCManagerW
OpenServiceW
OpenThreadToken
QueryServiceConfigW
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW
AccessCheck
RegSetValueExW
RegisterEventSourceW
RegisterServiceCtrlHandlerExW
ReportEventW
ChangeServiceConfigW
SetFileSecurityW
SetPrivateObjectSecurity
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
SetServiceStatus
CloseServiceHandle
WmiCloseBlock
WmiOpenBlock
WmiReceiveNotificationsW

Sections

.text
Size: 4KB - Virtual size: 796B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 482B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eb81d281e37d041fa8b65df01d2d7a00

Headers

DLL Characteristics

File Characteristics

Imports

ole32

user32

gdi32

advapi32

Sections

.text Size: 4KB - Virtual size: 796B

.rdata Size: 4KB - Virtual size: 482B

.data Size: 68KB - Virtual size: 68KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 4KB - Virtual size: 796B

.rdata
Size: 4KB - Virtual size: 482B

.data
Size: 68KB - Virtual size: 68KB

.rsrc
Size: 12KB - Virtual size: 12KB