7zFM[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7zFM.exe
Size

935KB
MD5

d36deceeb4c9645aab2ded86608d090b
SHA1

912f4658c4b046fbadd084912f9126cb1ae3737b
SHA256

018d74ff917692124dee0a8a7e6302aecd219d79b049ad95f2f4eedea41b4a45
SHA512

9752a9e57dd2e6cd454ba6c2d041d884369734c2b62c53d3ec4854731c398cd6e25ac75f7a55cda9d4b4c2efb074cb2e6efcbf3080cd8cc7d9bc8c9a25f62ff2
SSDEEP

24576:5OvJSNnDpWfp0sgz7P7wqN9gEc1MM9QQc:5AJSNnDpWfp8z/wqN9luMM

Score

1^/10

Malware Config

Signatures

Files

7zFM.exe
.exe windows x64

3b2ad7c424fbd96489e02fa44b3d6025

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

comctl32

ImageList_ReplaceIcon
InitCommonControlsEx
CreateToolbarEx
CreateStatusWindowW
ord17
ImageList_AddMasked
ImageList_GetImageCount
ImageList_Destroy
ImageList_Create
PropertySheetW

comdlg32

GetOpenFileNameW
CommDlgExtendedError

gdi32

DeleteObject

oleaut32

SysStringByteLen
SysAllocString
VariantCopy
VariantClear
SysAllocStringLen
SysStringLen
SysFreeString

ole32

CoUninitialize
ReleaseStgMedium
CoTaskMemAlloc
CoTaskMemFree
RegisterDragDrop
RevokeDragDrop
OleUninitialize
OleInitialize
DoDragDrop
CoCreateInstance
CoInitialize

user32

SetDlgItemTextW
CharUpperW
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
GetMenuItemInfoW
SetMenuItemInfoW
InsertMenuItemW
LoadStringW
SendMessageW
GetWindowTextLengthW
GetWindowTextW
GetParent
GetWindowRect
ScreenToClient
MoveWindow
ShowWindow
SetWindowLongPtrW
GetWindowLongPtrW
GetDlgItem
MapDialogRect
SystemParametersInfoW
GetMonitorInfoA
MonitorFromWindow
GetDialogBaseUnits
DialogBoxParamW
DestroyIcon
SetCursor
KillTimer
ClientToScreen
GetMenuItemCount
GetCursorPos
TrackPopupMenuEx
RegisterClipboardFormatW
ChildWindowFromPointEx
WindowFromPoint
IsWindowEnabled
MapVirtualKeyW
SetTimer
UpdateWindow
GetMenu
LoadMenuW
SetMenu
DrawMenuBar
EnableMenuItem
CheckMenuItem
CheckMenuRadioItem
RemoveMenu
AppendMenuW
GetSubMenu
CheckRadioButton
IsDlgButtonChecked
CheckDlgButton
LoadAcceleratorsW
GetMessageW
TranslateAcceleratorW
TranslateMessage
CreateWindowExW
LoadIconW
ReleaseCapture
SetCapture
GetCapture
IsZoomed
GetClientRect
PostQuitMessage
GetWindowPlacement
SetWindowPlacement
GetFocus
DispatchMessageW
GetKeyState
PostMessageW
InvalidateRect
EndDialog
EnableWindow
SetFocus
DestroyWindow
SetWindowTextW
LoadBitmapW
DestroyMenu
CreatePopupMenu
MessageBoxW
GetClassInfoW
LoadCursorW
RegisterClassW
DefWindowProcW
CallWindowProcW

advapi32

LsaAddAccountRights
LookupAccountNameW
LsaOpenPolicy
GetUserNameW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegOpenKeyExA
RegQueryValueExA
GetFileSecurityW
SetFileSecurityW
RegEnumKeyExW
RegOpenKeyExW
RegCreateKeyExW
RegQueryValueExW
RegSetValueExW
LsaClose

shell32

DragQueryFileW
SHGetSpecialFolderLocation
SHChangeNotify
SHFileOperationW
SHGetDesktopFolder
ShellExecuteExW
SHGetFileInfoW
SHBrowseForFolderW
SHGetMalloc
ExtractIconExW
SHGetPathFromIDListW
ShellExecuteW
DragFinish

msvcrt

__set_app_type
_fmode
_commode
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_cexit
_exit
_c_exit
_XcptFilter
__dllonexit
?terminate@@YAXXZ
??1type_info@@UEAA@XZ
__C_specific_handler
_beginthreadex
wcscat
memcmp
_purecall
strlen
wcslen
memset
rand
free
_onexit
malloc
memcpy
_CxxThrowException
__CxxFrameHandler
memmove
strcmp
wcscmp
wcsstr
srand

kernel32

ExpandEnvironmentStringsW
SetPriorityClass
Sleep
OpenProcess
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GlobalSize
GetSystemDefaultLangID
GetUserDefaultLangID
CopyFileW
GetCompressedFileSizeW
FindNextChangeNotification
GetCommandLineW
GetVersionExW
OutputDebugStringW
AreFileApisANSI
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
WaitForMultipleObjects
CreateEventW
WaitForSingleObject
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetStdHandle
GetSystemTimeAsFileTime
FileTimeToDosDateTime
GlobalMemoryStatusEx
lstrlenW
FileTimeToLocalFileTime
FileTimeToSystemTime
CompareFileTime
CreateProcessW
GetCurrentProcess
GlobalFree
GlobalAlloc
SetEndOfFile
WriteFile
ReadFile
SetFilePointer
GetFileSize
DeviceIoControl
GetLogicalDriveStringsW
FindFirstChangeNotificationW
FindCloseChangeNotification
GetFileAttributesW
VirtualAlloc
FindNextFileW
FindFirstFileW
FindClose
GetFileInformationByHandle
GetCurrentThreadId
GetCurrentProcessId
SetLastError
GetTempPathW
GetCurrentDirectoryW
DeleteFileW
CreateDirectoryW
MoveFileW
RemoveDirectoryW
SetFileAttributesW
CreateFileW
SetFileTime
CloseHandle
GetWindowsDirectoryW
FormatMessageW
LocalFree
GetModuleFileNameW
LoadLibraryW
LoadLibraryExW
FreeLibrary
GlobalUnlock
GlobalLock
GetProcessHeap
HeapAlloc
HeapFree
GetModuleHandleW
GetProcAddress
GetDiskFreeSpaceW
GetDriveTypeW
GetVolumeInformationW
WideCharToMultiByte
MultiByteToWideChar
GetLastError
SetEvent
InitializeCriticalSection
LoadLibraryA
LocalAlloc
RaiseException
GetStartupInfoA
QueryPerformanceCounter
TerminateProcess
UnhandledExceptionFilter
GetModuleHandleA
VirtualFree
SetUnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
GetTickCount
RtlCaptureContext

Sections

.text
Size: 597KB - Virtual size: 596KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 225KB - Virtual size: 225KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3b2ad7c424fbd96489e02fa44b3d6025

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

comdlg32

gdi32

oleaut32

ole32

user32

advapi32

shell32

msvcrt

kernel32

Sections

.text Size: 597KB - Virtual size: 596KB

.rdata Size: 225KB - Virtual size: 225KB

.data Size: 512B - Virtual size: 4KB

.pdata Size: 56KB - Virtual size: 55KB

.rsrc Size: 48KB - Virtual size: 47KB

.reloc Size: 7KB - Virtual size: 6KB

.text
Size: 597KB - Virtual size: 596KB

.rdata
Size: 225KB - Virtual size: 225KB

.data
Size: 512B - Virtual size: 4KB

.pdata
Size: 56KB - Virtual size: 55KB

.rsrc
Size: 48KB - Virtual size: 47KB

.reloc
Size: 7KB - Virtual size: 6KB