7f886dbbff4d49c4fa19e9ffa30a853591adf24a13b153739b133567dbccd436

Sharing

Copy URL Twitter E-mail

General

Target

7f886dbbff4d49c4fa19e9ffa30a853591adf24a13b153739b133567dbccd436
Size

1.6MB
MD5

e004edf80d1b13ac72441d57426f6062
SHA1

f4429483caaefaac1e9e1efe9f6eb146f47e57c5
SHA256

7f886dbbff4d49c4fa19e9ffa30a853591adf24a13b153739b133567dbccd436
SHA512

7890d29a4124f27860dd2641e47ac865a811ad44b671f9f218a372fedf5f775bb091bf2da73bf84483319c3fc601ad482e315e87c4d93be4f53292bf0c624e42
SSDEEP

24576:i9uSNhNvULeti5//yrwfRiTxqaAyk7V5jM7g66Rku2ur5dSMbP9zrwocFFzwfsgr:ocN/yrSuqa0J51B2KblzfcLSsgr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7f886dbbff4d49c4fa19e9ffa30a853591adf24a13b153739b133567dbccd436

Files

7f886dbbff4d49c4fa19e9ffa30a853591adf24a13b153739b133567dbccd436
.exe windows x86

a691276c66dddad904babeada255ae56

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEvent
TerminateThread
WaitForSingleObjectEx
FileTimeToLocalFileTime
FileTimeToSystemTime
SystemTimeToFileTime
MulDiv
InitializeCriticalSectionEx
FreeResource
GetACP
ExitProcess
GetFileType
DosDateTimeToFileTime
GetCommandLineW
GetDiskFreeSpaceExW
WriteConsoleW
HeapSize
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
FindFirstFileExW
HeapReAlloc
GetTimeZoneInformation
ReadConsoleW
GetConsoleMode
GetConsoleOutputCP
EnumSystemLocalesW
GetLocaleInfoW
LCMapStringW
CompareStringW
FreeLibraryAndExitThread
ExitThread
CreateThread
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
RaiseException
RtlUnwind
InitializeSListHead
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
ResetEvent
InitializeCriticalSectionAndSpinCount
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStdHandle
GetModuleHandleA
SetLastError
GetCPInfo
LCMapStringEx
DecodePointer
EncodePointer
GetStringTypeW
GetSystemTimeAsFileTime
CreateEventW
DuplicateHandle
GetModuleHandleExW
ExpandEnvironmentStringsW
IsValidCodePage
IsValidLocale
GetUserDefaultLCID
TerminateProcess
GetCurrentProcessId
CreateProcessW
GetExitCodeProcess
WaitForSingleObject
CreateMutexA
LocalAlloc
FormatMessageA
GetLocalTime
SetFilePointer
MultiByteToWideChar
GetVersionExW
FindResourceExW
LoadLibraryExW
EnumResourceLanguagesW
GetSystemDefaultLangID
GlobalUnlock
GlobalLock
GlobalAlloc
WideCharToMultiByte
InitializeCriticalSection
SizeofResource
LoadResource
LockResource
FindResourceW
HeapFree
GetProcessHeap
HeapAlloc
FlushFileBuffers
MoveFileW
DeleteFileW
MoveFileExW
VirtualFree
VirtualAlloc
GetFileSize
GetFileAttributesW
SetFileAttributesW
RemoveDirectoryW
CreateDirectoryW
ReadFile
GetFileSizeEx
WriteFile
SetFilePointerEx
GetModuleHandleW
CreateFileW
LocalFree
GetModuleFileNameW
GetCurrentThreadId
GetCurrentDirectoryW
CloseHandle
GetLastError
GetCurrentProcess
FreeLibrary
GetProcAddress
LoadLibraryW
FindNextFileW
FindClose
FindFirstFileW
LeaveCriticalSection
Sleep
TryEnterCriticalSection
GetTickCount
EnterCriticalSection
DeleteCriticalSection

user32

GetCaretBlinkTime
GetUpdateRect
SetTimer
UpdateLayeredWindow
DestroyWindow
GetDC
DrawTextW
SetRect
CharPrevW
GetWindowRgn
OffsetRect
KillTimer
IsRectEmpty
UnionRect
ReleaseDC
InflateRect
ReleaseCapture
FillRect
InvalidateRect
InvalidateRgn
DefWindowProcW
GetClientRect
CreateAcceleratorTableW
BeginPaint
EndPaint
ShowWindow
MoveWindow
IntersectRect
PtInRect
SetCursor
LoadCursorW
CharNextW
MapWindowPoints
GetMonitorInfoW
MonitorFromWindow
GetParent
SendMessageW
GetCursorPos
ScreenToClient
SetFocus
FindWindowW
IsWindow
GetWindowRect
SetWindowTextW
EnableWindow
GetWindowLongW
SetWindowLongW
GetWindowTextLengthW
GetWindowTextW
SetWindowPos
GetFocus
GetPropW
SetPropW
CallWindowProcW
RegisterClassExW
SetForegroundWindow
IsIconic
SetWindowRgn
PostMessageW
IsZoomed
MessageBoxW
BringWindowToTop
SetCapture
GetClassInfoExW
RegisterClassW
GetSystemMetrics
LoadImageW
PostQuitMessage
DispatchMessageW
TranslateMessage
GetMessageW
GetWindow
CreateWindowExW
GetCaretPos
GetKeyState
GetSysColor
ClientToScreen
SetCaretPos
HideCaret
ShowCaret
CreateCaret

gdi32

RestoreDC
SaveDC
SelectObject
CreateDIBSection
CreateCompatibleDC
DeleteDC
CreatePen
CreateFontIndirectW
GetStockObject
GetObjectW
CreateRoundRectRgn
CreateSolidBrush
SetTextColor
SetBkMode
DeleteObject
GetDeviceCaps
CreateCompatibleBitmap
BitBlt
SelectClipRgn
GetClipBox
CreateRectRgnIndirect
ExtSelectClipRgn
CombineRgn
StretchBlt
SetStretchBltMode
CreatePenIndirect
MoveToEx
Rectangle
RoundRect
GetObjectA
SetBkColor
GetCharABCWidthsW
GetTextExtentPoint32W
TextOutW
CreateRectRgn
PtInRegion
LineTo
GetTextMetricsW

advapi32

RegQueryValueExW
RegCloseKey
RegOpenKeyExW
RegCreateKeyExW
IsValidSid
ConvertStringSidToSidW
ControlService
CloseServiceHandle
QueryServiceStatus
OpenServiceW
OpenSCManagerW
GetLengthSid
SetSecurityDescriptorDacl
AddAccessAllowedAce
InitializeAcl
InitializeSecurityDescriptor
RegSetValueExW

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetSpecialFolderPathW
CommandLineToArgvW

ole32

CoInitialize
CoTaskMemFree
CreateStreamOnHGlobal
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CoUninitialize
OleLockRunning

oleaut32

VariantClear
VariantInit
SysFreeString
SysAllocString

shlwapi

PathRemoveFileSpecW
PathFileExistsW
PathFindFileNameW

gdiplus

GdipDrawString
GdipMeasureString
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipSetStringFormatTrimming
GdipDeleteStringFormat
GdipStringFormatGetGenericTypographic
GdipCloneStringFormat
GdipDeleteFont
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipSetTextRenderingHint
GdipFillRectangleI
GdipDeleteBrush
GdipCreateSolidFill
GdiplusShutdown
GdiplusStartup
GdipLoadImageFromStream
GdipImageGetFrameDimensionsCount
GdipDrawImageRectI
GdipDeleteGraphics
GdipCreateFromHDC
GdipCloneImage
GdipAlloc
GdipDisposeImage
GdipFree
GdipGetImageHeight
GdipGetImageWidth
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageSelectActiveFrame

imm32

ImmSetCompositionWindow
ImmReleaseContext
ImmGetContext

comctl32

_TrackMouseEvent
ord17

Sections

.text
Size: 497KB - Virtual size: 496KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 998KB - Virtual size: 997KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a691276c66dddad904babeada255ae56

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

gdiplus

imm32

comctl32

Sections

.text Size: 497KB - Virtual size: 496KB

.rdata Size: 118KB - Virtual size: 118KB

.data Size: 8KB - Virtual size: 13KB

.rsrc Size: 998KB - Virtual size: 997KB

.reloc Size: 26KB - Virtual size: 26KB

.text
Size: 497KB - Virtual size: 496KB

.rdata
Size: 118KB - Virtual size: 118KB

.data
Size: 8KB - Virtual size: 13KB

.rsrc
Size: 998KB - Virtual size: 997KB

.reloc
Size: 26KB - Virtual size: 26KB