07382799[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

07382799.exe
Size

280KB
MD5

edd7a751b4676dcd2065d7d44dd4c902
SHA1

402314bcc3b1841509e2e357023b688697b04e62
SHA256

5bc2d85780a31474c02e92a9a5ea73a82c8eeafe483197cddf1d2ffee473266b
SHA512

d38eb6b5bbda2ae05bbfb7d81a3de16075e7720b623418e0a3ef4f5d63487cb77f59ed8ccc3ba5dfbd7d01877d0d24d5b46a5bda64f1d7d5686ed167d2a54667
SSDEEP

1536:Gt1O18Sx/hizKBQPl5SSZGKwnGyf6U9CDoflCZqXhi:+O18Sx5i2PEVIGyf6yCDodCZa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07382799.exe

Files

07382799.exe
.exe windows x86

30917b9b1ceb611d8d31e9fba9e6682b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ddraw

DirectDrawCreate

user32

MoveWindow
LoadImageA
SetTimer
KillTimer
GetDC
ReleaseDC
SetCursor
GetDlgItemTextA
SetDlgItemTextA
EndDialog
GetDlgItemInt
SetDlgItemInt
BeginPaint
EndPaint
GetClientRect
ClientToScreen
SetRect
AdjustWindowRect
GetWindowRect
LoadIconA
LoadCursorA
RegisterClassExA
CreateWindowExA
GetMenu
PostQuitMessage
InvalidateRect
CheckMenuRadioItem
DialogBoxParamA
CheckMenuItem
DefWindowProcA
MessageBoxA
LoadAcceleratorsA
ShowWindow
UpdateWindow
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA

gdi32

CreateCompatibleDC
BitBlt
DeleteDC
CreateFontA
SetTextColor
SetBkMode
SelectObject
TextOutA
DeleteObject
GetStockObject

advapi32

RegOpenKeyExA
RegSetValueExA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA

shell32

ShellExecuteA

kernel32

GetACP
GetLastError
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadWritePtr
HeapReAlloc
VirtualAlloc
WriteFile
CompareStringA
GetCPInfo
SetFilePointer
CloseHandle
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
GetCurrentProcess
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetOEMCP
SetStdHandle
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
FlushFileBuffers
HeapDestroy
GetFileType
CompareStringW
SetEnvironmentVariableA
VirtualFree
HeapCreate
FreeEnvironmentStringsW
GetModuleHandleA
GetProcAddress
LoadLibraryA
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
HeapAlloc
TerminateProcess

Sections

.text
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 212KB - Virtual size: 212KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

30917b9b1ceb611d8d31e9fba9e6682b

Headers

File Characteristics

Imports

ddraw

user32

gdi32

advapi32

shell32

kernel32

Sections

.text Size: 52KB - Virtual size: 49KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 9KB

.rsrc Size: 212KB - Virtual size: 212KB

.text
Size: 52KB - Virtual size: 49KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 9KB

.rsrc
Size: 212KB - Virtual size: 212KB