7bfe261d3e7f2713fc96fc7300f33bb33669e470f4c4fcfbc2f362d70d2bc44e

Sharing

Copy URL Twitter E-mail

General

Target

7bfe261d3e7f2713fc96fc7300f33bb33669e470f4c4fcfbc2f362d70d2bc44e
Size

4.5MB
MD5

4414e77b80e1f04ebe6401ae98217462
SHA1

d86a8c536a03f95867c59b311923067206edf0e8
SHA256

7bfe261d3e7f2713fc96fc7300f33bb33669e470f4c4fcfbc2f362d70d2bc44e
SHA512

b30aec61161382d9b94ec54397224c85acd7cce496f5c90f84667bacb3a747678d8839834aa303ea1e51069ac296be0f992da58e482620d975c1f599990c1495
SSDEEP

98304:RdN24l6IX0Lhwamr93Xw5pHj50nCZQoIFZlzv2XO/:d4CchcX1FZlzv2X0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7bfe261d3e7f2713fc96fc7300f33bb33669e470f4c4fcfbc2f362d70d2bc44e

Files

7bfe261d3e7f2713fc96fc7300f33bb33669e470f4c4fcfbc2f362d70d2bc44e
.exe windows x86

9bcaff057794c5d4f4418c7d8dff523c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiGetDeviceInterfaceDetailA
SetupDiGetClassDevsA
SetupDiGetDevicePropertyW
SetupDiEnumDeviceInterfaces
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList

hid

HidD_GetHidGuid
HidD_GetAttributes
HidD_GetPreparsedData
HidP_GetCaps
HidD_GetSerialNumberString

d3d11

D3D11CreateDevice

kernel32

SearchPathA
GetTickCount64
GetProfileIntA
GetTempFileNameA
GetUserDefaultLCID
WaitForSingleObjectEx
IsProcessorFeaturePresent
UnhandledExceptionFilter
TerminateProcess
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
CreateProcessW
GetExitCodeProcess
GetFileAttributesExW
EnumSystemLocalesW
IsValidLocale
LCMapStringW
CompareStringW
SetFilePointerEx
GetConsoleOutputCP
ReadConsoleW
SetStdHandle
HeapQueryInformation
MoveFileExW
DeleteFileW
GetTimeZoneInformation
PeekNamedPipe
GetFileType
GetFileInformationByHandle
CreateFileW
FreeLibraryAndExitThread
GetUserDefaultUILanguage
GetModuleHandleExW
GetCommandLineW
GetTempPathA
VirtualQuery
VirtualAlloc
GetSystemInfo
RtlUnwind
GetStringTypeW
LCMapStringEx
SleepConditionVariableSRW
WakeAllConditionVariable
WakeConditionVariable
InitializeConditionVariable
QueryPerformanceFrequency
TryAcquireSRWLockExclusive
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
RaiseException
OutputDebugStringW
GetWindowsDirectoryA
FindResourceExW
SetErrorMode
GetCommandLineA
GetSystemDefaultUILanguage
GetLocaleInfoW
lstrcmpiA
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
FindClose
GetFileTime
GetACP
GetFileSizeEx
GetFileAttributesExA
FileTimeToLocalFileTime
VerifyVersionInfoA
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GlobalFlags
GetVersionExA
lstrcmpA
CompareStringA
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
lstrcmpW
GlobalDeleteAtom
GetSystemDirectoryW
EncodePointer
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
LocalAlloc
LoadLibraryExW
GetModuleFileNameW
SetLastError
GlobalSize
GetThreadPriority
SetThreadPriority
GetCurrentThread
FreeLibrary
GetProcessAffinityMask
GetModuleHandleW
CreateSemaphoreW
CreateEventW
ReleaseSemaphore
WriteConsoleW
GetConsoleMode
CopyFileA
GetVolumeInformationA
GetDriveTypeA
GetLogicalDriveStringsA
SetEnvironmentVariableA
GetModuleFileNameA
CreateProcessA
GetStartupInfoA
SuspendThread
SetConsoleTitleA
SetCurrentConsoleFontEx
GetCurrentConsoleFont
GetStdHandle
AllocConsole
GetSystemTime
DeviceIoControl
SetFileAttributesA
GetFileAttributesA
DeleteFileA
GetModuleHandleA
GetSystemDefaultLangID
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
LoadLibraryW
MulDiv
GlobalFree
GlobalLock
GlobalAlloc
ExitProcess
WriteProcessMemory
VirtualProtect
GetProcAddress
LoadLibraryA
GetCurrentProcess
SetUnhandledExceptionFilter
CreateThread
FormatMessageA
GetCurrentProcessId
LocalFree
GetLocalTime
GetCurrentThreadId
ReadFile
WriteFile
CreateFileA
CloseHandle
GetOverlappedResult
GetProcessHeap
DecodePointer
HeapAlloc
HeapReAlloc
FreeEnvironmentStringsW
HeapSize
OutputDebugStringA
HeapFree
FindNextFileA
FindFirstFileA
GlobalUnlock
FindResourceA
CreateDirectoryA
ResumeThread
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
InitializeCriticalSectionEx
EnterCriticalSection
LeaveCriticalSection
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
GetLastError
CreateEventA
CreateMutexA
ResetEvent
ReleaseMutex
SetEvent
Sleep
WaitForSingleObject
SetEnvironmentVariableW
GetCurrentDirectoryA
lstrcpyA
VerSetConditionMask
GetCPInfo
GetOEMCP
GetCurrentDirectoryW
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetEnvironmentStringsW
ExitThread

user32

IsZoomed
SystemParametersInfoA
GetMenuItemInfoA
DestroyMenu
GetSystemMetrics
NotifyWinEvent
SetWindowRgn
DestroyAcceleratorTable
MapVirtualKeyA
GetKeyNameTextA
SetRectEmpty
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
DrawStateA
SetMenuItemInfoA
GetMenuCheckMarkDimensions
IsDialogMessageA
SetWindowTextA
SendDlgItemMessageA
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconW
GetTopWindow
GetClassNameA
GetClassLongA
SetWindowLongA
EqualRect
CopyRect
MapWindowPoints
AdjustWindowRectEx
GetWindowTextLengthA
GetWindowTextA
RemovePropA
BringWindowToTop
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
GetForegroundWindow
SetActiveWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetFocus
SetFocus
GetDlgCtrlID
GetDlgItem
IsIconic
EndDeferWindowPos
DeferWindowPos
SetMenuDefaultItem
IsRectEmpty
UpdateLayeredWindow
EnableScrollBar
UnionRect
LoadImageW
WaitMessage
ReleaseCapture
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsMenu
IsWindow
CreateWindowExA
GetClassInfoExA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
CreatePopupMenu
InsertMenuItemA
SetCursor
DestroyIcon
LoadImageA
UnpackDDElParam
ReuseDDElParam
SetCapture
GetSystemMenu
DeleteMenu
MonitorFromPoint
PostQuitMessage
MessageBeep
GetMenuDefaultItem
GetDesktopWindow
UnhookWindowsHookEx
CallNextHookEx
ShowOwnedPopups
RealChildWindowFromPoint
GetSysColorBrush
CharUpperA
CopyImage
MapDialogRect
SetLayeredWindowAttributes
LoadCursorW
EnumDisplayMonitors
TrackMouseEvent
GetPropA
CopyAcceleratorTableA
GetDC
ReleaseDC
GetCursorInfo
GetIconInfo
DestroyCursor
UnregisterClassA
EnableWindow
SetRect
GetClientRect
InvalidateRect
InflateRect
PtInRect
OffsetRect
GetWindowRect
GetParent
ScreenToClient
GetAsyncKeyState
SetTimer
KillTimer
SendMessageA
IntersectRect
RedrawWindow
GetWindow
LoadCursorA
FillRect
ClientToScreen
WindowFromPoint
GetSysColor
EnumDisplayDevicesA
EnumDisplaySettingsExA
ChangeDisplaySettingsExA
SetDisplayConfig
DisplayConfigSetDeviceInfo
QueryDisplayConfig
GetMenuItemID
ModifyMenuA
GetSubMenu
LoadMenuW
LoadBitmapW
SetMenuItemBitmaps
RemoveMenu
CheckMenuItem
LoadIconA
SetForegroundWindow
GetCursorPos
RegisterHotKey
GetClassInfoA
PostMessageA
FindWindowA
EnableMenuItem
IsWindowVisible
UpdateWindow
DrawTextA
DrawTextExA
GrayStringA
TabbedTextOutA
GetWindowDC
BeginPaint
EndPaint
SubtractRect
IsWindowEnabled
MessageBoxA
GetWindowLongA
GetWindowThreadProcessId
GetLastActivePopup
GetMenuStringA
GetMenuState
GetMenuItemCount
InsertMenuA
AppendMenuA
GetMessageA
TranslateMessage
DispatchMessageA
PeekMessageA
GetActiveWindow
GetKeyState
ValidateRect
SetWindowsHookExA
LockWindowUpdate
SetParent
DrawEdge
DrawFrameControl
DrawFocusRect
DrawIconEx
IsClipboardFormatAvailable
GetKeyboardLayout
GetKeyboardState
ToAsciiEx
LoadAcceleratorsW
CreateAcceleratorTableA
CharUpperBuffA
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
SetClassLongA
SetCursorPos
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
PostThreadMessageA
EnumChildWindows
RegisterClipboardFormatA
CopyIcon
FrameRect
GetNextDlgGroupItem
HideCaret
InvertRect
DrawIcon
CreateMenu
GetWindowRgn
GetUpdateRect
MapVirtualKeyExA
IsCharLowerA
GetComboBoxInfo
GetDoubleClickTime
IsChild

gdi32

CreateCompatibleBitmap
CreateFontA
SetDIBColorTable
GetDIBColorTable
GetPixel
GetTextMetricsA
GetTextColor
GetBkColor
CreateRectRgnIndirect
FillRgn
FrameRgn
CreateRoundRectRgn
GetTextExtentPoint32A
CreateHatchBrush
CreatePen
CreatePatternBrush
CreateRectRgn
CreateSolidBrush
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
MoveToEx
TextOutA
Rectangle
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CopyMetaFileA
CombineRgn
CreateFontIndirectA
PatBlt
SetRectRgn
DPtoLP
GetCharWidthA
StretchDIBits
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
GetRgnBox
OffsetRgn
SetPixel
EnumFontFamiliesExA
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
LPtoDP
GetWindowOrgEx
GetBoundsRect
PtInRegion
GetViewportOrgEx
ExtFloodFill
SetPaletteEntries
RoundRect
GetTextFaceA
SetPixelV
GetDIBits
RealizePalette
SelectPalette
GetStockObject
GetDeviceCaps
CreateDCA
CreateBitmap
GetBitmapBits
SetBrushOrgEx
StretchBlt
DeleteDC
BitBlt
SetStretchBltMode
SelectObject
CreateCompatibleDC
DeleteObject
CreateDIBSection
ExtTextOutA
GetViewportExtEx
GetObjectA

msimg32

AlphaBlend
TransparentBlt

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegEnumKeyA
RegOpenKeyExA
RegQueryValueExA
RegEnumValueA
RegEnumKeyExA
RegQueryValueA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA

shell32

SHGetSpecialFolderPathA
SHCreateDirectoryExA
Shell_NotifyIconA
Shell_NotifyIconGetRect
DragQueryFileA
DragFinish
SHAppBarMessage
SHGetFileInfoA
SHGetMalloc
SHGetPathFromIDListA
ShellExecuteA
SHGetDesktopFolder
SHBrowseForFolderA
SHGetSpecialFolderLocation

comctl32

InitCommonControlsEx
_TrackMouseEvent

shlwapi

ord12
PathFileExistsA
UrlUnescapeA
PathFindFileNameA
PathIsUNCA
PathStripToRootA
StrFormatKBSizeA
PathRemoveFileSpecW
PathFindExtensionA

uxtheme

IsAppThemed
DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
GetWindowTheme
GetThemeSysColor

ole32

RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
DoDragDrop
OleLockRunning
CoDisconnectObject
CoInitialize
CoCreateGuid
ReleaseStgMedium
OleDuplicateData
CoTaskMemAlloc
CreateStreamOnHGlobal
CoUninitialize
CoTaskMemFree
CoCreateInstance
CoInitializeEx
OleGetClipboard

oleaut32

VariantTimeToSystemTime
SystemTimeToVariantTime
LoadTypeLi
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysAllocStringByteLen
SysFreeString
VarBstrFromDate
SysAllocString
SysStringLen
VariantCopy

gdiplus

GdipCreateBitmapFromStream
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDrawImageI
GdipReleaseDC
GdipDrawImageRectI
GdipDeleteGraphics
GdipCreateFromHDC
GdipSetInterpolationMode
GdipGetImageHeight
GdipGetImageWidth
GdipLoadImageFromStream
GdiplusStartup
GdipCreateBitmapFromScan0
GdipCreateBitmapFromHBITMAP
GdiplusShutdown
GdipDisposeImage
GdipFree
GdipAlloc
GdipCloneImage
GdipDeleteStringFormat
GdipCreateStringFormat

urlmon

URLDownloadToFileA

dbghelp

MakeSureDirectoryPathExists
MiniDumpWriteDump

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

ws2_32

listen
accept
closesocket
connect
recv
bind
WSAStartup
setsockopt
htons
inet_addr
socket
send

wininet

HttpSendRequestA
HttpAddRequestHeadersA
HttpOpenRequestA
InternetSetStatusCallback
InternetGetLastResponseInfoA
InternetQueryDataAvailable
InternetWriteFile
InternetSetFilePointer
InternetReadFile
InternetConnectA
InternetCloseHandle
InternetOpenA
InternetCanonicalizeUrlA
InternetCrackUrlA
InternetGetConnectedState
HttpQueryInfoA

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundA

Sections

.text
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 616KB - Virtual size: 615KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 600KB - Virtual size: 600KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 179KB - Virtual size: 178KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9bcaff057794c5d4f4418c7d8dff523c

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

hid

d3d11

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

urlmon

dbghelp

version

ws2_32

wininet

oleacc

imm32

winmm

Sections

.text Size: 3.1MB - Virtual size: 3.1MB

.rdata Size: 616KB - Virtual size: 615KB

.data Size: 30KB - Virtual size: 1.6MB

.rsrc Size: 600KB - Virtual size: 600KB

.reloc Size: 179KB - Virtual size: 178KB

.text
Size: 3.1MB - Virtual size: 3.1MB

.rdata
Size: 616KB - Virtual size: 615KB

.data
Size: 30KB - Virtual size: 1.6MB

.rsrc
Size: 600KB - Virtual size: 600KB

.reloc
Size: 179KB - Virtual size: 178KB