7f9287588440314fadee3c57d88ff96ab2ae25a618c9c921520b1154adc21e80

Sharing

Copy URL Twitter E-mail

General

Target

7f9287588440314fadee3c57d88ff96ab2ae25a618c9c921520b1154adc21e80
Size

268KB
MD5

035dad0d0feb929738bbcec0d86a10ff
SHA1

e7b27c7d5da535bfb2aac604a2d283a250114355
SHA256

7f9287588440314fadee3c57d88ff96ab2ae25a618c9c921520b1154adc21e80
SHA512

a65a067ef7ae0d12e8c69bb7cef3f990c7566ae82de47362b513617ee2ab26fd6f83905c465a8fcd76dbc0ee2d0de232bd767cc8084baa87694a9b621d5dabdf
SSDEEP

6144:OrpSqkKbBdglHu3jnEXCy0G8oRi9tK1c4Cgh+RsQ:opSqvbTwwGi9tUc4CRR5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7f9287588440314fadee3c57d88ff96ab2ae25a618c9c921520b1154adc21e80

Files

7f9287588440314fadee3c57d88ff96ab2ae25a618c9c921520b1154adc21e80
.exe windows x86

7a426673af9cbbcc3ce56f9ae6893a67

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
MoveFileExA
Sleep
WideCharToMultiByte
MultiByteToWideChar
FormatMessageW
GetLastError
SetLastError
SleepEx
WaitForSingleObject
GetProcAddress
VerSetConditionMask
VerifyVersionInfoW
SetEnvironmentVariableA
CompareStringW
CreateFileW
GetDriveTypeW
GetStringTypeW
LCMapStringW
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
GetTickCount
QueryPerformanceCounter
FindClose
CloseHandle
WriteConsoleW
LoadLibraryW
HeapSize
GetTimeZoneInformation
RtlUnwind
GetCurrentDirectoryW
PeekNamedPipe
GetFileInformationByHandle
GetFullPathNameA
GetProcessHeap
SetEndOfFile
SetStdHandle
FlushFileBuffers
IsProcessorFeaturePresent
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
SetFilePointer
GetConsoleMode
GetConsoleCP
ReadFile
GetCurrentProcessId
HeapCreate
InterlockedDecrement
InterlockedIncrement
GetCommandLineA
HeapSetInformation
GetStartupInfoW
HeapFree
HeapAlloc
HeapReAlloc
GetSystemTimeAsFileTime
GetFileType
CreateFileA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileExA
GetFileAttributesA
ExitThread
GetCurrentThreadId
CreateThread
GetTimeFormatA
GetDateFormatA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
DecodePointer
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
DeleteFileA

user32

DispatchMessageA
DefWindowProcA
CreateWindowExA
RemoveClipboardFormatListener
SetWindowLongA
TranslateMessage
SetTimer
GetMessageA
AddClipboardFormatListener

advapi32

CryptEncrypt
CryptImportKey
CryptHashData
CryptDestroyHash
CryptCreateHash
CryptGetHashParam
CryptGenRandom
CryptAcquireContextA
CryptReleaseContext
CryptDestroyKey

ws2_32

socket
WSAIoctl
setsockopt
select
__WSAFDIsSet
htonl
htons
WSAGetLastError
closesocket
bind
WSASetLastError
WSACloseEvent
send
getsockopt
WSAStartup
recv
getsockname
connect
getpeername
accept
listen
freeaddrinfo
getaddrinfo
ioctlsocket
ntohs

Sections

.text
Size: 215KB - Virtual size: 215KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7a426673af9cbbcc3ce56f9ae6893a67

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

Sections

.text Size: 215KB - Virtual size: 215KB

.rdata Size: 33KB - Virtual size: 32KB

.data Size: 6KB - Virtual size: 13KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 12KB - Virtual size: 12KB

.text
Size: 215KB - Virtual size: 215KB

.rdata
Size: 33KB - Virtual size: 32KB

.data
Size: 6KB - Virtual size: 13KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 12KB - Virtual size: 12KB