7c6a5aea04e048bf381da0f3a796d59834f00b4a23397cff4a1d6e7a0cb7f1f8

Sharing

Copy URL Twitter E-mail

General

Target

7c6a5aea04e048bf381da0f3a796d59834f00b4a23397cff4a1d6e7a0cb7f1f8
Size

343KB
MD5

b46d2da008fd3e6e21c337fe78a4e2e9
SHA1

aaae2f76c7916d838093b3a14a3d5d7085d5c953
SHA256

7c6a5aea04e048bf381da0f3a796d59834f00b4a23397cff4a1d6e7a0cb7f1f8
SHA512

dc6d500f480453ecfd6cfe5928fa82dbbec758e3894516fee4e395e8629a954ae48f816392419c007ed578d5a22c61c3687068313d0fd3caa04322e441d978a3
SSDEEP

6144:P9frkhIF5I3UNLE/X8x8kdalZTWE4uEYKudui/tdkzw3zAOFGuWQB:PFrUIc0aWE4u13d3tnzzWQB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7c6a5aea04e048bf381da0f3a796d59834f00b4a23397cff4a1d6e7a0cb7f1f8

Files

7c6a5aea04e048bf381da0f3a796d59834f00b4a23397cff4a1d6e7a0cb7f1f8
.exe windows:5 windows x86

ffabc5d390c8cf9346561e70ace1f761

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
ResetEvent
WaitForSingleObjectEx
CreateEventW
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
GetCurrentDirectoryW
CreateFileW
GetConsoleCP
SetStdHandle
SetEnvironmentVariableA
GetEnvironmentStringsW
IsValidCodePage
FindNextFileA
FindFirstFileExA
GetDriveTypeW
GetFileAttributesExW
CreateDirectoryW
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetStringTypeW
GetFileType
LCMapStringW
GetStdHandle
ExitProcess
GetCommandLineW
GetModuleHandleExW
HeapQueryInformation
RtlUnwind
OutputDebugStringW
GetCurrentProcess
WriteFile
SetEndOfFile
ReadFile
GetFullPathNameA
FlushFileBuffers
FindClose
GetCPInfo
GetOEMCP
CompareStringW
SetEvent
GlobalFlags
GetCurrentProcessId
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
CompareStringA
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
LoadLibraryA
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
FreeLibrary
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
FormatMessageA
LocalFree
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
LoadLibraryW
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
SetLastError
OutputDebugStringA
GetACP
lstrcpyA
lstrcmpA
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
InitializeCriticalSectionAndSpinCount
HeapFree
lstrlenA
CopyFileA
DeleteFileA
MultiByteToWideChar
GetFileAttributesA
GetModuleFileNameA
CloseHandle
GetLastError
CreateMutexA
WriteConsoleW
GetCommandLineA
FindResourceW
LoadResource
LockResource
SizeofResource
FreeEnvironmentStringsW
WideCharToMultiByte

user32

ClientToScreen
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
GetWindowThreadProcessId
LoadCursorA
GetSysColorBrush
ReleaseDC
GetDC
GetSystemMetrics
SetWindowTextA
IsWindowEnabled
GetMonitorInfoA
MonitorFromWindow
WinHelpA
LoadIconW
LoadIconA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetLastActivePopup
GetTopWindow
GetClassNameA
GetClassLongA
SetWindowLongA
PtInRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
MessageBoxA
AdjustWindowRectEx
GetWindowRect
RemovePropA
GetPropA
SetPropA
GetMenuCheckMarkDimensions
RedrawWindow
ValidateRect
EndPaint
GetClientRect
SetRectEmpty
BeginPaint
SetForegroundWindow
GetForegroundWindow
SetMenu
GetMenu
EnableWindow
GetCapture
GetKeyState
GetFocus
GetDlgCtrlID
GetDlgItem
IsIconic
SetMenuItemInfoA
LoadBitmapW
RealChildWindowFromPoint
DestroyMenu
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
OffsetRect
GetParent
GetSubMenu
GetMenuItemID
GetMenuItemCount
SendMessageA
GetScrollPos
GetWindowTextA
GetWindowLongA
GetWindow
RegisterWindowMessageA
DispatchMessageA
PeekMessageA
GetMessagePos
GetMessageTime
PostMessageA
DefWindowProcA
CallWindowProcA
RegisterClassA
GetClassInfoA
GetClassInfoExA
CreateWindowExA
IsWindow
IsMenu
PostQuitMessage
DestroyWindow
SetWindowPos
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos

gdi32

Escape
GetClipBox
GetStockObject
PtVisible
RectVisible
RestoreDC
SaveDC
SelectObject
SetMapMode
DeleteObject
TextOutA
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
DeleteDC
CreateBitmap
SetTextColor
SetBkColor
GetDeviceCaps

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

shlwapi

PathRemoveFileSpecA

ole32

CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

VariantChangeType
VariantClear
VariantInit

oleacc

CreateStdAccessibleObject
LresultFromObject

Sections

.text
Size: 233KB - Virtual size: 233KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ffabc5d390c8cf9346561e70ace1f761

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

shlwapi

ole32

oleaut32

oleacc

Sections

.text Size: 233KB - Virtual size: 233KB

.rdata Size: 68KB - Virtual size: 67KB

.data Size: 5KB - Virtual size: 15KB

.gfids Size: 2KB - Virtual size: 1KB

.giats Size: 512B - Virtual size: 4B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 19KB - Virtual size: 19KB

.reloc Size: 12KB - Virtual size: 12KB

.text
Size: 233KB - Virtual size: 233KB

.rdata
Size: 68KB - Virtual size: 67KB

.data
Size: 5KB - Virtual size: 15KB

.gfids
Size: 2KB - Virtual size: 1KB

.giats
Size: 512B - Virtual size: 4B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 19KB - Virtual size: 19KB

.reloc
Size: 12KB - Virtual size: 12KB