7b6e2fbcec55231d8ac3c21b6942f1c86fc527d4fbbb665eff3efb696e966ac6

Sharing

Copy URL Twitter E-mail

General

Target

7b6e2fbcec55231d8ac3c21b6942f1c86fc527d4fbbb665eff3efb696e966ac6
Size

1.8MB
MD5

54de3bf7bb31770bc225ccc104fe696f
SHA1

e2ab183574ddc1d75ff776dcb81d19780ade0ea4
SHA256

7b6e2fbcec55231d8ac3c21b6942f1c86fc527d4fbbb665eff3efb696e966ac6
SHA512

62545300a9581dbfc8f996927e822f7b6862cce7db27602871f35e5d1448afc49cc4e58e475b5d902cc52d8251fb5eaf07fed3d37aff41b9e33a97af183fe195
SSDEEP

24576:+SMzVgMZObcHFwfkj5WB5r9gRHriRjr/8+yjTpKHmB0AM/RFNVqM73BPbXTFe:+S8qkcGHMEPB0AM/RDH3pzTk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7b6e2fbcec55231d8ac3c21b6942f1c86fc527d4fbbb665eff3efb696e966ac6

Files

7b6e2fbcec55231d8ac3c21b6942f1c86fc527d4fbbb665eff3efb696e966ac6
.exe windows:4 windows x86

0fe74064e7cb2883a977005d82c621f4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
CreateFileW
GetFileTime
DeleteFileW
GetLocalTime
WideCharToMultiByte
Sleep
ResetEvent
CreateEventW
CreateMutexW
GlobalMemoryStatusEx
GetCurrentThreadId
ReleaseMutex
GetModuleHandleW
CreateProcessW
SystemTimeToTzSpecificLocalTime
CopyFileW
FileTimeToSystemTime
GetModuleFileNameW
MoveFileW
LocalFree
SetEvent
CreateFileA
GetFileSize
MapViewOfFile
UnmapViewOfFile
WriteFile
ReadFile
GetLastError
CreateFileMappingW
ExitProcess
SetEnvironmentVariableA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoW
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
InitializeCriticalSection
LoadLibraryA
FlushFileBuffers
SetStdHandle
MoveFileExW
GetCurrentProcessId
QueryPerformanceCounter
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapSize
GetStartupInfoA
GetFileType
SetHandleCount
GetConsoleMode
GetConsoleCP
CompareStringW
CompareStringA
GetModuleFileNameA
GetStdHandle
VirtualAlloc
DeleteCriticalSection
VirtualFree
HeapCreate
HeapDestroy
RaiseException
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetOEMCP
GetACP
InterlockedIncrement
GetCPInfo
IsDebuggerPresent
GetCurrentProcess
TerminateProcess
GetModuleHandleA
GetProcAddress
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LeaveCriticalSection
EnterCriticalSection
HeapReAlloc
GetStartupInfoW
GetProcessHeap
GetVersionExA
InterlockedDecrement
RtlUnwind
HeapAlloc
SetEndOfFile
SetFilePointer
MultiByteToWideChar
CreateDirectoryW
CreateThread
CloseHandle
SetThreadPriority
WaitForSingleObject
GetTickCount
FindNextFileW
FindClose
FindFirstFileW
HeapFree
GlobalUnlock
GlobalAlloc
GlobalLock
GetSystemTimeAsFileTime

user32

OpenClipboard
CloseClipboard
wsprintfW
PostMessageW
SetWindowTextW
LoadStringW
GetDlgItem
KillTimer
SetTimer
SetCursor
GetSystemMetrics
ReleaseCapture
GetCursorPos
ReleaseDC
GetDC
SetClipboardData
EmptyClipboard
DrawTextW
GetClientRect
CreateMenu
AppendMenuW
InsertMenuW
EndPaint
DestroyWindow
TranslateAcceleratorW
GetWindowRect
GetMessageW
PostQuitMessage
GetKeyState
GetSubMenu
DialogBoxParamW
LoadCursorW
SetFocus
GetMenuItemInfoW
BeginPaint
PtInRect
TranslateMessage
LoadAcceleratorsW
GetMenu
RegisterClassExW
LoadIconW
GetWindowPlacement
TrackPopupMenuEx
InvalidateRect
LoadMenuW
GetWindowLongW
GetWindowTextW
PeekMessageW
EnableMenuItem
SetWindowLongW
EndDialog
SetWindowPos
CheckDlgButton
ShowWindow
SetMenu
IsDlgButtonChecked
CreateDialogParamW
DrawMenuBar
GetMenuItemCount
CreateWindowExW
SendMessageW
UpdateWindow
EnableWindow
DestroyMenu
SetMenuItemInfoW
DefWindowProcW
CheckMenuItem
MoveWindow
DispatchMessageW
MessageBoxW
ClientToScreen
ScreenToClient
FillRect
SetCapture

gdi32

BitBlt
DeleteDC
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
Ellipse
CreatePen
GetStockObject
SetDIBitsToDevice
DeleteObject
CreateSolidBrush
SetBkMode

comdlg32

GetOpenFileNameW
GetSaveFileNameW
ChooseColorW

advapi32

RegCreateKeyExW
RegCloseKey
RegSetValueExW
RegGetValueW

shell32

SHGetPathFromIDListW
SHGetMalloc
SHCreateDirectoryExW
SHFileOperationW
SHOpenFolderAndSelectItems
DragQueryFileW
SHParseDisplayName
SHChangeNotify
DragAcceptFiles
ShellExecuteW
CommandLineToArgvW
SHBrowseForFolderW

ole32

CoUninitialize
CoInitializeEx
CoInitialize
CoCreateInstance

winmm

timeKillEvent
timeSetEvent

wininet

InternetCloseHandle
InternetSetOptionW
InternetReadFile
InternetOpenW
InternetQueryDataAvailable
InternetOpenUrlW

shlwapi

PathRenameExtensionW

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 452KB - Virtual size: 448KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0fe74064e7cb2883a977005d82c621f4

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

winmm

wininet

shlwapi

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 452KB - Virtual size: 448KB

.data Size: 20KB - Virtual size: 40KB

.rsrc Size: 88KB - Virtual size: 85KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 452KB - Virtual size: 448KB

.data
Size: 20KB - Virtual size: 40KB

.rsrc
Size: 88KB - Virtual size: 85KB