7ebab056487746b52a727c61f9b5c3287922187955b0007e14f9106601c02298

Sharing

Copy URL Twitter E-mail

General

Target

7ebab056487746b52a727c61f9b5c3287922187955b0007e14f9106601c02298
Size

492KB
MD5

befbdf22f5c45a682400be9c335c0c3c
SHA1

93029cac81e6ebe06d1c3e038310a4d2e5f70541
SHA256

7ebab056487746b52a727c61f9b5c3287922187955b0007e14f9106601c02298
SHA512

42a72e4ded816920b3607fcf6400e7a9b5555ed0a9ab5a2770bdeb5bc46c80f53a098d4462336d2c60ed4eed737a1b9cf40a2c5dca81ccf7f1b69d00f11bb2db
SSDEEP

12288:kJhKNr9QAT3sa/WS0Of6vbulZgefQbcpgdqFxn:xr97

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7ebab056487746b52a727c61f9b5c3287922187955b0007e14f9106601c02298

Files

7ebab056487746b52a727c61f9b5c3287922187955b0007e14f9106601c02298
.exe windows:5 windows x64

d22d0175fad49e47eccfd6486c01eee9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

comdlg32

PrintDlgW
PageSetupDlgW
GetSaveFileNameW
GetOpenFileNameW
ChooseColorW

shell32

DragFinish
DragQueryFileW
ShellAboutW
SHAddToRecentDocs

user32

GetCapture
GetClientRect
GetCursorPos
GetKeyState
GetParent
GetScrollInfo
GetScrollPos
GetWindowLongPtrW
InflateRect
InvalidateRect
IsRectEmpty
IsWindow
IsWindowVisible
LoadCursorW
LoadIconW
OffsetRect
PtInRect
ReleaseCapture
ScreenToClient
SendMessageW
SetCapture
SetCursor
SetRect
SetRectEmpty
SetScrollInfo
SetScrollPos
SetWindowLongPtrW
ShowScrollBar
TrackMouseEvent
FillRect
CheckDlgButton
CheckRadioButton
DrawFocusRect
DrawTextW
EnableWindow
EndDialog
GetDlgItem
GetDlgItemInt
GetDlgItemTextW
GetSysColor
GetSysColorBrush
GetSystemMetrics
GetWindowRect
GetWindowTextW
GetWindowTextLengthW
MessageBoxW
TrackPopupMenu
SetMenu
SetForegroundWindow
SetClipboardData
RemoveMenu
PostQuitMessage
GetAsyncKeyState
LoadMenuW
IsClipboardFormatAvailable
InsertMenuW
GetWindowPlacement
GetSubMenu
GetMenuItemCount
GetMenu
GetClipboardData
FindWindowExW
EndDeferWindowPos
EnableMenuItem
EmptyClipboard
DialogBoxParamW
DestroyWindow
DestroyMenu
DeferWindowPos
CloseClipboard
CheckMenuItem
BeginDeferWindowPos
DrawIconEx
DestroyIcon
LoadImageW
UnionRect
MoveWindow
MapWindowPoints
GetDCEx
IntersectRect
EqualRect
SystemParametersInfoW
PostMessageW
DrawEdge
SetFocus
CreateDialogParamW
IsZoomed
IsIconic
TranslateMessage
TranslateAcceleratorW
LoadAcceleratorsW
IsDialogMessageW
GetMessageW
DispatchMessageW
DestroyAcceleratorTable
CharLowerW
InvertRect
RegisterClassExW
CreateWindowExW
ReleaseDC
LoadStringW
GetDC
CopyImage
wsprintfW
ShowWindow
SetWindowTextW
SetWindowPos
SetDlgItemTextW
SetDlgItemInt
EndPaint
DefWindowProcW
ClientToScreen
CallWindowProcW
BeginPaint
OpenClipboard
IsDlgButtonChecked

gdi32

DeleteEnhMetaFile
GetTextMetricsW
CreateFontIndirectW
SetROP2
SetBkColor
SaveDC
RoundRect
RestoreDC
Rectangle
Polyline
Polygon
PolyBezier
MaskBlt
IntersectClipRect
GetROP2
GetBkColor
GdiTransparentBlt
ExtFloodFill
Ellipse
CreateBrushIndirect
SetPixelV
SetDIBits
PlayEnhMetaFile
GetPixel
GetObjectW
GetEnhMetaFileHeader
GetDIBits
GetDIBColorTable
GetDeviceCaps
CreateSolidBrush
CreateDIBSection
CreateBitmap
EnumFontFamiliesW
StretchBlt
SetTextColor
SetBkMode
SelectObject
MoveToEx
LineTo
GetStockObject
DeleteObject
DeleteDC
CreatePen
CreateCompatibleDC
BitBlt

advapi32

RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegCloseKey

comctl32

ImageList_LoadImageW
ImageList_AddMasked
ImageList_Create
InitCommonControlsEx

msvcrt

memcpy
vswprintf
__lconv_init
signal
__CxxFrameHandler
_itow
_itoa
_exit
wcscpy
strlen
strcat
strcpy
raise
_vsnwprintf
_snwprintf
_onexit
__dllonexit
_unlock
_lock
calloc
_wcmdln
__winitenv
_initterm
_fpreset
_cexit
exit
__set_app_type
__wgetmainargs
_amsg_exit
__setusermatherr
malloc
??3@YAXPEAX@Z
srand
atan2
??2@YAPEAX_K@Z
__wargv
__argc
rand
tan
_vsnprintf
_snprintf
labs
abs
wcsrchr
wcschr
memcmp
??_V@YAXPEAX@Z
??_U@YAPEAX_K@Z
_vscwprintf
realloc
free
_wtoi
wcstod
_wcsicmp
wcslen
wcscmp
wcscat
memmove
_CxxThrowException
_purecall
memset

kernel32

DeleteCriticalSection
EnterCriticalSection
TlsGetValue
GetLastError
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetCurrentProcessId
WriteFile
OutputDebugStringW
OutputDebugStringA
LoadLibraryExW
IsDebuggerPresent
GetStdHandle
Sleep
SetUnhandledExceptionFilter
GetStartupInfoW
GetSystemDirectoryW
MulDiv
WideCharToMultiByte
lstrlenW
lstrcpynW
GetTempPathW
GetTempFileNameW
DeleteFileW
CopyFileW
SetLastError
GetCurrentThreadId
GetCurrentProcess
FlushInstructionCache
lstrcmpW
LoadLibraryW
GlobalUnlock
GlobalLock
GlobalFree
GlobalAlloc
GetProcAddress
GetFullPathNameW
FindFirstFileW
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetTimeFormatW
GetDateFormatW
SizeofResource
LockResource
LoadResource
FindResourceW
VirtualFree
VirtualAlloc
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
GetProcessHeap
LeaveCriticalSection
InitializeCriticalSection
GetModuleHandleExW
FreeLibrary

shlwapi

PathRemoveExtensionW
PathCompactPathExW
PathFileExistsW
PathFindFileNameW
PathFindExtensionW

ntdll

RtlAssert

Sections

.text
Size: 179KB - Virtual size: 178KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 269KB - Virtual size: 269KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d22d0175fad49e47eccfd6486c01eee9

Headers

DLL Characteristics

File Characteristics

Imports

comdlg32

shell32

user32

gdi32

advapi32

comctl32

msvcrt

kernel32

shlwapi

ntdll

Sections

.text Size: 179KB - Virtual size: 178KB

.rdata Size: 29KB - Virtual size: 29KB

.data Size: 1KB - Virtual size: 8KB

.pdata Size: 11KB - Virtual size: 10KB

.rsrc Size: 269KB - Virtual size: 269KB

.reloc Size: 1024B - Virtual size: 688B

.text
Size: 179KB - Virtual size: 178KB

.rdata
Size: 29KB - Virtual size: 29KB

.data
Size: 1KB - Virtual size: 8KB

.pdata
Size: 11KB - Virtual size: 10KB

.rsrc
Size: 269KB - Virtual size: 269KB

.reloc
Size: 1024B - Virtual size: 688B