f7009551bab79d74f1f48bd42d2afa367089f6b7ffad3e3210ad59649a793e58

Sharing

Copy URL Twitter E-mail

General

Target

f7009551bab79d74f1f48bd42d2afa367089f6b7ffad3e3210ad59649a793e58
Size

2.0MB
MD5

7dd9c6a0dedea3d1b060b9237fa3e046
SHA1

89080ae3f3ac66e703081e53a6a91fe0657bd227
SHA256

f7009551bab79d74f1f48bd42d2afa367089f6b7ffad3e3210ad59649a793e58
SHA512

1864ead547ec2c5df429d43aaa4ed4b32cac1fdeca70208d759708320edd66a68ebb4c84e659bcc25c717fcc6cd21d676ac8444349a399a8e71b0115b1ce8393
SSDEEP

49152:CKwLlH5+yshkTpppppYVX0+yshgTpppppQ5Xn:CKwLH+yshkTpppppY50+yshgTpppppQd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f7009551bab79d74f1f48bd42d2afa367089f6b7ffad3e3210ad59649a793e58

Files

f7009551bab79d74f1f48bd42d2afa367089f6b7ffad3e3210ad59649a793e58
.exe windows:5 windows x86

7d0e659808ac24d116a5dc3c379086f8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
lstrcmpiW
CreateMutexW
LoadLibraryExW
GetModuleFileNameW
GetModuleHandleW
CopyFileW
MultiByteToWideChar
GetVersion
GetCurrentProcess
GetExitCodeProcess
WaitForSingleObject
GetModuleHandleA
CreateProcessW
FindClose
GetLocalTime
GetTempPathW
RemoveDirectoryW
DeleteFileW
FindFirstFileW
FindNextFileW
MoveFileExW
WideCharToMultiByte
LoadLibraryW
GetSystemDirectoryW
WriteConsoleW
SetFilePointerEx
GetTimeZoneInformation
GetConsoleMode
GetConsoleCP
FlushFileBuffers
SetStdHandle
OutputDebugStringA
SetConsoleCtrlHandler
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
GetStringTypeW
EnumSystemLocalesW
GetUserDefaultLCID
InterlockedDecrement
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetFileType
GetCurrentThread
GetACP
GetStdHandle
GetModuleFileNameA
ExitProcess
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FindFirstFileExW
GetModuleHandleExW
FreeLibraryAndExitThread
ResumeThread
ExitThread
CreateThread
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InterlockedFlushSList
RtlUnwind
LocalFree
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
LoadLibraryExA
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
EncodePointer
OutputDebugStringW
IsDebuggerPresent
InterlockedIncrement
CreateFileW
WriteFile
GlobalFree
GlobalAlloc
FreeResource
DecodePointer
GetVersionExW
GetTickCount
Sleep
DeleteCriticalSection
LockResource
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
SetLastError
GetLastError
FreeLibrary
GetCurrentThreadId
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
FindResourceExW
FindResourceW
CloseHandle
SizeofResource
LoadResource
RaiseException
TerminateProcess
OpenProcess
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
IsValidLocale

user32

LoadCursorW
DrawEdge
SendMessageW
PostMessageW
DefWindowProcW
PostQuitMessage
SetWindowLongW
GetClientRect
InvalidateRect
BeginPaint
CreateWindowExW
GetClassInfoExW
RegisterClassExW
UnregisterClassW
EndPaint
CallWindowProcW
GetWindowRgn
MoveWindow
MessageBoxW
CharNextW
CreateDialogParamW
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
GetMonitorInfoW
MonitorFromWindow
SystemParametersInfoW
IsDialogMessageW
LoadImageW
GetWindow
GetParent
GetWindowLongW
PtInRect
OffsetRect
InflateRect
CopyRect
FillRect
DrawFocusRect
GetSysColor
ChildWindowFromPoint
MapWindowPoints
ScreenToClient
ClientToScreen
SetCursor
AdjustWindowRectEx
GetWindowRect
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
RedrawWindow
GetDC
UpdateWindow
DrawTextW
GetMenu
GetSystemMetrics
IsWindowEnabled
EnableWindow
KillTimer
SetTimer
ReleaseCapture
SetCapture
GetCapture
GetDlgCtrlID
GetDlgItem
SetWindowPos
ShowWindow
DestroyWindow
IsWindow

gdi32

PtInRegion
CreateRectRgn
CreateFontW
GetObjectW
CreateDIBSection
SelectObject
GetStockObject
GetCurrentObject
DeleteObject
CreateSolidBrush
CreateFontIndirectW
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
SetBkMode
DeleteDC
SetTextColor

advapi32

RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegOpenKeyExW
RegQueryInfoKeyW
RegSetValueExW
GetUserNameW

shell32

ShellExecuteW
SHGetSpecialFolderPathW
ShellExecuteExW

ole32

CoTaskMemAlloc
CoCreateInstance
CreateStreamOnHGlobal
CoUninitialize
CoInitialize
CoTaskMemFree
CoInitializeSecurity
CoInitializeEx
CoTaskMemRealloc

oleaut32

VariantChangeType
SetErrorInfo
VarUI4FromStr
SysAllocString
VariantInit
VariantClear
SysFreeString
GetErrorInfo
CreateErrorInfo

gdiplus

GdipAlloc
GdipFree
GdiplusStartup
GdiplusShutdown
GdipCloneImage
GdipDisposeImage
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream

shlwapi

SHDeleteKeyW
PathRemoveFileSpecW
PathRemoveExtensionW
SHGetValueW
PathAppendW
PathFileExistsW
StrStrIW

comctl32

_TrackMouseEvent
InitCommonControlsEx
ImageList_Add
ImageList_Create
ImageList_Destroy
ImageList_GetIconSize
ImageList_DrawIndirect
ImageList_Draw

msimg32

AlphaBlend

psapi

EnumProcessModules
GetModuleFileNameExW

Sections

.text
Size: 326KB - Virtual size: 325KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7d0e659808ac24d116a5dc3c379086f8

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

gdiplus

shlwapi

comctl32

msimg32

psapi

Sections

.text Size: 326KB - Virtual size: 325KB

.rdata Size: 68KB - Virtual size: 68KB

.data Size: 5KB - Virtual size: 10KB

.rsrc Size: 1.6MB - Virtual size: 1.6MB

.reloc Size: 15KB - Virtual size: 15KB

.text
Size: 326KB - Virtual size: 325KB

.rdata
Size: 68KB - Virtual size: 68KB

.data
Size: 5KB - Virtual size: 10KB

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

.reloc
Size: 15KB - Virtual size: 15KB