7cb4877a66f0388b9a3ce0563f72bfe74b39d4dc80634db428cee86d15c41d00

Sharing

Copy URL

Twitter E-mail

General

Target

7cb4877a66f0388b9a3ce0563f72bfe74b39d4dc80634db428cee86d15c41d00
Size

3.8MB
MD5

069e092fd0eba1888a71d08223039ff2
SHA1

951adc3fc08b3012fd43739a8fc042f1f8e97ca2
SHA256

7cb4877a66f0388b9a3ce0563f72bfe74b39d4dc80634db428cee86d15c41d00
SHA512

e0b5e6cebcae283f2af9d7c93a2f30cd18505156fed6ae02f470a56d9745eed945c5489de3847ce6ec6c4b9fe84f2e9cad8596ca597396d20f487bbdc1ae5c16
SSDEEP

49152:y3knbYapsl0VRMWxEP0XprnoFNQ/lnq6aYNLbFsIuciOAQ0i1kTM8qxBwWXmZvt1:y3oEKsgvXprnaCLgOAjMRxBLWd+5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7cb4877a66f0388b9a3ce0563f72bfe74b39d4dc80634db428cee86d15c41d00

Files

7cb4877a66f0388b9a3ce0563f72bfe74b39d4dc80634db428cee86d15c41d00
.exe windows:5 windows x86 arch:x86

f4e724375c378f34d33b0dc65d0153ba

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsValidCodePage
GetConsoleCP
GetConsoleMode
GetLocaleInfoW
IsProcessorFeaturePresent
QueryPerformanceCounter
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapCreate
HeapAlloc
HeapReAlloc
HeapSize
HeapQueryInformation
HeapFree
GetStringTypeW
LCMapStringW
CompareStringW
IsValidLocale
EnumSystemLocalesA
GetTimeZoneInformation
GetProcessHeap
CreateFileW
SetEnvironmentVariableA
OpenEventA
FileTimeToLocalFileTime
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetFileType
SetStdHandle
ExitThread
CreateThread
RaiseException
RtlUnwind
IsBadReadPtr
HeapValidate
GetStartupInfoW
HeapSetInformation
GetCommandLineA
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
DecodePointer
EncodePointer
VirtualQuery
GetSystemInfo
VirtualAlloc
GetNumberFormatA
GetWindowsDirectoryA
FindResourceExW
InitializeCriticalSectionAndSpinCount
SearchPathA
GetFileAttributesExA
GetFileSizeEx
GetTempPathA
GetOEMCP
GetCPInfo
GetACP
GetProfileIntA
VirtualProtect
lstrcmpiA
GetVolumeInformationA
FindFirstFileA
OutputDebugStringW
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetCurrentProcess
DuplicateHandle
GetHandleInformation
FileTimeToSystemTime
GetAtomNameA
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GlobalFlags
SetErrorMode
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
EnterCriticalSection
LeaveCriticalSection
GlobalReAlloc
GetFileSize
GetUserDefaultLCID
GetFullPathNameA
GetTempFileNameA
GetFileTime
LoadLibraryW
GetVersionExA
lstrcmpW
GlobalGetAtomNameA
GlobalFindAtomA
lstrcpyA
GetTickCount
MulDiv
lstrlenW
CopyFileA
GlobalSize
FormatMessageA
LocalFree
ResumeThread
SetThreadPriority
SetEvent
WaitForSingleObject
FreeResource
GlobalFree
GlobalAddAtomA
GetCurrentProcessId
GlobalUnlock
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
CompareStringA
ActivateActCtx
GetLastError
DeactivateActCtx
SetLastError
InterlockedExchange
GlobalLock
GlobalAlloc
GetModuleHandleW
FreeLibrary
GlobalDeleteAtom
lstrcmpA
GetCurrentThreadId
GetLocaleInfoA
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetModuleFileNameA
WriteConsoleW
OutputDebugStringA
FindClose
GetStdHandle
LocalFileTimeToFileTime
GetCurrentDirectoryA
ReadFile
GetFileAttributesA
SetFileTime
SystemTimeToFileTime
SetFilePointer
InterlockedIncrement
DeleteFileA
CloseHandle
CreateToolhelp32Snapshot
GetModuleHandleA
LockResource
Process32Next
LoadLibraryA
GetProcAddress
CreateDirectoryA
MultiByteToWideChar
SizeofResource
Sleep
WideCharToMultiByte
OpenProcess
WriteFile
GetCurrentThread
Process32First
InterlockedDecrement
LoadResource
FindResourceW
lstrlenA
FindResourceA
CreateFileA
GetThreadContext
ExitProcess

user32

GetClipboardFormatNameA
GetKeyNameTextA
MapVirtualKeyA
CreateAcceleratorTableA
ToAsciiEx
GetKeyboardLayout
GetKeyboardState
EnumChildWindows
SetClassLongA
PtInRect
IsRectEmpty
CopyIcon
SetCursorPos
IsClipboardFormatAvailable
DefFrameProcA
TranslateMDISysAccel
DefMDIChildProcA
GetDoubleClickTime
UnregisterClassA
IsCharLowerA
MapVirtualKeyExA
SetRect
InflateRect
IntersectRect
UnionRect
SubtractRect
ReuseDDElParam
ReleaseCapture
TranslateAcceleratorA
LoadAcceleratorsA
DestroyCursor
WaitMessage
DestroyMenu
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
CheckDlgButton
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
SendDlgItemMessageA
MonitorFromWindow
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
WinHelpA
TrackPopupMenu
SetWindowPlacement
GetWindowPlacement
GetWindowTextA
GetDlgCtrlID
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
SetMenu
GetMenu
GetMessageTime
GetMessagePos
SetWindowLongA
RegisterWindowMessageA
OffsetRect
MessageBeep
LoadMenuW
LoadMenuA
ModifyMenuA
InsertMenuItemA
GetMenuItemInfoA
GetMenuDefaultItem
SetMenuDefaultItem
EnableMenuItem
CheckMenuItem
DeleteMenu
CreatePopupMenu
CreateMenu
GrayStringA
DrawTextExA
DrawTextA
DrawFocusRect
DrawFrameControl
DrawEdge
DrawStateA
DrawIcon
InvertRect
FrameRect
RegisterClipboardFormatA
RemoveMenu
IsMenu
GetMenuItemCount
GetSubMenu
GetMenuState
GetMenuStringA
AppendMenuA
EmptyClipboard
SetRectEmpty
LoadIconW
LoadIconA
LoadCursorW
LoadCursorA
PostThreadMessageA
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
NotifyWinEvent
GetForegroundWindow
SetForegroundWindow
HideCaret
OpenClipboard
WindowFromPoint
SetParent
IsChild
GetTopWindow
ShowScrollBar
GetNextDlgTabItem
GetNextDlgGroupItem
SetCapture
GetCapture
KillTimer
SetTimer
EnableScrollBar
RedrawWindow
LockWindowUpdate
ShowOwnedPopups
IsWindowVisible
InvalidateRect
GetUpdateRect
UpdateWindow
ReleaseDC
GetWindowDC
GetDC
EndPaint
BeginPaint
ScreenToClient
ClientToScreen
MapWindowPoints
GetClientRect
GetWindowRect
BringWindowToTop
GetWindowRgn
SetWindowRgn
IsZoomed
IsIconic
GetSystemMenu
DrawMenuBar
EndDialog
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetSysColorBrush
FillRect
MonitorFromPoint
GetMonitorInfoA
SystemParametersInfoA
GetSystemMetrics
GetSysColor
GetKeyState
ValidateRect
GetMessageA
TranslateMessage
DispatchMessageA
TabbedTextOutA
PostMessageA
MapDialogRect
SetWindowPos
GetWindow
PeekMessageA
SetWindowsHookExA
UnhookWindowsHookEx
GetCursorPos
CallNextHookEx
IsWindow
MessageBoxA
GetWindowLongA
GetParent
GetLastActivePopup
wsprintfA
CloseClipboard
SetClipboardData
CopyAcceleratorTableA
IsWindowEnabled
EnableWindow
GetWindowThreadProcessId
SendMessageA
SetCursor
GetClassNameA
GetMenuCheckMarkDimensions
LoadBitmapW
SetMenuItemBitmaps
GetFocus
PostQuitMessage
LoadAcceleratorsW
SetLayeredWindowAttributes
EnumDisplayMonitors
RealChildWindowFromPoint
GetMenuItemID
CharUpperBuffA
LoadImageW
DrawIconEx
DestroyAcceleratorTable
CopyImage
GetIconInfo
UpdateLayeredWindow
CharUpperA
GetAsyncKeyState
LoadImageA
DestroyIcon
InsertMenuA
UnpackDDElParam
GetWindowTextLengthA

advapi32

RegEnumKeyA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegQueryValueA
RegEnumValueA
RegEnumKeyExA
SetThreadToken
RevertToSelf
OpenThreadToken
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken

shell32

SHGetDesktopFolder
SHGetPathFromIDListA
SHGetMalloc
SHGetFileInfoA
SHAppBarMessage
DragQueryFileA
DragFinish
SHGetSpecialFolderLocation
ShellExecuteA
SHBrowseForFolderA

ole32

OleFlushClipboard
OleTranslateAccelerator
IsAccelerator
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
DoDragDrop
OleLockRunning
OleIsCurrentClipboard
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
CoRevokeClassObject
CoInitializeEx
CreateStreamOnHGlobal
CoFreeUnusedLibraries
OleUninitialize
ReleaseStgMedium
CoTaskMemAlloc
StringFromCLSID
CoCreateGuid
OleDuplicateData
CoCreateInstance
CoUninitialize
CoInitialize
CoTaskMemFree

oleaut32

SysStringLen
VarBstrFromDate
VariantChangeType
SysAllocStringLen
SysFreeString
VariantInit
VariantClear
SysAllocString
VariantTimeToSystemTime
SystemTimeToVariantTime

msimg32

AlphaBlend
TransparentBlt

comctl32

ImageList_GetIconSize

shlwapi

PathStripToRootA
PathIsUNCA
PathFindFileNameA
PathFindExtensionA
PathIsDirectoryA
PathRemoveFileSpecW

gdiplus

GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromHBITMAP
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdipFree
GdipDisposeImage
GdipCloneImage
GdipAlloc
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipDrawImageI
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdiplusStartup
GdipCreateBitmapFromStream

oleacc

CreateStdAccessibleObject
LresultFromObject
AccessibleObjectFromWindow

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

gdi32

DeleteObject
LPtoDP
DPtoLP
GetWindowExtEx
GetWindowOrgEx
GetStockObject
ExtTextOutA
CopyMetaFileA
CreateDCA
GetDeviceCaps
GetObjectType
CreatePen
CreateSolidBrush
GetObjectA
Ellipse
Polyline
RectVisible
PtVisible
CreateHatchBrush
CreatePatternBrush
CreateFontIndirectA
CreateCompatibleBitmap
CreatePalette
GetPaletteEntries
SetPaletteEntries
GetNearestPaletteIndex
CreateRectRgn
CreateRectRgnIndirect
CreateEllipticRgn
CreatePolygonRgn
CreateRoundRectRgn
SetRectRgn
CombineRgn
OffsetRgn
GetRgnBox
GetViewportExtEx
GetViewportOrgEx
GetTextColor
PtInRegion
CreateCompatibleDC
Polygon
Rectangle
PatBlt
BitBlt
StretchBlt
GetPixel
SetPixel
TextOutA
GetTextExtentPoint32A
GetTextFaceA
GetTextMetricsA
FrameRgn
Escape
GetBoundsRect
SetPixelV
SetTextColor
SetBkColor
DeleteDC
SaveDC
RestoreDC
SelectPalette
SetBkMode
SetPolyFillMode
SetROP2
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
SelectClipRgn
ExcludeClipRect
IntersectClipRect
MoveToEx
LineTo
SetTextAlign
GetLayout
SetLayout
ExtSelectClipRgn
CreateDIBSection
GetDIBits
SetDIBColorTable
EnumFontFamiliesA
GetTextCharsetInfo
CreateDIBitmap
EnumFontFamiliesExA
GetSystemPaletteEntries
FillRgn
GetBkColor
RealizePalette
SelectObject
ExtFloodFill
CreateBitmap

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

comdlg32

GetFileTitleA

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 391KB - Virtual size: 391KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 994KB - Virtual size: 994KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 237KB - Virtual size: 237KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f4e724375c378f34d33b0dc65d0153ba

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

msimg32

comctl32

shlwapi

gdiplus

oleacc

imm32

winmm

gdi32

winspool.drv

comdlg32

Sections

.text Size: 2.2MB - Virtual size: 2.2MB

.rdata Size: 391KB - Virtual size: 391KB

.data Size: 25KB - Virtual size: 57KB

.rsrc Size: 994KB - Virtual size: 994KB

.reloc Size: 237KB - Virtual size: 237KB

.text
Size: 2.2MB - Virtual size: 2.2MB

.rdata
Size: 391KB - Virtual size: 391KB

.data
Size: 25KB - Virtual size: 57KB

.rsrc
Size: 994KB - Virtual size: 994KB

.reloc
Size: 237KB - Virtual size: 237KB