7baba80c391b529734341edf25845873

Sharing

Copy URL Twitter E-mail

General

Target

7baba80c391b529734341edf25845873
Size

144KB
MD5

7baba80c391b529734341edf25845873
SHA1

7ae2af19b2aae46febd8ddd05b4d8fd03a66841b
SHA256

77aaff2ab4ecfe86988e9743bfb7a1001b44c61f3de6dd995a07ac50a07b563e
SHA512

0d2ff6f077b44e8754a29cbc6865379fdaa114cd6bec8a88c69cc222aff75042039215e7b311e5dd4f000507acffc9220532b6134c4705f595e28d10d68f534f
SSDEEP

3072:jWX3bRBV3vuJPQaCZ6PDUHlzDwdWa4ZJHDR3OdLE:jM3bRBV3LsA5wdXl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7baba80c391b529734341edf25845873

Files

7baba80c391b529734341edf25845873
.exe windows:4 windows x86 arch:x86

d02817d02e39e23af82f8bb04f557d47

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ord582
ord1346
ord363
ord662
ord1349
ord456
ord1345
ord780
ord830
ord352
ord1215
ord1344
ord1278
ord924
ord1280
ord1223
ord1207
ord241
ord284
ord1045
ord85
ord500
ord961
ord842
ord390
ord388
ord392
ord1065
ord1064
ord133
ord184
ord515
ord212
ord742
ord455
ord1181
ord1342
ord1343
ord1347
ord722
ord718
ord721
ord720
ord357
ord578
ord827
ord1117
ord838
ord871
ord532
ord694
ord705
ord1358
ord1364
ord712
ord83
ord1324
ord1276
ord1063
ord906
ord569
ord391
ord847
ord167
ord815
ord813
ord619
ord616
ord872
ord725
ord701
ord1264
ord568
ord373
ord754
ord750
ord1267
ord677
ord478
ord1229
ord1142
ord393
ord1227
ord1230
ord614
ord1138
ord477
ord475
ord1304
ord356
ord355
ord1242
ord451
ord1222
ord676
ord612
ord534
ord1050
ord1270
ord1355

user32

ord1657
ord1664
ord1661
ord1572
ord2052
ord1675
ord2039
ord2331
ord1921
ord2248
ord1984
ord2144
ord1618
ord1785
ord2078
ord1727
ord1907
ord1798
ord2126
ord2139
ord1806
ord2168
ord1680
ord2223
ord2171
ord2018
ord1805
ord2227
ord1804
ord1725
ord1574
ord2220
ord1809
ord1531
ord2013
ord2100
ord1888
ord1997
ord2004
ord2231
ord1914
ord1891
ord1852
ord1846
ord2281
ord2260
ord2325
ord2134
ord1865
ord2272
ord1887
ord2034
ord2298
ord1854
ord2274
ord1723
ord2333
ord1985
ord2075
ord2277
ord1683
ord1530
ord1851
ord1847
ord1659
ord2321
ord2080
ord1993
ord1604
ord1607
ord1677
ord2167
ord1782
ord2309
ord1704

gdi32

ord1471
ord1561
ord1096
ord1661
ord1643
ord1073
ord1553
ord1578
ord1582
ord1087
ord1323
ord1651
ord1072
ord1242

comdlg32

ord113

comctl32

ord6
ord17
ord22
ord5

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

winmm

ord151

avicap32

capGetDriverDescriptionA
capCreateCaptureWindowA

encmpc

ord2
ord5
ord1
ord3
ord4

pichelp

ord2
ord3
ord1

sendapi

ord2
ord4
ord3

mpcplay

ord2
ord1

recvapi

ord2
ord4
ord6
ord5
ord3

facehelp

ord30
ord1
ord25
ord12
ord13
ord11
ord33
ord32
ord29
ord7
ord8
ord9
ord6
ord34
ord35
ord20
ord21
ord22
ord37

Sections

.text
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d02817d02e39e23af82f8bb04f557d47

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

comctl32

version

winmm

avicap32

encmpc

pichelp

sendapi

mpcplay

recvapi

facehelp

Sections

.text Size: 80KB - Virtual size: 78KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 32KB - Virtual size: 256KB

.rsrc Size: 20KB - Virtual size: 16KB

.text
Size: 80KB - Virtual size: 78KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 32KB - Virtual size: 256KB

.rsrc
Size: 20KB - Virtual size: 16KB