c7939427cc70a9afaffc9c409993fa8a

Sharing

Copy URL Twitter E-mail

General

Target

c7939427cc70a9afaffc9c409993fa8a
Size

195KB
MD5

c7939427cc70a9afaffc9c409993fa8a
SHA1

fa6af71c6846c6deb380e3a1a6251644b8d9aff1
SHA256

5f44120d86db22107653b15a11811e4a00a9d6052955120693270e17cd48c84d
SHA512

1f8dd2edef1221cb732c224ac32e3a77a6cfef4d4f5e77798261a519c1bc33e7d211258c02d5d906171c74aec269ad182ae0b901e9513ed2194735cfdd93c86a
SSDEEP

3072:TFq6hqt+fLNsmAcpu3XJ5GYhhe0Qdq3UUeTcYGBuy6KffaZQxqcA8TcYGBuy6Kf:TFqWqMfLbAcSXSbW0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c7939427cc70a9afaffc9c409993fa8a

Files

c7939427cc70a9afaffc9c409993fa8a
.exe windows:5 windows x86 arch:x86

15c95e11c5aaf40309961bcba45cae81

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
FindNextFileW
FindFirstFileW
InitializeCriticalSection
DeleteCriticalSection
GetCurrentProcess
GetLastError
lstrcmpiW
FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetModuleHandleW
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
WideCharToMultiByte
LCMapStringA
GetSystemTimeAsFileTime
GetModuleFileNameW
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
ExitProcess
Sleep
HeapCreate
GetModuleFileNameA
GetStdHandle
WriteFile
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
SetLastError
TlsFree
lstrlenA
OutputDebugStringW
DebugBreak
InterlockedIncrement
lstrlenW
InterlockedDecrement
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleA
HeapSize
HeapReAlloc
GetStartupInfoW
RtlUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
VirtualAlloc
VirtualFree
LoadLibraryA
GetProcAddress
GetCurrentProcessId
RaiseException
HeapFree
GetProcessHeap
HeapAlloc

user32

UnregisterClassA
DestroyWindow
DefWindowProcW
CharNextW
LoadStringW
wvsprintfW

advapi32

RegDeleteValueW
RegEnumKeyExW
RegQueryInfoKeyW
RegOpenKeyExW
RegSetValueExW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey

ole32

CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
CoInitialize
CoTaskMemRealloc
OleRun

oleaut32

SysAllocString
VarUI4FromStr
VariantClear
SysStringByteLen
SysAllocStringByteLen
GetErrorInfo
SysFreeString

shlwapi

PathCombineW

comctl32

InitCommonControlsEx

Sections

.text
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 671KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 320.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

15c95e11c5aaf40309961bcba45cae81

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

shlwapi

comctl32

Sections

.text Size: 86KB - Virtual size: 85KB

.rdata Size: 18KB - Virtual size: 17KB

.data Size: 68KB - Virtual size: 671KB

.rsrc Size: 21KB - Virtual size: 320.0MB

.text
Size: 86KB - Virtual size: 85KB

.rdata
Size: 18KB - Virtual size: 17KB

.data
Size: 68KB - Virtual size: 671KB

.rsrc
Size: 21KB - Virtual size: 320.0MB