7214965ad1757003a367b5b78e193f9c

Sharing

Copy URL

Twitter E-mail

General

Target

7214965ad1757003a367b5b78e193f9c
Size

453KB
MD5

7214965ad1757003a367b5b78e193f9c
SHA1

20d4f5aba58796a24586e42fc88fca7f29ba2851
SHA256

75fbe944609ea9653080a5c3a4264fb08e927b2da599c039fd499f9608dccd1b
SHA512

ca7f64d090b681e04906a56796efc183af9633f6d8c28454e476a648498041375f349e3ce6226f7c51f0f18dc410dd0ddb3fafff5b09c369356e801f8e270a04
SSDEEP

12288:m4BVmlZ9JE1WePAGtQ5bBX8mUIfw5nIwqtFzi8:mT9LePJ6BtNKIntFR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7214965ad1757003a367b5b78e193f9c

Files

7214965ad1757003a367b5b78e193f9c
.exe windows:4 windows x86 arch:x86

0226b0435f33d57737c96a928f5a16ec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DlgDirSelectComboBoxExA
ScrollWindow
SetForegroundWindow
DefWindowProcA
GetWindowTextW
CopyImage
AttachThreadInput
SetUserObjectSecurity
GetUserObjectInformationW
DlgDirListW
RemovePropA
GetClipboardData
DeleteMenu
GetWindowModuleFileNameA
DrawEdge
ValidateRgn
RegisterClassExA
GetDlgItem
FreeDDElParam

shell32

SHGetSpecialFolderPathA
ShellExecuteEx
DragQueryFileW
SHEmptyRecycleBinW
SheChangeDirA
FindExecutableA
SHInvokePrinterCommandW
SHFormatDrive
ExtractIconEx
ExtractAssociatedIconExW
SHFreeNameMappings
RealShellExecuteA
ExtractIconExW
SHGetDiskFreeSpaceA
SHGetFileInfo
SHUpdateRecycleBinIcon
SHFileOperationA

wininet

IsUrlCacheEntryExpiredW
FtpRemoveDirectoryW
InternetCrackUrlW
ShowClientAuthCerts
FtpFindFirstFileW
CreateUrlCacheContainerW
InternetAlgIdToStringW
InternetSetOptionW
FtpCommandW
CreateUrlCacheEntryA
InternetWriteFileExW

advapi32

CryptAcquireContextA
CryptHashData
RegSetValueExA
RegOpenKeyExW
CryptGetDefaultProviderW
CryptDestroyKey
CryptDeriveKey
RegFlushKey
LookupAccountSidW
GetUserNameW

kernel32

GetStdHandle
LCMapStringA
CompareStringA
GetSystemTimeAsFileTime
GetModuleFileNameA
VirtualProtect
GetOEMCP
UnhandledExceptionFilter
ExitProcess
GetFileType
GetSystemInfo
WideCharToMultiByte
GetLocaleInfoW
GetProcAddress
GetCurrentThread
TlsGetValue
LoadLibraryA
VirtualQuery
HeapDestroy
LeaveCriticalSection
RtlUnwind
IsValidLocale
HeapReAlloc
VirtualAlloc
GetEnvironmentStringsW
SetHandleCount
GetStringTypeA
HeapSize
GetCurrentThreadId
GetStringTypeW
CompareStringW
GetStartupInfoW
GetUserDefaultLCID
DeleteCriticalSection
GetVersionExA
GetCPInfo
InitializeCriticalSection
EnumSystemLocalesA
LCMapStringW
GetStartupInfoA
GetLastError
TlsAlloc
WriteFile
GetTimeFormatA
GetCurrentProcessId
InterlockedExchange
GetTickCount
GetModuleFileNameW
GetDateFormatA
HeapCreate
FreeEnvironmentStringsW
EnterCriticalSection
IsBadWritePtr
HeapAlloc
GetCommandLineW
MultiByteToWideChar
IsValidCodePage
TlsFree
GetModuleHandleA
SetEnvironmentVariableA
GetConsoleScreenBufferInfo
GetCommandLineA
HeapFree
GetTimeZoneInformation
GetCurrentProcess
GetACP
QueryPerformanceCounter
SetLastError
FreeEnvironmentStringsA
GetVolumeInformationA
GetLocaleInfoA
TlsSetValue
TerminateProcess
VirtualFree
GetEnvironmentStrings

Sections

.text
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 309KB - Virtual size: 308KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0226b0435f33d57737c96a928f5a16ec

Headers

File Characteristics

Imports

user32

shell32

wininet

advapi32

kernel32

Sections

.text Size: 136KB - Virtual size: 136KB

.data Size: 309KB - Virtual size: 308KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 136KB - Virtual size: 136KB

.data
Size: 309KB - Virtual size: 308KB

.rsrc
Size: 7KB - Virtual size: 6KB