7793700fe1ab6da3749051f26a604b04

Sharing

Copy URL

Twitter E-mail

General

Target

7793700fe1ab6da3749051f26a604b04
Size

465KB
MD5

7793700fe1ab6da3749051f26a604b04
SHA1

eb57f0df425924d001f2e7359bd72bd2215f4b65
SHA256

cff0bb2566bfba1c9057ef8c570416dd094286a71aa21554acf8e47b0e59505a
SHA512

eee65210194f356334229feea9184c47b2070d002723b8cdcb6b48ccf19844fcfc86c64f61c83842231e959a14907fe058c027ad2e2babbfbd96426ae4184e23
SSDEEP

6144:xSr5YbaMWqWUFzTdleROVSxRXXNrr9KGPuTke8wG+hmqbgFNwN6AYr3SqmZzwUW:x4mbaMWuFzTdlJSJM7YT+dU86bipZzY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7793700fe1ab6da3749051f26a604b04

Files

7793700fe1ab6da3749051f26a604b04
.exe windows:4 windows x86 arch:x86

63f8b6730a0a727e7e291de2f14eb10c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringW
GetModuleFileNameW
GetLogicalDriveStringsW
FreeEnvironmentStringsW
GetDateFormatA
GetConsoleOutputCP
HeapAlloc
SetEnvironmentVariableA
LCMapStringW
WriteFile
MultiByteToWideChar
TlsAlloc
GetEnvironmentStringsW
DeleteCriticalSection
Sleep
LCMapStringA
SetStdHandle
GetLastError
GetLocaleInfoA
WriteConsoleW
IsDebuggerPresent
FreeEnvironmentStringsA
GetLocaleInfoW
FreeLibrary
CloseHandle
GetProcessHeap
LoadLibraryW
GetFileType
GetProcAddress
WritePrivateProfileStructA
GetEnvironmentStrings
RaiseException
GetCommandLineW
FlushFileBuffers
GlobalFindAtomA
GetStartupInfoA
VirtualQuery
HeapValidate
OutputDebugStringW
InterlockedIncrement
DebugBreak
GetStringTypeA
LeaveCriticalSection
GetCurrentThread
HeapReAlloc
HeapSize
ExitProcess
MoveFileExA
TlsGetValue
VirtualAlloc
SetConsoleCtrlHandler
QueryPerformanceCounter
GetCurrentProcess
GetTimeZoneInformation
GetModuleHandleA
GetCommandLineA
GetStringTypeW
GetTimeFormatA
WriteConsoleA
IsBadReadPtr
SetHandleCount
EnumSystemLocalesA
GetConsoleCP
UnhandledExceptionFilter
SetUnhandledExceptionFilter
WideCharToMultiByte
EnterCriticalSection
SetConsoleActiveScreenBuffer
GetTickCount
GetOEMCP
VirtualFree
GetCPInfo
IsValidCodePage
InterlockedDecrement
RtlUnwind
GetACP
GetSystemTimeAsFileTime
lstrlenA
HeapDestroy
LocalLock
GetUserDefaultLCID
GetConsoleMode
SetLastError
GetModuleHandleW
GetStdHandle
HeapFree
TerminateProcess
LoadLibraryA
SetThreadContext
OutputDebugStringA
TlsFree
CreateFileA
GetModuleFileNameA
IsValidLocale
EnumResourceLanguagesW
SetFilePointer
OpenWaitableTimerW
InterlockedExchange
GetCurrentProcessId
CompareStringA
HeapCreate
GetCurrentThreadId
GlobalFlags
InitializeCriticalSectionAndSpinCount
TlsSetValue

advapi32

LookupPrivilegeDisplayNameW
RegQueryValueExA
LookupPrivilegeValueA

comdlg32

GetFileTitleA
GetSaveFileNameW
PageSetupDlgW
GetOpenFileNameW
GetSaveFileNameA
FindTextA
ChooseFontW
ChooseColorW
ReplaceTextW
PrintDlgW
PageSetupDlgA

shell32

SHGetDataFromIDListA
ShellExecuteEx
SHEmptyRecycleBinW
SHGetPathFromIDListW
DoEnvironmentSubstA
RealShellExecuteW

Sections

.text
Size: 300KB - Virtual size: 299KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 153KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

63f8b6730a0a727e7e291de2f14eb10c

Headers

File Characteristics

Imports

kernel32

advapi32

comdlg32

shell32

Sections

.text Size: 300KB - Virtual size: 299KB

.data Size: 153KB - Virtual size: 153KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 300KB - Virtual size: 299KB

.data
Size: 153KB - Virtual size: 153KB

.rsrc
Size: 10KB - Virtual size: 10KB