7879ad3950e67358046c8bde43142c62

General

Target

7879ad3950e67358046c8bde43142c62
Size

216KB
MD5

7879ad3950e67358046c8bde43142c62
SHA1

1cf2914d4042edfd0372e10f55223d6ecc858253
SHA256

863b8c5450d4c3d7187b649fcdfff6c4d3dc25e9ac9cb1650a230e2f0a133de6
SHA512

d4c717b334aaa27b7c823d3813d91ba783b553d840d19cacde410ef7b91bb1a36882f0af40df05a47860db45d5b5ef98e64b571e08372e0b6acbf13040ba62d4
SSDEEP

6144:4qWXMdzZ+axJ/gxzuA+FDRBe9mDA04iBRm0pYdjNEsw/qTHunQh:fdzZ3xJIxzuPlRhDHFsXdkyrMc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7879ad3950e67358046c8bde43142c62

Files

7879ad3950e67358046c8bde43142c62
.exe windows:4 windows x86 arch:x86

0d7130afea0567c4538563c870a3146e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

PolyBezier
CreateColorSpaceW
AngleArc
GetLogColorSpaceA
CreateMetaFileA
GetEnhMetaFileDescriptionA
RemoveFontResourceA
GetPath
SetPixelV
GetCharWidth32A
SelectObject
DPtoLP

shell32

SHFileOperationA
SHGetFileInfoA
SHGetPathFromIDListA
SHGetDesktopFolder
DoEnvironmentSubstA

comdlg32

ChooseFontW
PrintDlgA
FindTextA
ChooseColorA
FindTextW
PageSetupDlgA
GetSaveFileNameW

advapi32

CryptGetKeyParam
CryptSetProviderA
RegQueryValueA
StartServiceA

kernel32

InitializeCriticalSection
CompareStringA
WriteFile
VirtualQuery
QueryPerformanceCounter
WriteConsoleOutputW
GetStartupInfoW
TlsSetValue
EnterCriticalSection
GetModuleHandleA
GetTickCount
GetLastError
VirtualFree
GetLongPathNameW
TlsAlloc
GetProcAddress
SetHandleCount
GetStartupInfoA
EnumSystemLocalesW
FreeEnvironmentStringsA
GetEnvironmentStringsW
LoadLibraryA
IsBadWritePtr
UnhandledExceptionFilter
TlsGetValue
GetCurrentThreadId
DeleteCriticalSection
GetEnvironmentStrings
GetCurrentProcessId
GetTempPathA
GetSystemTimeAsFileTime
GetVersion
GetModuleFileNameW
GetCurrentProcess
SetLastError
VirtualFreeEx
RtlUnwind
GetFileType
TerminateProcess
HeapAlloc
GetCurrentThread
HeapCreate
VirtualAlloc
GetCommandLineA
HeapDestroy
ResumeThread
ExitProcess
HeapFree
LeaveCriticalSection
GetCommandLineW
MultiByteToWideChar
GetStdHandle
InterlockedExchange
TlsFree
HeapReAlloc
GetModuleFileNameA
FreeEnvironmentStringsW

Sections

.text
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0d7130afea0567c4538563c870a3146e

Headers

File Characteristics

Imports

gdi32

shell32

comdlg32

advapi32

kernel32

Sections

.text Size: 99KB - Virtual size: 99KB

.data Size: 105KB - Virtual size: 104KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 99KB - Virtual size: 99KB

.data
Size: 105KB - Virtual size: 104KB

.rsrc
Size: 11KB - Virtual size: 10KB