7da97bb86a29fd401cc4b63c085f95dd

Sharing

Copy URL Twitter E-mail

General

Target

7da97bb86a29fd401cc4b63c085f95dd
Size

332KB
MD5

7da97bb86a29fd401cc4b63c085f95dd
SHA1

c81d87201b7cab1b901ddd3ec29e371725c567dd
SHA256

818c61001eb8d89264dd4742697b2149d1b912831aa8ef7c654fc7dd58f1547b
SHA512

13f0b79e83d77f7834a6c48550cc294edcfc92619882fe036d7b034b2e0d89036eee9cd0916d619ca1b015e1de9abe6e418b4688edae8508261cdf2082d11ba2
SSDEEP

6144:q+QTzS0NRr6LyAjOLbhslqC0GRlVDsjPAvB+rUHW5GZ98aJYt6BsI:EzS0V6PmilqC0GR3kPc++WY8ttqh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7da97bb86a29fd401cc4b63c085f95dd

Files

7da97bb86a29fd401cc4b63c085f95dd
.exe windows:4 windows x86 arch:x86

d9bdc988cfd3df77448cc64122104ef1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetFileInfoW

advapi32

GetFileSecurityA
SetSecurityDescriptorDacl

kernel32

_lopen
VirtualAlloc
GetProfileStringA
GetLocalTime
GetProfileStringW
GetThreadLocale
LoadLibraryW
SetEnvironmentVariableA
GetDriveTypeA
VirtualProtect
WinExec
CreateFileW
WriteConsoleW
SetEvent
HeapSetInformation
SystemTimeToFileTime
GetFileSize
GetCurrentDirectoryW
EnumCalendarInfoA
FileTimeToSystemTime
EnumResourceNamesW
MoveFileExA
GlobalAddAtomA
GetDiskFreeSpaceW
UnhandledExceptionFilter
GetComputerNameW
QueueUserWorkItem
lstrcmpiA
HeapReAlloc
GetDiskFreeSpaceExW
GetModuleHandleW
GetModuleFileNameA
SetFileAttributesA
GetPrivateProfileSectionA
FindFirstFileA
Beep
CreateMutexA
IsValidLocale
EnumResourceLanguagesW
DeleteFileW
GlobalFlags
CopyFileA
CompareFileTime
GlobalAddAtomW
GetPrivateProfileStringW
GetDateFormatW
VerSetConditionMask
LoadLibraryA
CreateProcessW
GetFileInformationByHandle
GetQueuedCompletionStatus
OpenFileMappingA
GetFileAttributesExW
MulDiv
GetModuleFileNameW
GetEnvironmentStrings
RemoveDirectoryW
GetLogicalDriveStringsA
GetLocaleInfoA
WriteProfileStringA
CreateToolhelp32Snapshot
SystemTimeToTzSpecificLocalTime
GetFileSizeEx
WritePrivateProfileStringW
UnlockFile
FreeLibrary
MoveFileExW
LocalFileTimeToFileTime
GetConsoleOutputCP
SetFilePointerEx
GetDiskFreeSpaceA
GetProcAddress
TlsFree
SetFileAttributesW
CreateSemaphoreW
LocalFree
InterlockedExchange
GetSystemPowerStatus
GetPrivateProfileStringA
IsValidCodePage
SetThreadLocale
ExpandEnvironmentStringsW
lstrlenA
InterlockedIncrement
InterlockedDecrement
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetLastError
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
HeapAlloc

oleaut32

SafeArrayPutElement

user32

GetMenuStringA
SetForegroundWindow
CreateWindowExA
InsertMenuItemW
SetMessageQueue
GetAncestor
RemoveMenu
CreateIcon
CharPrevW

Sections

.text
Size: 239KB - Virtual size: 239KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

swumu
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

aauwge
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

gsgcqk
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d9bdc988cfd3df77448cc64122104ef1

Headers

File Characteristics

Imports

shell32

advapi32

kernel32

oleaut32

user32

Sections

.text Size: 239KB - Virtual size: 239KB

swumu Size: 31KB - Virtual size: 30KB

aauwge Size: 14KB - Virtual size: 16KB

gsgcqk Size: 46KB - Virtual size: 46KB

.text
Size: 239KB - Virtual size: 239KB

swumu
Size: 31KB - Virtual size: 30KB

aauwge
Size: 14KB - Virtual size: 16KB

gsgcqk
Size: 46KB - Virtual size: 46KB