7a51046e532f811f46b8ed7e5b15bf85

Sharing

Copy URL Twitter E-mail

General

Target

7a51046e532f811f46b8ed7e5b15bf85
Size

87KB
MD5

7a51046e532f811f46b8ed7e5b15bf85
SHA1

eec464eb8833a39a76886c8a50db9d31e9d21ca3
SHA256

612ac773b69fabddcfc8c0c4796e512ae14a408f05a70bada9d1ac0bcb7c006f
SHA512

dae8e32f4d3060ab4e0a6bcd920ded8e32cd157cf28c6d90da441b2ccb0a89b0336280940cf561f49acfd6855cf913ac29d7d1819fcd0c066fa882b6c9cb4006
SSDEEP

1536:2YB1zfTFo2TclXARjv2+SSrSfDjwdlKNjK7u0SqfJUvw2DFYICraYHL1R10o0u4e:2YbK2QlAv2+SSrSfDUdlKN7qfJcnD2Fr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7a51046e532f811f46b8ed7e5b15bf85

Files

7a51046e532f811f46b8ed7e5b15bf85
.exe windows:5 windows x86 arch:x86

466c8ae2934d5e19efcb0a30e38daeef

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupOpenAppendInfFileW
SetupOpenInfFileW
InstallHinfSectionA
SetupDiCreateDevRegKeyA
SetupDiCreateDeviceInterfaceRegKeyA
SetupGetSourceFileSizeA
CM_Get_Hardware_Profile_Info_ExW
SetupGetFieldCount
CM_Unregister_Device_InterfaceW
SetupEnumInfSectionsA
CM_Get_Class_Key_NameA
SetupGetFileCompressionInfoW
SetupDiGetSelectedDriverW
CM_Register_Device_Interface_ExA
SetupDiCreateDeviceInfoListExA
SetupQuerySourceListW
SetupInstallFilesFromInfSectionA
SetupDiSetClassInstallParamsW

query

??1CDbContentBaseRestriction@@QAE@XZ
?AddDir@CCatState@@QAEXAAV?$XPtrST@G@@@Z
?QueryInterface@CEmptyPropertyList@@UAGJABU_GUID@@PAPAX@Z
?Stop@CCatalogAdmin@@QAEHXZ
?SkipFloat@CMemDeSerStream@@UAEXXZ
?CiGetPassword@@YGHPBG0PAG@Z
CITextToFullTreeEx
??0CSvcQuery@@QAE@PBGPAUIDBProperties@@@Z
??8CDbColId@@QBEHABV0@@Z
??1CSort@@QAE@XZ
?Value@CDbScalarValue@@QAEXAAVCStorageVariant@@@Z
?AddArg@CFwEventItem@@QAEXK@Z
??1?$XPtr@VCDbProjectListElement@@@@QAE@XZ
?Init@CSdidLookupTable@@QAEHPAVCiStorage@@@Z
?GetDiskSpace@CDriveInfo@@QAEXAA_J0@Z
??1CPropertyStore@@QAE@XZ

advapi32

GetUserNameA
SystemFunction012
BuildImpersonateExplicitAccessWithNameW
SetInformationCodeAuthzLevelW
RegisterIdleTask
GetSecurityDescriptorRMControl
GetNamedSecurityInfoExA
CryptSetProviderW
IdentifyCodeAuthzLevelW
SetAclInformation
AbortSystemShutdownA
OpenProcessToken
WmiFileHandleToInstanceNameW
CredReadDomainCredentialsA
LsaEnumerateAccounts

sqlunirl

_GetPrivateProfileInt_@16
_LookupPrivilegeName_@16
_ChangeServiceConfig_@44
_AppendMenu_@16
_CharPrev_@8
_CreateDialogIndirectParam@20
_ExtractIconEx_@20
_NDdeGetErrorString_@12
_RegUnLoadKey_@8
_GetOutlineTextMetrics_@12
_RegSetValueEx_@24
_CreateNamedPipe_@32
_LoadBitmap@8
_RegQueryMultipleValues_@20

kernel32

RtlZeroMemory
MapUserPhysicalPagesScatter
QueryPerformanceCounter
EnumSystemLocalesA
GetCurrentThreadId
VirtualAlloc
GetPrivateProfileStringA
GetSystemTimeAsFileTime
SetFileTime
GetModuleHandleW
GetFileSizeEx
CreateEventA
GetExpandedNameA
WriteConsoleInputVDMA
GetProcAddress
CopyFileExW
GetProcessHeaps
LoadLibraryA
CommConfigDialogW
SetConsoleInputExeNameW
SetThreadPriorityBoost
lstrcpyA
OpenJobObjectW
SetFilePointer

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 21KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

466c8ae2934d5e19efcb0a30e38daeef

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

query

advapi32

sqlunirl

kernel32

Sections

.text Size: 34KB - Virtual size: 33KB

.rdata Size: 9KB - Virtual size: 9KB

.data Size: 21KB - Virtual size: 67KB

.rsrc Size: 21KB - Virtual size: 24KB

.reloc Size: 512B - Virtual size: 312B

.text
Size: 34KB - Virtual size: 33KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 21KB - Virtual size: 67KB

.rsrc
Size: 21KB - Virtual size: 24KB

.reloc
Size: 512B - Virtual size: 312B