7ad6d1524229a539f27627cd451ffbba

Sharing

Copy URL Twitter E-mail

General

Target

7ad6d1524229a539f27627cd451ffbba
Size

2.2MB
MD5

7ad6d1524229a539f27627cd451ffbba
SHA1

e61e46abe1167ff0c1414ed5dea75d6e6d40666b
SHA256

528d9eb3e0239ae3e341dd82ed9449a10ca59b504bdf3e2ceaf9c5d592ff600d
SHA512

f983cfa2ca48ee24d7e16e65c4244b9024ffc001109cbfc25af9ebb194db262a3dae90ef8a69739722ed4db316c428640bb66a4a16e3ed1b5c8df70f57b3e163
SSDEEP

24576:3hJfGL7Og0ChvFSDH6LhZ/A106MdseHspbH4BSS5d0YlFmypKp+JHQWqbXSPq2u1:+L7Og0CvU6d36Mds54ES39rW+Jw1l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7ad6d1524229a539f27627cd451ffbba

Files

7ad6d1524229a539f27627cd451ffbba
.exe windows:4 windows x86 arch:x86

6b269b45ee3d60437fc205a2eaae93fc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetTokenInformation
RegDeleteKeyA
RegEnumKeyExA
GetSidSubAuthorityCount
CreateServiceW
RegNotifyChangeKeyValue
OpenProcessToken
AccessCheck
GetLengthSid
RegSetValueExA
RegSetKeySecurity
AllocateAndInitializeSid
RegSetValueExW
RegCloseKey
AdjustTokenPrivileges
CryptDestroyHash
RegEnumKeyA
RegOpenKeyExA
SetFileSecurityA
RegQueryValueExW
RegEnumKeyExW

comdlg32

GetOpenFileNameA
ChooseColorW
GetOpenFileNameW

kernel32

GetStdHandle
DisableThreadLibraryCalls
LCMapStringW
GetModuleHandleA
GetFileTime
Sleep
HeapReAlloc
QueryPerformanceCounter
GlobalAddAtomW
LeaveCriticalSection
lstrcmpW
SetUnhandledExceptionFilter
InterlockedCompareExchange
GetSystemTimeAsFileTime
LocalAlloc
ExpandEnvironmentStringsA
GlobalUnlock
DeleteCriticalSection
ExitProcess
TlsFree
GetDiskFreeSpaceA
SetLastError
GetFileAttributesW
GetVersionExW
GetFullPathNameA
GetConsoleMode
RaiseException
GetFileType
HeapFree
GetLastError
WritePrivateProfileStringA
GetUserDefaultLCID
CloseHandle
ReleaseSemaphore
VirtualQuery
VirtualAlloc
TlsAlloc
GetCurrentProcessId
MultiByteToWideChar
IsDebuggerPresent
GetVolumeInformationA
UnhandledExceptionFilter
SizeofResource
GetProcAddress
LockResource
IsBadCodePtr
SetFilePointer
GetModuleFileNameA
LoadLibraryW
InterlockedExchange
GetACP
ReadFile
ReadConsoleInputA
SetConsoleCtrlHandler
TlsGetValue
CreateEventA
TerminateProcess
GetCurrentThreadId
LoadLibraryA

oleaut32

SafeArrayPutElement
SafeArrayCreate

user32

ModifyMenuW
GetDlgCtrlID
DrawFrameControl
LoadStringW
DrawIcon
SetForegroundWindow
GetMenuItemID
LoadCursorW
BringWindowToTop
GetWindowThreadProcessId
GetSysColor
GetFocus
SetRect
GetClientRect
SendDlgItemMessageW
SendMessageW
GetWindowLongA
EqualRect
LoadMenuA
MapWindowPoints
PostMessageW
PeekMessageA
ScreenToClient
FindWindowExW
DefWindowProcW
SetWindowLongW
CharLowerA
RegisterDeviceNotificationW
AttachThreadInput
PtInRect
TrackPopupMenu
TranslateMessage
GetSystemMetrics
WaitMessage
PostThreadMessageW
GetSubMenu
DestroyCursor
GetWindowLongW
MessageBoxW
GetWindowDC
LoadCursorA
SetCapture
IsMenu
ShowWindow
SetWindowTextW
DispatchMessageW
MessageBeep
RedrawWindow
FillRect
GetDC
CreateDialogParamA
IsIconic
GetDlgItem
MoveWindow
GetMenu
HideCaret
GetWindow
CreateWindowExW
GetWindowRect
CharNextA
DestroyWindow
DialogBoxParamW
GetActiveWindow
CharUpperW
DeleteMenu
GetDesktopWindow
CheckDlgButton
InvalidateRect
EndPaint
EnableWindow
SetCursor
GetMenuState
AppendMenuW
PostQuitMessage
GetScrollRange
EnableMenuItem
ClientToScreen
GetCapture

ole32

StringFromGUID2
CoUnmarshalInterface
CoSetProxyBlanket
CoFileTimeNow
CoInitializeEx
CoTaskMemFree
CoCreateInstance
CoCreateGuid

Sections

.text
Size: 200KB - Virtual size: 198KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6b269b45ee3d60437fc205a2eaae93fc

Headers

File Characteristics

Imports

advapi32

comdlg32

kernel32

oleaut32

user32

ole32

Sections

.text Size: 200KB - Virtual size: 198KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 1.9MB - Virtual size: 1.9MB

.rsrc Size: 88KB - Virtual size: 86KB

.text
Size: 200KB - Virtual size: 198KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 1.9MB - Virtual size: 1.9MB

.rsrc
Size: 88KB - Virtual size: 86KB