7af393d629bfce312e8e79ac3b70864d

General

Target

7af393d629bfce312e8e79ac3b70864d
Size

339KB
MD5

7af393d629bfce312e8e79ac3b70864d
SHA1

24614e51a28b82505729da7a2b96091932cdf103
SHA256

53e48ceb37a8c4302150c0f680dcfdd81443ce55169b494622eb513e04691a2b
SHA512

ad544085d29ad1b4476adb594c9e38d6d9dfe8a9bbd17d3729a8cf0bdc3902acee1c973c84242ecb3bf6a50a0538df4122af4588fd4bc713882ea920167fdcc6
SSDEEP

6144:nEDS5yW21z0Gg8hYyxlZDhCuPnyniKzy4EXVXNeMDGG6JSlIV30ob:nEW5fqLgfyLvynU4mjHlA3Bb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7af393d629bfce312e8e79ac3b70864d

Files

7af393d629bfce312e8e79ac3b70864d
.exe windows:4 windows x86 arch:x86

fddc01a2857d6079ae415059d077ec14

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrCmpNA

kernel32

TerminateProcess
HeapAlloc
CreateDirectoryW
FindNextFileW
MultiByteToWideChar
WideCharToMultiByte
CreateFileW
GetOverlappedResult
PeekNamedPipe
FindNextChangeNotification
ResetEvent
FindFirstChangeNotificationW
LCMapStringW
LocalAlloc
LocalFree
lstrlenA
GetSystemDirectoryA
lstrcatA
FindCloseChangeNotification
GetVersionExA
GetAtomNameW
LoadLibraryA
CreateEventA

user32

GetKeyState
CreatePopupMenu
GetMessageA
DestroyMenu
RegisterClassW
DispatchMessageA
GetSystemMetrics
PostMessageA
PostQuitMessage
TranslateMessage
GetCursorPos
InsertMenuW
TrackPopupMenu

gdi32

DeleteDC
RestoreDC
DeleteObject
GetTextFaceA
SelectObject
CreateFontA
GetDeviceCaps
SetMapMode
SaveDC
CreateFontIndirectW
GetFontData
GetTextExtentPoint32W
SetTextAlign
GetTextMetricsA
GetObjectA
ExtTextOutW
SetBkMode
SetTextColor
GetTextFaceW
GetOutlineTextMetricsA
CreateDCA
CreateSolidBrush
TranslateCharsetInfo
CreateFontIndirectA

msimg32

TransparentBlt

Sections

.text
Size: 308KB - Virtual size: 307KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 144KB - Virtual size: 546KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fddc01a2857d6079ae415059d077ec14

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

gdi32

msimg32

Sections

.text Size: 308KB - Virtual size: 307KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 144KB - Virtual size: 546KB

.rsrc Size: 5KB - Virtual size: 8KB

.text
Size: 308KB - Virtual size: 307KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 144KB - Virtual size: 546KB

.rsrc
Size: 5KB - Virtual size: 8KB