7b168ad464c591fcb2f69794ca53d8cf

Sharing

Copy URL Twitter E-mail

General

Target

7b168ad464c591fcb2f69794ca53d8cf
Size

511KB
MD5

7b168ad464c591fcb2f69794ca53d8cf
SHA1

e67616690e073e564a64717ed24acd422546891a
SHA256

8aee5cd139b2d15d8090395cca9bbfd0a7ca7ac700540c2a345187260ba22fb8
SHA512

4aa7a0ce74d08743a28546b26e5343d421984dd222887dab33a83017734c108673aa6613ca73fd81bff31d682e3aecee7ee852ea1294a275f4a07b8a794b37f5
SSDEEP

12288:AV4h+WbLFEIM4vVzstZB8EvIHLpt9kU9E4h8oYKJYc+:AVA5LKIxvq8ciLXhqEYK+c+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7b168ad464c591fcb2f69794ca53d8cf

Files

7b168ad464c591fcb2f69794ca53d8cf
.exe windows:4 windows x86 arch:x86

9df7d3d838faf433952a483220647fa4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
HeapSize
CloseHandle
GetUserDefaultLCID
UnhandledExceptionFilter
GetLocaleInfoA
IsValidLocale
HeapLock
GetCPInfo
GetTimeZoneInformation
GetConsoleMode
SetConsoleCtrlHandler
LCMapStringW
TlsSetValue
GetDateFormatA
DeleteCriticalSection
SetHandleCount
EnterCriticalSection
GetConsoleCP
GetProcAddress
GetCurrentProcessId
ReadFile
GetFileType
GetModuleFileNameW
EnumSystemLocalesA
TerminateProcess
TlsAlloc
FreeLibrary
HeapFree
CompareStringA
WideCharToMultiByte
GlobalReAlloc
RtlUnwind
SetStdHandle
TlsGetValue
LeaveCriticalSection
LCMapStringA
HeapDestroy
InterlockedDecrement
GetLocaleInfoW
GetACP
ExitProcess
FreeEnvironmentStringsA
SetLastError
GetSystemTimeAsFileTime
HeapCreate
GetProcessHeap
GetCurrentThreadId
VirtualQuery
GetStartupInfoW
IsValidCodePage
CreateFileA
GetStdHandle
QueryPerformanceCounter
MultiByteToWideChar
HeapAlloc
InterlockedIncrement
WriteProfileStringA
GetTimeFormatA
SetFilePointer
InterlockedExchange
GetStartupInfoA
LoadLibraryExW
LoadLibraryA
CreateMutexA
SetEnvironmentVariableA
GetStringTypeW
SetUnhandledExceptionFilter
CompareStringW
GetCommandLineW
lstrcmpi
VirtualFree
GetEnvironmentStrings
GetOEMCP
GetEnvironmentStringsW
WriteConsoleA
OpenMutexA
WriteFile
GetFileTime
GetShortPathNameW
FlushFileBuffers
WriteConsoleW
GetLastError
CreateDirectoryExW
GetModuleFileNameA
GetConsoleOutputCP
GetVersionExA
GetCommandLineA
HeapReAlloc
GetStringTypeA
MoveFileW
IsDebuggerPresent
InitializeCriticalSection
FreeEnvironmentStringsW
GetCurrentThread
GetTickCount
GetModuleHandleA
GetCurrentProcess
SetConsoleTextAttribute
Sleep
TlsFree

comdlg32

LoadAlterBitmap
ChooseColorA
GetFileTitleW
GetOpenFileNameW

gdi32

StretchDIBits
RectInRegion
EnumFontFamiliesExA
StartDocW
SetWinMetaFileBits
SetStretchBltMode
DrawEscape
GetStretchBltMode
EnumFontsA
ArcTo
GetRgnBox
GetICMProfileW
ModifyWorldTransform
GetCharacterPlacementA
OffsetViewportOrgEx
GetTextFaceA
BitBlt
GetWindowOrgEx
GetDCOrgEx

user32

RegisterClassA
DdeQueryStringA
RegisterClassExA
WindowFromDC

advapi32

CryptSignHashA
CreateServiceA
LookupPrivilegeDisplayNameA
RegEnumValueA
CryptDestroyHash
CryptDuplicateKey
RegRestoreKeyW
ReportEventA
CryptReleaseContext
RegEnumKeyExW
CryptExportKey
DuplicateToken
RegSetValueExA
RegSetValueW
CryptSetKeyParam
RegQueryValueExW
ReportEventW
RegDeleteKeyA
RegQueryMultipleValuesW
RegOpenKeyExA

comctl32

InitCommonControlsEx

wininet

CreateUrlCacheEntryA
FindNextUrlCacheContainerA
FtpSetCurrentDirectoryW
FtpOpenFileW
InternetCloseHandle
ShowCertificate
DetectAutoProxyUrl
SetUrlCacheEntryInfoW
CreateUrlCacheGroup

Sections

.text
Size: 361KB - Virtual size: 360KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9df7d3d838faf433952a483220647fa4

Headers

File Characteristics

Imports

kernel32

comdlg32

gdi32

user32

advapi32

comctl32

wininet

Sections

.text Size: 361KB - Virtual size: 360KB

.rdata Size: 28KB - Virtual size: 48KB

.data Size: 107KB - Virtual size: 107KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 361KB - Virtual size: 360KB

.rdata
Size: 28KB - Virtual size: 48KB

.data
Size: 107KB - Virtual size: 107KB

.rsrc
Size: 13KB - Virtual size: 12KB