7b42252687dc97757f9036eb0656f014

General

Target

7b42252687dc97757f9036eb0656f014
Size

394KB
MD5

7b42252687dc97757f9036eb0656f014
SHA1

30b5a618fa4576e093f0de2bda1b0f3b3c305e69
SHA256

7df401623cfd0458c3b6b16f1f674a9b4a4c8b787807684c8245a1460833b5ad
SHA512

074f775648864a56fd6a5bd4a048528ef2eafb22fe67ef4795d9b1502a6211d14e3d1439d17d5e7957c2d8a506808eff70ac34e8500ca917d1e9653f0e132202
SSDEEP

12288:1aJ/iiM2x8hEZDrXFINTr69v0QJeRRMIqpVJIU:1aJ/iiM3+DkTe9v0RDqpVJIU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7b42252687dc97757f9036eb0656f014

Files

7b42252687dc97757f9036eb0656f014
.exe windows:5 windows x86 arch:x86

88f6e5b7496032f44d79af7f83f6877d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

FindWindowExA
PostThreadMessageA
DefDlgProcW
DdeFreeStringHandle
SoftModalMessageBox
DlgDirSelectComboBoxExW
CreateDialogParamA
SetSystemCursor

kernel32

ReadConsoleOutputCharacterW
WaitForMultipleObjectsEx
CreateToolhelp32Snapshot
GetModuleHandleA
GetEnvironmentStringsW
RtlMoveMemory
VerLanguageNameW
VirtualProtect
lstrcpyA
SetDefaultCommConfigW
VirtualFreeEx
IsBadHugeReadPtr
FreeConsole
GetCommandLineA
SetConsoleActiveScreenBuffer
GetStartupInfoA
CreateToolhelp32Snapshot

gdi32

CreatePatternBrush
PathToRegion
GetMiterLimit
StrokeAndFillPath
DeleteColorSpace

msvcrt

_environ
__dllonexit
_ismbcprint
_wfindnext64
__argv
_wpgmptr
_ismbblead
_wfreopen
_ui64toa
strncpy

advapi32

SetSecurityDescriptorDacl
AllocateLocallyUniqueId
LsaRetrievePrivateData
RegRestoreKeyW
NotifyBootConfigStatus
EncryptFileA
I_ScSetServiceBitsA
LsaRemovePrivilegesFromAccount
BuildSecurityDescriptorA

Sections

.text
Size: 389KB - Virtual size: 389KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 564KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

88f6e5b7496032f44d79af7f83f6877d

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

gdi32

msvcrt

advapi32

Sections

.text Size: 389KB - Virtual size: 389KB

.data Size: 3KB - Virtual size: 564KB

.rsrc Size: 1024B - Virtual size: 1008B

.text
Size: 389KB - Virtual size: 389KB

.data
Size: 3KB - Virtual size: 564KB

.rsrc
Size: 1024B - Virtual size: 1008B