7b722b1a1468521d3835b9ec6ae6f489

Sharing

Copy URL

Twitter E-mail

General

Target

7b722b1a1468521d3835b9ec6ae6f489
Size

1.8MB
MD5

7b722b1a1468521d3835b9ec6ae6f489
SHA1

25d257d8ffdcc3d381d528762e88d9521cb69d42
SHA256

b7c28d5f830c3e40bc9a86bb17116a2a52dd550f4492644abde97355f621033e
SHA512

acb7e26422526054ae9e9c4df91d0793fb8d455b21d0d71087db7eff9fc478ca189c2f9a3ef3751d1ea95340c808dacd898a068fc1e7be6dae2abcb4ae1c8321
SSDEEP

49152:5SUtD+mjeXp1030T09o5STaigawNDxgxotLu:76dL0klwTai5sLu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

7b722b1a1468521d3835b9ec6ae6f489

resource
7b722b1a1468521d3835b9ec6ae6f489

Files

7b722b1a1468521d3835b9ec6ae6f489
.exe windows:6 windows x86 arch:x86

580c12bcc09fe491ba62fc05087d045e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
GetModuleFileNameW
ExitProcess
GetConsoleCP
GetConsoleMode
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetFileType
ReadConsoleW
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleHandleExW
SetEnvironmentVariableW
SetStdHandle
GetTickCount
FreeLibraryAndExitThread
ExitThread
CreateThread
LoadLibraryExW
GetTempFileNameA
GetSystemTime
GetSystemTimeAsFileTime
SystemTimeToTzSpecificLocalTime
WideCharToMultiByte
SystemTimeToFileTime
VirtualAllocEx
SetFilePointerEx
GetLocalTime
GetSystemInfo
GetDateFormatA
VerLanguageNameA
GetLastError
GetTimeZoneInformation
GetTempPathA
GetSystemDefaultLangID
GetCurrentProcess
GetFileSizeEx
CompareFileTime
RaiseException
RtlUnwind
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCPInfo
GetStringTypeW
FlushFileBuffers
QueryPerformanceCounter
MapViewOfFile
CreateFileMappingW
FormatMessageA
FreeLibrary
GetProcessHeap
GetCurrentProcessId
GetFileSize
LockFileEx
LocalFree
GetProcAddress
UnlockFile
HeapDestroy
HeapCompact
HeapAlloc
LoadLibraryW
CloseHandle
HeapReAlloc
DeleteFileW
DeleteFileA
WaitForSingleObjectEx
LoadLibraryA
CreateFileA
FlushViewOfFile
OutputDebugStringW
GetFileAttributesExW
GetFileAttributesA
GetDiskFreeSpaceA
FormatMessageW
Sleep
MultiByteToWideChar
HeapSize
HeapValidate
UnmapViewOfFile
GetFileAttributesW
CreateFileW
WaitForSingleObject
CreateMutexW
GetTempPathW
UnlockFileEx
SetEndOfFile
GetFullPathNameA
SetFilePointer
LockFile
OutputDebugStringA
GetDiskFreeSpaceW
WriteFile
GetFullPathNameW
HeapFree
HeapCreate
ReadFile
AreFileApisANSI
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
DeleteCriticalSection
GetCurrentThreadId
SetLastError
InitializeCriticalSectionAndSpinCount
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
EncodePointer
DecodePointer
CompareStringW
LCMapStringW
GetLocaleInfoW
WriteConsoleW

user32

GetCursorPos
SetTimer
SetCursorPos
IsIconic
InvalidateRect
UpdateWindow
EnumWindowStationsA
GetMessageA
DispatchMessageA
GetWindowRect
GetClipboardFormatNameA
SendMessageW
GetSystemMetrics
GetShellWindow
GetDlgItemTextA
GetDC
GetWindowTextA
GetForegroundWindow
TranslateMessage
SetWindowContextHelpId
LoadCursorW
SendMessageA
GetWindowDC
SetCursor
GetCaretBlinkTime

gdi32

BitBlt
SelectObject
SetWinMetaFileBits
CreateCompatibleDC
SetPixel
SetICMProfileA
StretchBlt
GetICMProfileA
UpdateColors
SetWindowExtEx
EnumFontFamiliesW
SetViewportExtEx
StrokeAndFillPath
GetPixel
DeleteDC
TextOutW
SetTextColor
TextOutA
SetViewportOrgEx
SetTextJustification
EnumFontFamiliesA
SetStretchBltMode
DeleteObject
CreateSolidBrush
CreateBitmap
SetWorldTransform
UnrealizeObject
WidenPath
GetObjectA
SetTextCharacterExtra
SetTextAlign

advapi32

RegOpenKeyExA
RegCloseKey

ole32

CoTaskMemFree
StringFromCLSID

oleaut32

LoadTypeLi

comctl32

ImageList_DrawEx
ImageList_GetIcon
ImageList_DragLeave
ImageList_LoadImageW
ord4
ImageList_Create
ImageList_GetImageCount
ImageList_GetIconSize
ImageList_Add
ImageList_SetBkColor
ImageList_DragEnter
ord5
ImageList_ReplaceIcon
ImageList_DragMove
ImageList_DrawIndirect
ImageList_Replace
ImageList_LoadImageA
ImageList_Draw

version

GetFileVersionInfoW
GetFileVersionInfoSizeA
GetFileVersionInfoA

msimg32

TransparentBlt

oleacc

GetOleaccVersionInfo
GetRoleTextW
WindowFromAccessibleObject
AccessibleChildren
CreateStdAccessibleObject
GetRoleTextA

Sections

.text
Size: 938KB - Virtual size: 938KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 821KB - Virtual size: 820KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

580c12bcc09fe491ba62fc05087d045e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

comctl32

version

msimg32

oleacc

Sections

.text Size: 938KB - Virtual size: 938KB

.rdata Size: 106KB - Virtual size: 105KB

.data Size: 9KB - Virtual size: 17KB

.rsrc Size: 821KB - Virtual size: 820KB

.text
Size: 938KB - Virtual size: 938KB

.rdata
Size: 106KB - Virtual size: 105KB

.data
Size: 9KB - Virtual size: 17KB

.rsrc
Size: 821KB - Virtual size: 820KB