7cb9d1ffeac161c0ea0521abb71b0170

Sharing

Copy URL Twitter E-mail

General

Target

7cb9d1ffeac161c0ea0521abb71b0170
Size

145KB
MD5

7cb9d1ffeac161c0ea0521abb71b0170
SHA1

4a0b17b0d4718bec71fa95f62ab2f066346cd4b4
SHA256

8d3c6217029533c652206928cc4b081682aa065dda6889728bc9a9055525e7e8
SHA512

59957937d338ca50bc3152ae896286582442e79857d62f91737ee1c92dd6c8f838113baf635a3afcaacc25382e336404d91826455d37144b570247d0103b4aef
SSDEEP

1536:GZr2eZLVPhdmR0FUYyCGnAhxfFIFXgGPYnP+QPDbFkJ7y1rH4tdlm6ejk:GVJV8mvyCoAhdFIfPYnP+4DZkiuvej

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7cb9d1ffeac161c0ea0521abb71b0170

Files

7cb9d1ffeac161c0ea0521abb71b0170
.dll windows:5 windows x86 arch:x86

51f6597614d102fc05d109c8c9b8d4ea

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ntdll

wcslen
strlen
_vsnwprintf

shlwapi

StrRStrIA
StrToIntExW
StrCSpnIW
StrRChrA
StrDupW
PathAppendW
StrToIntW

shell32

ord685

kernel32

GetFileSize
FindResourceA
LoadResource
ClearCommError
GetNamedPipeHandleStateA
GetCommProperties
GetModuleHandleW
SetFileTime
LoadLibraryA
WideCharToMultiByte
SetThreadPriority
GetProcessVersion
CreateEventW
OpenEventW
SetCurrentDirectoryA
CreateHardLinkA
FlushViewOfFile
DisconnectNamedPipe
GetTickCount
SleepEx
DosDateTimeToFileTime
FileTimeToDosDateTime
WaitNamedPipeW

user32

SetScrollRange
CreateAcceleratorTableW
PostMessageW
RealGetWindowClassW
SetWindowRgn
GetWindow
TranslateMDISysAccel
DestroyIcon
ToUnicode
FindWindowA
RedrawWindow
ReleaseDC
GetDCEx
SetCursorPos
CreateIcon
GetWindowTextA
IsDialogMessageA
GetWindowTextLengthA
CharLowerBuffW
CharPrevExA
DialogBoxParamW
GetLastActivePopup
IsZoomed
InvertRect
DrawTextExA
DrawFocusRect
TranslateMessage
LockWindowUpdate
MessageBoxA
GetAncestor
EnumPropsA
GetWindowTextW
PeekMessageW
GetWindowContextHelpId
GetAltTabInfoW
MapWindowPoints
UnregisterHotKey
GetPropW
DispatchMessageW
GetParent
GetDC
GetMenuItemRect
LoadMenuW

gdi32

GetDIBColorTable
SetColorAdjustment
SetDIBits
SaveDC
PolyPolyline
PtInRegion
GetTextColor
CreateBitmapIndirect
ScaleViewportExtEx
GetCharacterPlacementA
SetMapMode
GetBoundsRect
SetTextColor
AddFontResourceA
GetBitmapBits
GetClipRgn
SetTextAlign

advapi32

GetLengthSid
InitializeSid
AreAllAccessesGranted
EqualPrefixSid

Exports

Exports

__ReadFile@12
__WriteFile@12

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.icode
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mtemp
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.etable
Size: 1024B - Virtual size: 540B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 123KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 838B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

51f6597614d102fc05d109c8c9b8d4ea

Headers

File Characteristics

Imports

ntdll

shlwapi

shell32

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 1KB

.icode Size: 15KB - Virtual size: 15KB

.data Size: 512B - Virtual size: 260B

.mtemp Size: 512B - Virtual size: 128B

.etable Size: 1024B - Virtual size: 540B

.rsrc Size: 123KB - Virtual size: 123KB

.reloc Size: 1024B - Virtual size: 838B

.text
Size: 2KB - Virtual size: 1KB

.icode
Size: 15KB - Virtual size: 15KB

.data
Size: 512B - Virtual size: 260B

.mtemp
Size: 512B - Virtual size: 128B

.etable
Size: 1024B - Virtual size: 540B

.rsrc
Size: 123KB - Virtual size: 123KB

.reloc
Size: 1024B - Virtual size: 838B