7dc8a2216980404edffa9a2e60f68808

Sharing

Copy URL Twitter E-mail

General

Target

7dc8a2216980404edffa9a2e60f68808
Size

293KB
MD5

7dc8a2216980404edffa9a2e60f68808
SHA1

99c5b9e8ceff4aee3007006632855bc89aa3a609
SHA256

d00bfded534c8a65a73d876821fef21d368638ca4e766452d9243533ece0bc19
SHA512

f6fd4428c5a63db5daf6b19a446962a431f0e34a3725c9ff63bc731fa34d943b5685e7df9778beb83dc3e25eed55bd7c5d32a1e8622eec4a5fd6bdf085388151
SSDEEP

6144:0CCp4sLYfPqNoWYQYCwm6XNiZQPzLGcnt0ew6Vr8SCbn:0CCp4p64Qu9iinX0dH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7dc8a2216980404edffa9a2e60f68808

Files

7dc8a2216980404edffa9a2e60f68808
.exe windows:5 windows x86 arch:x86

e0ba39fd4ebd77c6f948b8754fa0174b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GdiEntry12
EngQueryLocalTime
GetBkMode
SetPixelV
GetPolyFillMode
EudcLoadLinkW
CopyEnhMetaFileW
GetTextMetricsW
PolyPolyline
GetViewportExtEx
SetBitmapDimensionEx
CloseMetaFile
UpdateICMRegKeyW
UnloadNetworkFonts
GetCharacterPlacementW
GetICMProfileA
SetGraphicsMode
GetEnhMetaFilePaletteEntries
CopyEnhMetaFileW
CreateDIBitmap
GetOutlineTextMetricsA
FillRgn
ColorCorrectPalette
GetTextExtentPointI

shell32

RealShellExecuteW
Shell_NotifyIconA
OpenAs_RunDLLA
DragAcceptFiles
SHGetDiskFreeSpaceExW
DoEnvironmentSubstA
DllRegisterServer
SHGetDataFromIDListW
StrRChrA
InternalExtractIconListA
ExtractAssociatedIconA
DragQueryFile
SHIsFileAvailableOffline
Shell_NotifyIcon
ExtractIconW
StrRChrIA
SHGetDiskFreeSpaceExW
PrintersGetCommand_RunDLLA
SHPathPrepareForWriteW
ShellExecuteExA
RegenerateUserEnvironment
SHIsFileAvailableOffline
ShellExec_RunDLL
StrCmpNA
StrRChrW
StrRChrA
FreeIconList
StrStrIW

user32

GetDlgItemTextW
DdeImpersonateClient
SetWindowRgn
GetAppCompatFlags
ReuseDDElParam
DdeReconnect
EndPaint
CharToOemBuffW
UserRealizePalette
LookupIconIdFromDirectoryEx
GetAltTabInfo
ClipCursor
EnableScrollBar
FlashWindow
GetAppCompatFlags2
SetCaretPos
CharPrevW
SetForegroundWindow
ToAscii
CallMsgFilter
GetMonitorInfoA
AdjustWindowRectEx
FrameRect
HiliteMenuItem
DrawCaptionTempW
CopyImage
GetScrollBarInfo
HiliteMenuItem
CreateAcceleratorTableW

kernel32

SetFilePointer
CompareStringA
GetProfileStringW
GetConsoleFontInfo
SwitchToFiber
CallNamedPipeW
GetModuleHandleW
Module32NextW
FreeEnvironmentStringsA
GetLongPathNameA
lstrcpyA
BuildCommDCBAndTimeoutsW
ExpandEnvironmentStringsW
SystemTimeToFileTime
GetBinaryTypeA
GetNumberOfConsoleInputEvents
GetCommandLineW
HeapFree
GetOverlappedResult
GetThreadSelectorEntry
FindFirstFileA
SetConsoleNlsMode
GetCompressedFileSizeA
WaitForMultipleObjectsEx

advapi32

SetFileSecurityA
WmiEnumerateGuids
QueryServiceConfig2W
RegLoadKeyA
ProcessTrace
LsaSetQuotasForAccount
GetMultipleTrusteeOperationW
EnumServicesStatusExW
RegQueryValueExW
CryptSetKeyParam
RegUnLoadKeyA
RegUnLoadKeyW
LsaOpenTrustedDomain
GetSidSubAuthority
RegOpenUserClassesRoot
GetExplicitEntriesFromAclW
SetServiceBits
LsaLookupNames
SystemFunction032
GetNamedSecurityInfoA
ElfOpenEventLogW
RegOpenKeyA
SetPrivateObjectSecurityEx
CryptSignHashW
GetAccessPermissionsForObjectW

Sections

.text
Size: 285KB - Virtual size: 476KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e0ba39fd4ebd77c6f948b8754fa0174b

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

shell32

user32

kernel32

advapi32

Sections

.text Size: 285KB - Virtual size: 476KB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 2KB - Virtual size: 4KB

.text
Size: 285KB - Virtual size: 476KB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 2KB - Virtual size: 4KB