7e29c48f55c1d213e91d635c1a8675dc

Sharing

Copy URL Twitter E-mail

General

Target

7e29c48f55c1d213e91d635c1a8675dc
Size

25KB
MD5

7e29c48f55c1d213e91d635c1a8675dc
SHA1

147764325bceb27a36629453dbd8092e79350fc7
SHA256

94e34c1cbaff196c2ecaa9cbf7b2b7dfeddd28f5af61e014939b77a3d8cf43ca
SHA512

20ac1eb52264e403a10e896866c2e3cb5886ae22b8b9b14ba461023d7eb6a454f481a7e568ddeb3b69c3dacc0eca0b336cec681468ce29e3a62db6fc1cd21de9
SSDEEP

384:5lYYDaTYz6/+qTIWZtXizO7ymnawz0VS8s28hkk1A0ADA50uxuLLycxIil/s:7YIGTTIW3r7ymaa0d8ak1tA8ZR0l/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7e29c48f55c1d213e91d635c1a8675dc

Files

7e29c48f55c1d213e91d635c1a8675dc
.exe windows:4 windows x86 arch:x86

5c1389e509ac6d488a4d73049b80a5e0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_CIsinh
_wspawnl
_mbstrlen
_acmdln
_wspawnvpe
_getche
_mbsnbcoll
strncat
_adj_fdiv_m64
_read
ftell
_wpgmptr
__p___winitenv
_wputenv
ceil
_mbctype
_mbsninc
memchr
__winitenv
_cabs
_tolower
_mbcjmstojis
ispunct
log
log10
_wopen
is_wctype
_wcsnset
_controlfp

gdi32

SetWinMetaFileBits
GetROP2
SetAbortProc
SetLayout
CheckColorsInGamut
GetTextCharset
GetMiterLimit
CreateMetaFileA
SetRectRgn
GetTextMetricsA
SetLayout
CancelDC
GetCharWidth32W
GetObjectA
PlayEnhMetaFile
GetCurrentPositionEx
GetObjectType

user32

RemovePropW
GetUserObjectSecurity
ToAsciiEx
CharLowerBuffW
ToUnicode
GetParent
ScrollWindowEx
EnumDisplayDevicesW
DdeCmpStringHandles
AdjustWindowRect
AnimateWindow
GrayStringW
DefDlgProcA
EnumWindows
GetDlgItemTextA
GetWindowDC
MessageBoxA
OpenDesktopA
GetWindowTextW
SetParent
ChangeClipboardChain
GetSubMenu
GetClassInfoExW
InsertMenuA
CharToOemBuffW
RedrawWindow
UserClientDllInitialize
WaitForInputIdle
SetDeskWallpaper
wsprintfA
GetDlgItemTextW
GetListBoxInfo

advapi32

GetTrusteeNameA
RegOpenKeyA
CryptGetUserKey
BackupEventLogW
LockServiceDatabase
GetUserNameA
GetSecurityDescriptorDacl
MapGenericMask
CryptDeriveKey
RegOpenKeyW
CryptCreateHash
GetSecurityInfo
BuildExplicitAccessWithNameA
CryptDestroyKey
LookupPrivilegeValueA
GetKernelObjectSecurity
GetSidSubAuthority
GetUserNameW

kernel32

GetModuleHandleW
lstrcmpA
lstrcmpW
VirtualFree
GetCommProperties
GetModuleFileNameW
CreateDirectoryW
GetConsoleMode
GetPrivateProfileSectionNamesA
GetLastError
FatalAppExitA
lstrcmpiA
GetProcessHeap
GetOEMCP
lstrlenA
GetEnvironmentStringsA
LeaveCriticalSection
lstrcmpiW
OutputDebugStringA
lstrcpynA
ReadConsoleOutputCharacterW
WaitForSingleObjectEx
VerLanguageNameA
GetProcessShutdownParameters
SetCommMask
RtlZeroMemory
LoadLibraryExA
EnumResourceLanguagesW
GetStdHandle
DebugActiveProcess
ExitProcess
GetModuleHandleA
SetErrorMode
VirtualAllocEx
GetStartupInfoW
GetStartupInfoA
GetCommandLineW
GetCalendarInfoW
GetProcessHeaps
GetLocalTime

Sections

.text
Size: 16KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.hvy
Size: 4KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pfhh
Size: 3KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5c1389e509ac6d488a4d73049b80a5e0

Headers

File Characteristics

Imports

msvcrt

gdi32

user32

advapi32

kernel32

Sections

.text Size: 16KB - Virtual size: 17KB

.hvy Size: 4KB - Virtual size: 13KB

.pfhh Size: 3KB - Virtual size: 26KB

.reloc Size: 1024B - Virtual size: 1KB

.text
Size: 16KB - Virtual size: 17KB

.hvy
Size: 4KB - Virtual size: 13KB

.pfhh
Size: 3KB - Virtual size: 26KB

.reloc
Size: 1024B - Virtual size: 1KB