7ec4eeae40ad0b0ff3c963b99e9821eb

Sharing

Copy URL Twitter E-mail

General

Target

7ec4eeae40ad0b0ff3c963b99e9821eb
Size

100KB
MD5

7ec4eeae40ad0b0ff3c963b99e9821eb
SHA1

6f7146bda1c3781bdb3472fc33ea441047eab035
SHA256

19f8c0aa23b7c8ea92479926c7bd58ad650c438f0d510cb8812728b6badc6940
SHA512

a726ca97d327599f02ff38ee457121d8e8741c97e1ced946363494aef5d152cd48465342f541a01a04e1163087d96af7e8f053a06bf77069870b4063ea60640c
SSDEEP

3072:EFnzjh4PP2N3XkExrpogsAocpzJnW9zn:EFzjmPP6XtVXHzJ8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7ec4eeae40ad0b0ff3c963b99e9821eb

Files

7ec4eeae40ad0b0ff3c963b99e9821eb
.exe windows:4 windows x86 arch:x86

1fc372df19a49583f256b6bb9834ea06

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_acmdln
exit
fread
fopen
_iob
__p__commode
_adjust_fdiv
calloc
__setusermatherr
__set_app_type
_cexit
__p__fmode
_except_handler3
__getmainargs
_initterm
strncpy
_snprintf
free
_exit
malloc
memmove

kernel32

ReadFile
GetConsoleOutputCP
GetDriveTypeA
GetTickCount
GetProcAddress
GetUserDefaultLangID
WriteFile
GetDateFormatA
GetStartupInfoA
SetFileTime
GetModuleFileNameA
GetModuleHandleA
lstrcmpA
GetTimeZoneInformation
GlobalLock
QueryPerformanceCounter
LoadLibraryExW
FreeLibrary

user32

SendMessageA
SetClassLongA
CreateWindowExA
EnumWindows
SetCursor
GetDesktopWindow
LoadStringA
GetWindowRect
GetSystemMetrics
FindWindowA
InvalidateRect
RemoveMenu
DrawFrameControl
GetDlgItem
EnableWindow

advapi32

OpenServiceW
DeleteService
IsValidSid
OpenThreadToken
GetTokenInformation
RegDeleteValueA
SetSecurityDescriptorDacl
InitializeAcl
OpenServiceA
AllocateAndInitializeSid
AddAccessAllowedAce
RegEnumKeyExA
ControlService

oleaut32

SafeArrayGetUBound
SysAllocStringByteLen
VariantCopyInd
SysStringLen
SetErrorInfo
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayRedim

gdi32

GetTextMetricsA
Polyline
Pie
Escape
DPtoLP
StrokePath
StretchDIBits
GetTextFaceA
GetEnhMetaFileHeader
CopyMetaFileA
EnumFontFamiliesA

ole32

OleInitialize
CreateItemMoniker
CoGetMalloc
CoFreeUnusedLibraries
CoCreateInstance
CoGetClassObject
CoLoadLibrary
CoInitializeSecurity

comctl32

ImageList_BeginDrag
PropertySheetW
ImageList_SetBkColor
ImageList_SetIconSize
ImageList_DrawEx
ImageList_LoadImageA
ImageList_GetIconSize
CreatePropertySheetPageW
CreateToolbarEx
ImageList_Destroy

Sections

.text
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1fc372df19a49583f256b6bb9834ea06

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

advapi32

oleaut32

gdi32

ole32

comctl32

Sections

.text Size: 57KB - Virtual size: 56KB

.data Size: 25KB - Virtual size: 25KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 57KB - Virtual size: 56KB

.data
Size: 25KB - Virtual size: 25KB

.rsrc
Size: 16KB - Virtual size: 15KB