f7b7edc7658aff3e9748c43caf3adea7

Sharing

Copy URL Twitter E-mail

General

Target

f7b7edc7658aff3e9748c43caf3adea7
Size

60KB
MD5

f7b7edc7658aff3e9748c43caf3adea7
SHA1

bd1b2353e6917431aaa5f8bb184e96adc11dac18
SHA256

73ee779c5c0bde895b75b3d14196eedd7861004a21029aab9b7bf808bb6e34b2
SHA512

44891c8a55fbfa1d682d57737a2111982de75300baf4fe703fa76a1ff1a04c1188c4bf18ba3c4c965f90b8a6c7367539799d8f92493f11ba7603af385b0673d8
SSDEEP

768:FikTo6q041IX7MzkOe7ngw0ut7lS0fmkJzOrX+ch5aBWZdak8kfYLMfubl2J:FioX4kvgwf7A0fOrXbh5a0f7Ql2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f7b7edc7658aff3e9748c43caf3adea7

Files

f7b7edc7658aff3e9748c43caf3adea7
.exe windows:4 windows x86 arch:x86

03614e13b42821d353a045b0b3312229

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
HeapFree
HeapReAlloc
HeapSize
SystemTimeToFileTime
GetLocalTime
FileTimeToSystemTime
lstrcatA
lstrcpyA
GetTickCount
ReleaseMutex
lstrlenA
GetShortPathNameA
GetTempPathA
FreeLibrary
GetProcAddress
LoadLibraryA
Sleep
CreateMutexA
lstrcmpA
GetModuleHandleA
GetCommandLineA
GetLastError
MultiByteToWideChar
WideCharToMultiByte
LocalFree
CompareFileTime
GlobalFree
GlobalAlloc
GetSystemDefaultLCID
GetVolumeInformationA
GetWindowsDirectoryA
CloseHandle
TerminateProcess
OpenProcess
lstrcmpiA
WriteFile
HeapAlloc
DeleteFileA
ResumeThread
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetCurrentProcess
GetEnvironmentVariableA
GetModuleFileNameA
GetFileAttributesA
GetStdHandle
GetSystemInfo
VirtualProtect
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
VirtualAlloc
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetVersionExA
GetLocaleInfoA
GetACP
InterlockedExchange
GetCPInfo
GetOEMCP
IsBadCodePtr
IsBadWritePtr
IsBadReadPtr
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
SetUnhandledExceptionFilter
HeapCreate
HeapDestroy
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
GetStartupInfoA
ExitProcess
VirtualQuery
TlsAlloc
SetLastError
GetCurrentThreadId
TlsFree
TlsSetValue
TlsGetValue
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings

user32

PostQuitMessage
DefWindowProcA
wsprintfA
SendMessageA
CharUpperA
LoadIconA
LoadCursorA
RegisterClassExA
CreateWindowExA
ShowWindow
GetMessageA
TranslateMessage
DispatchMessageA
MsgWaitForMultipleObjects
DestroyWindow
UpdateWindow

advapi32

RegDeleteValueA
RegCloseKey
RegDeleteKeyA
RegSetValueExA
RegQueryValueExA
RegOpenKeyA

shell32

SHGetSpecialFolderPathA

ole32

CoInitialize
CoCreateInstance
CoUninitialize

oleaut32

SysAllocString
VariantClear

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

03614e13b42821d353a045b0b3312229

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 40KB - Virtual size: 37KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 71KB

.text
Size: 40KB - Virtual size: 37KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 71KB