07a7df8c9fe37daa2139cf5a27effb50

Sharing

Copy URL Twitter E-mail

General

Target

07a7df8c9fe37daa2139cf5a27effb50
Size

51KB
MD5

07a7df8c9fe37daa2139cf5a27effb50
SHA1

5ef70a49754b66e9f3e8de52418193cc8d5be765
SHA256

2452c5c232e5447d295d2a3e0a79ded0b8a73220f05e559f43d80138e469d7c7
SHA512

24a4e5fde4c67399f52096dc50455d7b7d1575be1f7bc0c91086a5b95742a308c4a39dcb55f26244c45cafb88ae7b7f8436c7f807504bf68dcec11b6c66c69fa
SSDEEP

768:9X0d00qYIl3HizD6+WirYvozlnhNC0RtF99K/3:I0XYIl3y2+5zljRRP9G3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07a7df8c9fe37daa2139cf5a27effb50

Files

07a7df8c9fe37daa2139cf5a27effb50
.exe windows:1 windows x86 arch:x86

986ba2da53140f6acf8faf3ee5e31ae8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetFileTime
SetFileTime
GetProcAddress
CreateToolhelp32Snapshot
SetThreadPriority
GlobalMemoryStatus
ExitProcess
GetTempPathA
GetProcessHeap
GetLocalTime
UnmapViewOfFile
Sleep
CreateFileMappingA
CreateProcessA
HeapAlloc
FindClose
GetWindowsDirectoryA
GetTimeZoneInformation
GetVersionExA
GetSystemDirectoryA
GetModuleHandleA
MapViewOfFile
GetFileSize
WideCharToMultiByte
SystemTimeToFileTime
GetComputerNameA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetDiskFreeSpaceA
GetDriveTypeA
CreateThread
GetCommandLineA
GetACP
LoadLibraryA
FindNextFileA
HeapFree
FindFirstFileA
Module32First
GetSystemTimeAsFileTime
GetSystemTime
FileTimeToSystemTime
CloseHandle
GlobalAlloc
DeleteFileA
GetModuleFileNameA
CopyFileA
FreeLibrary
lstrcmpA
WriteFile
CreateFileA
TerminateProcess
Module32Next
OpenProcess
Process32First
Process32Next

user32

ToAscii
SetWindowsHookExA
SetKeyboardState
PeekMessageA
GetWindowTextA
GetSystemMetrics
GetKeyboardState
GetKeyNameTextA
GetForegroundWindow
GetDesktopWindow
GetDC
GetActiveWindow
DispatchMessageA
CharUpperA
CharLowerA
CallNextHookEx
GetMessageA
SetForegroundWindow
UnhookWindowsHookEx

wsock32

send
select
recv
ntohl
listen
htons
htonl
gethostname
gethostbyname
gethostbyaddr
socket
connect
closesocket
bind
accept
__WSAFDIsSet
WSAStartup
WSACleanup

advapi32

RegEnumValueA
RegEnumKeyExA
RegCreateKeyExA
RegDeleteValueA
RegSetValueExA
RegQueryValueExA
RegDeleteKeyA
RegCloseKey
RegOpenKeyExA
GetUserNameA

gdi32

GetDeviceCaps

rasapi32

RasGetEntryPropertiesA
RasEnumEntriesA
RasEnumConnectionsA

Sections

CODE
Size: 32KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

986ba2da53140f6acf8faf3ee5e31ae8

Headers

File Characteristics

Imports

kernel32

user32

wsock32

advapi32

gdi32

rasapi32

Sections

CODE Size: 32KB - Virtual size: 36KB

DATA Size: 15KB - Virtual size: 16KB

.idata Size: 3KB - Virtual size: 4KB

.reloc Size: - Virtual size: 4KB

CODE
Size: 32KB - Virtual size: 36KB

DATA
Size: 15KB - Virtual size: 16KB

.idata
Size: 3KB - Virtual size: 4KB

.reloc
Size: - Virtual size: 4KB