07bcab3044469376542c86a5fef895a6

Sharing

Copy URL Twitter E-mail

General

Target

07bcab3044469376542c86a5fef895a6
Size

529KB
MD5

07bcab3044469376542c86a5fef895a6
SHA1

ee146da5dae1dfee9f4464f9902473815d8ce31f
SHA256

98eadea85cdd4a1965550930bc32fbfb2a327470e70a97ca010f46287668d136
SHA512

52c20194f0ad9bd77a59981f85c06c7ef64fc9aedb779b49c282be3eaf7369e8c76cca682ad7655ae9a3f3cc26a6ff3236e684b9505559d21868bd2f253fb494
SSDEEP

12288:+wZTo/iKQHMB/JHBDfg4CKTyydUZOgrUq8aLMmqtq:+iTo/iKY0/3fRRjt9q8ajk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07bcab3044469376542c86a5fef895a6

Files

07bcab3044469376542c86a5fef895a6
.exe windows:4 windows x86 arch:x86

aaa79474b937c84f5504a3af25b259f2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateColorSpaceW
SetBitmapDimensionEx
PlayMetaFile
GetRegionData
GetCharABCWidthsW
CheckColorsInGamut

user32

RegisterClassExA
RegisterClassA
WINNLSGetIMEHotkey
MonitorFromWindow
SetClassWord

kernel32

GetUserDefaultLCID
FreeLibrary
EnumSystemLocalesA
GetFileType
GetConsoleMode
Sleep
OpenMutexA
GetConsoleOutputCP
HeapSize
TlsSetValue
SetEnvironmentVariableA
InitializeCriticalSectionAndSpinCount
HeapReAlloc
GetTimeFormatA
SetHandleCount
GetStdHandle
GetEnvironmentStringsW
TerminateProcess
IsValidCodePage
InterlockedIncrement
GetStartupInfoA
GetStartupInfoW
SetFilePointer
MultiByteToWideChar
CloseHandle
GetCommandLineA
SetUnhandledExceptionFilter
GetModuleHandleW
ExitProcess
GetTimeZoneInformation
GetLocaleInfoW
GetProcAddress
VirtualQuery
GetCurrentThreadId
SetLastError
InterlockedDecrement
GetCurrentProcess
CreateFileA
ReadFile
GetCurrentThread
GetTickCount
VirtualAlloc
GetModuleFileNameA
TlsGetValue
CompareStringA
GetCommandLineW
TlsAlloc
HeapFree
TlsFree
GetLocaleInfoA
WriteFile
CreateMutexA
IsValidLocale
GetDateFormatA
GetModuleHandleA
HeapDestroy
GetACP
HeapCreate
GetSystemTimeAsFileTime
LoadLibraryA
UnhandledExceptionFilter
GetCPInfo
GetLastError
InterlockedExchange
RtlUnwind
WriteConsoleW
VirtualFree
CompareStringW
SetStdHandle
FreeEnvironmentStringsW
GetConsoleCP
WideCharToMultiByte
WriteConsoleA
TerminateThread
GetCurrentProcessId
LCMapStringW
LCMapStringA
HeapAlloc
SetConsoleCtrlHandler
QueryPerformanceCounter
GetStringTypeW
GetStringTypeA
DeleteCriticalSection
EnterCriticalSection
GetModuleFileNameW
LeaveCriticalSection
IsDebuggerPresent
FlushFileBuffers
GetOEMCP

wininet

FtpRemoveDirectoryA
InternetFortezzaCommand
InternetGetConnectedStateExW
InternetCheckConnectionW
FtpGetFileSize
DeleteUrlCacheContainerW
IsHostInProxyBypassList
GetUrlCacheGroupAttributeA
InternetSecurityProtocolToStringW

comdlg32

GetSaveFileNameA
ChooseColorA

comctl32

InitCommonControlsEx

Sections

.text
Size: 197KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 317KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aaa79474b937c84f5504a3af25b259f2

Headers

File Characteristics

Imports

gdi32

user32

kernel32

wininet

comdlg32

comctl32

Sections

.text Size: 197KB - Virtual size: 196KB

.rdata Size: 9KB - Virtual size: 16KB

.data Size: 317KB - Virtual size: 316KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 197KB - Virtual size: 196KB

.rdata
Size: 9KB - Virtual size: 16KB

.data
Size: 317KB - Virtual size: 316KB

.rsrc
Size: 5KB - Virtual size: 4KB