0f7c7ab0427fbbeff380be0c8a779db2

Sharing

Copy URL Twitter E-mail

General

Target

0f7c7ab0427fbbeff380be0c8a779db2
Size

43KB
MD5

0f7c7ab0427fbbeff380be0c8a779db2
SHA1

b2a2536c5e0fba95340cc8e2f9b3f15e9e899485
SHA256

a2bf6d56b60235549ee1379012b24606809a9a7ca059e5e971f6bedcb370b80e
SHA512

e0829a16edc3f0c7f21a89556fc317caac5c3008f13752f339656fc1a7a8b925e29383fa1cc2622be8888c73f81af0c2cde427a834a1ca07d390e87c848970ff
SSDEEP

768:lSpEck29yfUE9wKs4EUT2iDq8Q0oAYo/rw7gOh+YjjQkgiJBlhI8/7:l4XMf7EqPDq8Q0LYVgzylhx/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f7c7ab0427fbbeff380be0c8a779db2

Files

0f7c7ab0427fbbeff380be0c8a779db2
.exe windows:4 windows x86 arch:x86

2ef317efe5b31b20b928dc51a1381402

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

_lclose
VirtualProtect
CreateJobObjectA
VirtualLock
SetConsoleNlsMode
PeekConsoleInputA
EscapeCommFunction
GetStringTypeA
GetLastError
CreateMailslotW
VDMOperationStarted
OpenWaitableTimerA
OpenSemaphoreA
SetProcessWorkingSetSize
LeaveCriticalSection
GetConsoleCommandHistoryLengthW
CreateEventW
SetConsoleHardwareState
GetProcessIoCounters
HeapAlloc
PulseEvent
SetDefaultCommConfigA

user32

SetDlgItemTextA
GetMenuState
EnableScrollBar
DdeDisconnectList
GetKeyboardLayout
GetAltTabInfoA
DlgDirListA
IsWindowEnabled
InsertMenuItemA
GetMenuContextHelpId
EndDialog
GetMonitorInfoA
MapDialogRect
ToUnicodeEx
FindWindowA
MessageBoxIndirectA
AdjustWindowRectEx
GetWindowModuleFileNameW
SubtractRect
SetClassLongW
DdeUnaccessData
GetInputDesktop
MenuWindowProcA
GetTabbedTextExtentW
DdeReconnect
ShowWindow
ScreenToClient
DrawFrameControl
DdeGetLastError

gdi32

GetCharWidthA
GdiFixUpHandle
GetNearestPaletteIndex
GdiReleaseLocalDC
GdiEntry16
EngLockSurface
GdiGradientFill
GetClipRgn
PathToRegion
BitBlt
StrokePath
EngStretchBlt
EngCreateBitmap
RemoveFontResourceExA
CLIPOBJ_ppoGetPath
ExcludeClipRect
FixBrushOrgEx
GdiSetServerAttr
ColorMatchToTarget
SetVirtualResolution
CreateEnhMetaFileW
Escape
AddFontResourceTracking
GdiSwapBuffers
GetTextExtentExPointW
GetTextCharacterExtra
SetWindowOrgEx
GetPixelFormat

comdlg32

ReplaceTextA
FindTextW
GetSaveFileNameW
Ssync_ANSI_UNICODE_Struct_For_WOW
dwLBSubclass
PageSetupDlgA
PrintDlgExW
ChooseColorA

psapi

EnumProcesses
GetModuleFileNameExW
GetProcessMemoryInfo
GetDeviceDriverFileNameW
QueryWorkingSet
InitializeProcessForWsWatch
GetModuleBaseNameA
EmptyWorkingSet
GetWsChanges
GetDeviceDriverBaseNameW
GetDeviceDriverFileNameA
EnumDeviceDrivers

comctl32

ImageList_LoadImageA
CreatePropertySheetPageA
ImageList_DrawIndirect
CreateToolbarEx
ImageList_ReplaceIcon
CreateStatusWindowW
DestroyPropertySheetPage
FlatSB_SetScrollInfo
ImageList_SetFlags
ImageList_Create
InitCommonControlsEx
CreateStatusWindow
ImageList_Merge
InitializeFlatSB
ImageList_GetDragImage
PropertySheet
ImageList_GetImageCount
DrawStatusText
ImageList_Draw
PropertySheetW
DrawStatusTextW
ImageList_Write
CreateMappedBitmap
UninitializeFlatSB
ImageList_AddIcon
FlatSB_SetScrollProp
GetMUILanguage

Sections

.text
Size: 4KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2ef317efe5b31b20b928dc51a1381402

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

psapi

comctl32

Sections

.text Size: 4KB - Virtual size: 44KB

.data Size: 34KB - Virtual size: 36KB

.idata Size: 4KB - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 44KB

.data
Size: 34KB - Virtual size: 36KB

.idata
Size: 4KB - Virtual size: 4KB