7b5de1e2965f5715cf293fc3fa3c5c3c[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

7b5de1e2965f5715cf293fc3fa3c5c3c.exe
Size

138KB
MD5

7b5de1e2965f5715cf293fc3fa3c5c3c
SHA1

97f791ca67bdcdfdc29b5a3e05cfe5bc5bb5a2bb
SHA256

786a69e0420b5a0e9ff4e4ea35333e2773f2f11444eb3dca6d1bab1b20ae74e5
SHA512

0f2434eb07a4d9e52a41cd96ca6aec57293760f47e83cd4c98cb30c69409cef08079c422b6d77b4b8b13e3371c2fc48869922fb8e34dd1c4118688b3e71b8e4b
SSDEEP

3072:bl8BCvy4nmvR51+AIqOtYgiUonV6Oj/SSyeu:bdvhk6AIqOt5onV63Nx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7b5de1e2965f5715cf293fc3fa3c5c3c.exe

Files

7b5de1e2965f5715cf293fc3fa3c5c3c.exe
.exe windows:4 windows x86 arch:x86

7dd52f0a0f4b026c3d343995be07feb9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

ExtTextOutW
OffsetViewportOrgEx
SetMapMode
DeleteDC
SetViewportOrgEx
PtVisible
CreateBitmap
GetStockObject
DeleteObject
SetWindowExtEx
GetClipBox
RestoreDC
ScaleWindowExtEx
TextOutW
ScaleViewportExtEx
RectVisible
SaveDC
Escape
GetDeviceCaps
SetTextColor
SelectObject
SetBkColor
SetViewportExtEx

oleacc

CreateStdAccessibleObject
LresultFromObject

ole32

CoInitialize
CoCreateInstance
CoUninitialize

user32

PeekMessageW
CheckMenuItem
GetSubMenu
MapWindowPoints
LoadCursorW
SystemParametersInfoA
SetPropW
GetMenuState
RegisterClassW
GetSystemMetrics
GetClassLongW
WinHelpW
GetParent
DefWindowProcW
GetDlgCtrlID
GetForegroundWindow
GetClassInfoExW
GetSysColor
GetMenuItemID
EnableMenuItem
GetClassNameW
RemovePropW
DestroyMenu
SetWindowTextW
GetClientRect
PtInRect
EnableWindow
UnhookWindowsHookEx
GetMenuCheckMarkDimensions
GetMenuItemCount
IsWindowEnabled
GetLastActivePopup
CopyRect
UnregisterClassW
ValidateRect
PostQuitMessage
GetWindowLongW
LoadIconW
LoadBitmapW
CallNextHookEx
DrawTextExW
GetSysColorBrush
PostMessageW
SendMessageW
GetWindow
GetWindowTextW
ReleaseDC
ClientToScreen
CallWindowProcW
GetClassInfoW
GetPropW
SetWindowsHookExW
SetWindowPos
GetMenu
GetMessagePos
GetDlgItem
GetKeyState
AdjustWindowRectEx
DestroyWindow
SetWindowLongW
GetMessageTime
GetFocus
GetCapture
DrawTextW
DispatchMessageW
TabbedTextOutW
GrayStringW
CreateWindowExW
IsIconic
GetDC
GetWindowRect
ModifyMenuW
GetTopWindow
GetWindowPlacement
SetForegroundWindow
MessageBoxW
SetMenuItemBitmaps
RegisterWindowMessageW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

shlwapi

PathFindFileNameA
PathRemoveFileSpecW
PathAppendA
PathFileExistsW
PathCanonicalizeA
PathFileExistsA
PathIsDirectoryEmptyA
StrStrA
PathCanonicalizeW
PathRemoveBackslashW
PathFindExtensionA
PathAppendW
StrStrW
PathRemoveFileSpecA
PathFindExtensionW
PathFindFileNameW
PathAddBackslashW
PathIsDirectoryW
PathAddExtensionW
PathIsDirectoryA
PathIsDirectoryEmptyW

kernel32

HeapDestroy
lstrcpynW
GetLastError
InterlockedDecrement
DeleteCriticalSection
CopyFileA
GetModuleHandleW
HeapSize
TlsGetValue
GetVersion
TlsSetValue
GetTickCount
LocalReAlloc
GlobalReAlloc
DeleteFileW
GlobalUnlock
GetStartupInfoW
lstrcatW
FreeLibrary
LocalFree
GlobalFindAtomW
GetProcAddress
ExitProcess
DebugActiveProcessStop
GlobalAlloc
GlobalFree
GetSystemTimeAsFileTime
GetCurrentProcess
GetCurrentProcessId
SetLastError
TlsAlloc
SetFileAttributesW
QueryPerformanceCounter
FindResourceW
SetFilePointer
InterlockedIncrement
lstrcmpW
EnterCriticalSection
ReadFile
GlobalLock
GlobalAddAtomW
DeleteFileA
LeaveCriticalSection
GetThreadLocale
SetFileAttributesA
LoadLibraryA
WideCharToMultiByte
FlushFileBuffers
LockResource
MultiByteToWideChar
EnumResourceLanguagesA
TlsGetValue
GetVersionExW
CreateDirectoryA
MoveFileA
TerminateProcess
GetSystemInfo
CopyFileW
GlobalHandle
RtlUnwind
FormatMessageW
WriteFile
HeapFree
GetLocaleInfoA
RaiseException
HeapAlloc
InitializeCriticalSection
GetACP
ExitProcess
GlobalDeleteAtom
CreateDirectoryW
GlobalFlags
LocalAlloc
GetCurrentThreadId
GetModuleHandleA
lstrcpyW
TlsFree
RemoveDirectoryW
InterlockedExchange
VirtualProtect
VirtualAlloc
LoadResource
HeapReAlloc
MoveFileW
HeapCreate
VirtualQuery
SizeofResource
RemoveDirectoryA

Sections

.text
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7dd52f0a0f4b026c3d343995be07feb9

Headers

File Characteristics

Imports

gdi32

oleacc

ole32

user32

winspool.drv

shlwapi

kernel32

Sections

.text Size: 114KB - Virtual size: 113KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 16KB - Virtual size: 16KB

.rsrc Size: 1024B - Virtual size: 208KB

.text
Size: 114KB - Virtual size: 113KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 16KB - Virtual size: 16KB

.rsrc
Size: 1024B - Virtual size: 208KB