7066ff3e8eb654dc599f3872c0c15d2b

Sharing

Copy URL Twitter E-mail

General

Target

7066ff3e8eb654dc599f3872c0c15d2b
Size

600KB
MD5

7066ff3e8eb654dc599f3872c0c15d2b
SHA1

26407e4430127bc017bc4a6d2fc2b5599f10e09c
SHA256

62bdc897820b1b3cf24a8717d5e45b2e2c6ec4a94f0209e12c8a7ae72300e046
SHA512

dbc700840980e9f1f03203f1ce80e3b5c8b9c949b6dc92e37f3d418390b9307a8578201cb2bc02bfdc1ff09805b1c2fcdc60c1eb16d146547cfe629443beea4e
SSDEEP

12288:rgzTiuKkjdQ7udvHyFuoVgx4MiIZulzbF/U7sxpXEV3VCEs2UZg7TditYxkM7YjO:rgzFK4QAaFuoVgx4/JZ5/UeWV3VCEJyK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7066ff3e8eb654dc599f3872c0c15d2b

Files

7066ff3e8eb654dc599f3872c0c15d2b
.exe windows:4 windows x86 arch:x86

02eee6387652d5de6d002c9776785f7a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetClassNameA
GetCapture
UnregisterHotKey
NotifyWinEvent
SetUserObjectSecurity
DdeCreateStringHandleA
PackDDElParam
RealChildWindowFromPoint
IsCharAlphaA
SetWindowTextA
CallMsgFilterA
LoadStringA
RegisterClassExA
wvsprintfA
GetWindowRect
GetMenuState
GetDCEx
PostMessageA
VkKeyScanA
GetMenuDefaultItem
RegisterClassA
LookupIconIdFromDirectory
SetScrollRange
InSendMessage
DdeGetLastError
GetWindowTextLengthA
SetProcessWindowStation
GetParent
MessageBoxIndirectW
DestroyCursor
InsertMenuW
DrawAnimatedRects
GetForegroundWindow
SetWindowLongA
SetClassLongA
EnumDisplayDevicesW
RegisterHotKey
ChangeClipboardChain
CreateIconFromResource
MessageBoxIndirectA

comctl32

ImageList_DrawIndirect
ImageList_AddMasked
DrawStatusText
ImageList_LoadImageW
CreatePropertySheetPage
InitCommonControlsEx
ImageList_Merge
ImageList_DrawEx
ImageList_ReplaceIcon
ImageList_SetFilter
_TrackMouseEvent
ImageList_BeginDrag
CreatePropertySheetPageA
ImageList_Create
ImageList_GetBkColor
ImageList_GetIcon
ImageList_DragLeave
DestroyPropertySheetPage

kernel32

GetStringTypeExA
SetLocalTime
GetStdHandle
FreeEnvironmentStringsA
GetTickCount
EnterCriticalSection
GetProfileStringA
GetStringTypeW
OpenEventA
RemoveDirectoryA
HeapFree
GetCurrentProcess
MoveFileW
LockFileEx
GetTimeZoneInformation
InterlockedIncrement
LCMapStringW
CloseHandle
ReadConsoleA
WaitForSingleObject
FindResourceExW
InterlockedExchange
GetCompressedFileSizeW
OpenFileMappingW
HeapDestroy
GetStringTypeA
FindFirstFileW
LocalReAlloc
lstrcpyA
HeapReAlloc
OpenMutexA
FindNextChangeNotification
GetProcessHeaps
SetEnvironmentVariableA
CompareStringW
GetNamedPipeHandleStateA
SystemTimeToFileTime
Sleep
LoadLibraryA
GetCurrentProcessId
HeapLock
GetTimeFormatA
LeaveCriticalSection
GetEnvironmentStrings
DebugBreak
VirtualQuery
TlsSetValue
CreateEventA
WriteConsoleA
EnumDateFormatsA
GetFileType
VirtualFree
GetDateFormatA
RtlUnwind
GetLocalTime
LCMapStringA
FindClose
InitializeCriticalSectionAndSpinCount
WriteConsoleOutputCharacterA
LoadLibraryExA
SetHandleCount
GetShortPathNameA
GetDiskFreeSpaceA
HeapSize
InterlockedDecrement
SetStdHandle
GetStartupInfoA
GetConsoleMode
GetCommandLineW
WaitNamedPipeW
TlsFree
VirtualAlloc
GetConsoleOutputCP
lstrlenW
GetModuleFileNameW
SetLastError
FindResourceA
GetLocaleInfoA
CreateProcessW
EnumDateFormatsExA
ConnectNamedPipe
GetModuleHandleA
SetFilePointer
GetPrivateProfileStringA
UnhandledExceptionFilter
FreeEnvironmentStringsW
CompareStringA
IsValidCodePage
LocalUnlock
GetCalendarInfoW
WriteFile
ReadFile
GetProcessAffinityMask
GetEnvironmentStringsW
GetFileAttributesW
GetOEMCP
SetConsoleTitleA
OpenFile
lstrcmpi
GetCurrentThreadId
CreateMutexA
GetUserDefaultLCID
CreateRemoteThread
GetPrivateProfileSectionNamesA
ReadConsoleW
SleepEx
FreeLibrary
TlsGetValue
EnumDateFormatsExW
FlushInstructionCache
GetProcAddress
GetSystemTimeAsFileTime
GetACP
WriteConsoleOutputW
TlsAlloc
GetModuleFileNameA
EnumTimeFormatsW
WideCharToMultiByte
OpenFileMappingA
HeapAlloc
FindResourceExA
MultiByteToWideChar
ExitProcess
GetCPInfo
GetModuleHandleW
GetLocaleInfoW
GetTempPathW
SetConsoleCtrlHandler
GetDriveTypeW
RtlMoveMemory
SetUnhandledExceptionFilter
SetThreadAffinityMask
EnumSystemLocalesA
TerminateProcess
ReleaseSemaphore
DeleteCriticalSection
GetLogicalDriveStringsW
IsValidLocale
GetCurrentThread
GetCommandLineA
OpenSemaphoreW
SetVolumeLabelA
GetTempFileNameW
GetLastError
HeapCreate
FindFirstFileA
IsDebuggerPresent
GetSystemDefaultLCID
GetUserDefaultLangID
QueryPerformanceCounter
WriteConsoleW
LocalShrink
CreateFileA
GetConsoleCP
RaiseException
SetCriticalSectionSpinCount
FlushFileBuffers
SetCurrentDirectoryA

Sections

.text
Size: 212KB - Virtual size: 210KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 253KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

02eee6387652d5de6d002c9776785f7a

Headers

File Characteristics

Imports

user32

comctl32

kernel32

Sections

.text Size: 212KB - Virtual size: 210KB

.rdata Size: 256KB - Virtual size: 253KB

.data Size: 116KB - Virtual size: 141KB

.rsrc Size: 12KB - Virtual size: 8KB

.text
Size: 212KB - Virtual size: 210KB

.rdata
Size: 256KB - Virtual size: 253KB

.data
Size: 116KB - Virtual size: 141KB

.rsrc
Size: 12KB - Virtual size: 8KB