7314894b6e1e842b756c5e9dad58ff3f

Sharing

Copy URL Twitter E-mail

General

Target

7314894b6e1e842b756c5e9dad58ff3f
Size

349KB
MD5

7314894b6e1e842b756c5e9dad58ff3f
SHA1

91afeee0da2cea309f9ff15c02e49e7e7d5918fb
SHA256

8357d9f6457f31d87a2bb0de8f732d82ba804aacbe0bc9a853529ec7dad0ae66
SHA512

64312e137fb434079c980299a93719ab1ef22220afdbe9bc4e33255a81f699db443d730cdce972f28773f067f47d41b61f15092ea4494c2d4d34abe8a5e3d0e3
SSDEEP

6144:AQSWXrrhZgOtAOfOONOmeelHz4FxoU4dpLskrg5h/U0TFZEC:AQDZBtNNZzHEFfZMg39IC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7314894b6e1e842b756c5e9dad58ff3f

Files

7314894b6e1e842b756c5e9dad58ff3f
.exe windows:5 windows x86 arch:x86

19fc86078531729ee34b15bce6505ddc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EnumWindows
EndPaint
GetDC
GetDlgItem
GetLastActivePopup
GetParent
GetSystemMetrics
DispatchMessageA
DestroyWindow
DestroyIcon
DefWindowProcA
CreateWindowExA
CreateDialogParamA
CallNextHookEx
BeginPaint
CharUpperBuffA
CharToOemBuffA
ExitWindowsEx
DdeGetData
UnhookWindowsHookEx
TranslateMessage
SystemParametersInfoA
ShowWindow
SetWindowRgn
SetWindowsHookExA
SetWindowTextA
SetWindowPos
SetWindowLongA
SendMessageTimeoutA
SendMessageA
ReleaseDC
RegisterClassExA
RegisterClassA
RedrawWindow
PostMessageA
PeekMessageA
OffsetRect
OemToCharBuffA
MoveWindow
MessageBoxA
LoadStringA
LoadImageA
LoadIconA
IsWindowVisible
GetWindowRect
GetKeyboardType

shell32

SHFileOperationW
ShellExecuteExA
ShellExecuteA
SHGetSpecialFolderLocation
ShellExecuteW
SHGetFileInfoW
SHGetPathFromIDListW
SHBrowseForFolderW
SHChangeNotify
SHGetPathFromIDListA

ole32

CoUninitialize
CoInitialize
CoTaskMemFree
OleInitialize
OleUninitialize
PropVariantClear
CreateStreamOnHGlobal
CoSetProxyBlanket
CoCreateInstance
CoInitializeEx

advapi32

RegCreateKeyExA
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW
RegDeleteValueW
RegSetValueExA
RegQueryValueExA
RegQueryInfoKeyA
RegOpenKeyExA
RegEnumKeyExA
RegDeleteValueA
RegDeleteKeyA
RegEnumValueW
RegCreateKeyA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegEnumKeyW
RegOpenKeyExW
RegDeleteKeyW

gdi32

RemoveFontResourceA
GetObjectA
GetDeviceCaps
ExtCreateRegion
DeleteObject
DeleteDC
CreateCompatibleDC
BitBlt
AddFontResourceA
TranslateCharsetInfo
SetBkColor
CreateBrushIndirect
CreateFontIndirectW
SetBkMode
SetTextColor
GetObjectW
GetTextExtentExPointW
CreateCompatibleBitmap
GetStockObject
CreateFontW
SelectObject

comctl32

ImageList_Create
ImageList_Destroy
ImageList_AddMasked
InitCommonControlsEx
ord17

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

shlwapi

SHGetValueA
SHStrDupW
SHDeleteKeyW

kernel32

GetStartupInfoA
GetCommandLineA
GetSystemTimeAsFileTime
GetVersionExA
TlsSetValue
TlsGetValue
LocalAlloc
GetModuleHandleA
GetModuleFileNameA
WideCharToMultiByte
SetCurrentDirectoryA
ResumeThread
RemoveDirectoryA
ReadFile
OpenMutexA
MultiByteToWideChar
MoveFileExA
MoveFileA
LockResource
GetEnvironmentStringsW
DeleteCriticalSection
GetFileType
QueryPerformanceCounter
GetCurrentProcessId
InitializeCriticalSectionAndSpinCount
RtlUnwind
RaiseException
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
LCMapStringA
GetStringTypeA
GetStringTypeW
SetFilePointer
WriteConsoleA
GetConsoleOutputCP
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
TlsAlloc
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
Sleep
ExitProcess
WriteFile
GetStdHandle
SetHandleCount
FreeEnvironmentStringsW
WriteConsoleW
SetStdHandle
SetEndOfFile
GetUserDefaultLCID
LoadResource
LoadLibraryExA
LoadLibraryA
GetWindowsDirectoryA
GetTickCount
GetThreadLocale
GetTempPathA
GetTempFileNameA
GetSystemDirectoryA
GetShortPathNameA
GetProcAddress
GetProcessTimes
RemoveDirectoryW
GetOverlappedResult
CreateNamedPipeW
DisconnectNamedPipe
ConnectNamedPipe
OutputDebugStringW
EnumSystemLocalesW
IsValidLocale
LCMapStringW
CompareStringW
lstrlenA
Module32Next
Module32First
VirtualQuery
VirtualFree
GetSystemInfo
SwitchToThread
HeapCreate
DecodePointer
HeapSize
GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc
CloseHandle
CompareStringA
CreateDirectoryA
CreateFileA
CreateMutexA
CreateProcessA
DeleteFileA
DosDateTimeToFileTime
EnumCalendarInfoA
EnumSystemLocalesA
ExpandEnvironmentStringsA
FileTimeToDosDateTime
FileTimeToLocalFileTime
FindClose
FindFirstFileA
FindNextFileA
FindResourceA
FlushFileBuffers
FormatMessageA
FreeEnvironmentStringsA
FreeLibrary
GetCPInfo
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentThreadId
GetDateFormatA
GetDiskFreeSpaceA
GetDriveTypeA
GetEnvironmentStrings
GetEnvironmentVariableA
GetExitCodeProcess
GetExitCodeThread
GetFileAttributesA
GetFileSize
GetFileTime
GetFullPathNameA
GetLastError
GetLocalTime
GetLocaleInfoA
GetLocaleInfoW
GetPrivateProfileStringA

Sections

.babyboo
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.plut
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 340KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.scal
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 173KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

19fc86078531729ee34b15bce6505ddc

Headers

DLL Characteristics

File Characteristics

Imports

user32

shell32

ole32

advapi32

gdi32

comctl32

version

shlwapi

kernel32

Sections

.babyboo Size: 16KB - Virtual size: 15KB

.plut Size: 92KB - Virtual size: 91KB

.rdata Size: 32KB - Virtual size: 31KB

.data Size: 9KB - Virtual size: 340KB

.scal Size: 25KB - Virtual size: 24KB

.rsrc Size: 173KB - Virtual size: 173KB

.babyboo
Size: 16KB - Virtual size: 15KB

.plut
Size: 92KB - Virtual size: 91KB

.rdata
Size: 32KB - Virtual size: 31KB

.data
Size: 9KB - Virtual size: 340KB

.scal
Size: 25KB - Virtual size: 24KB

.rsrc
Size: 173KB - Virtual size: 173KB