7131a1a6f0d58609177fe0e9dc0dcba9

Sharing

Copy URL Twitter E-mail

General

Target

7131a1a6f0d58609177fe0e9dc0dcba9
Size

602KB
MD5

7131a1a6f0d58609177fe0e9dc0dcba9
SHA1

96f690c42695970923a1928de31b0df99d8b4890
SHA256

e2a7c1b53e1b005104473b0b4490daf74c7125443d81b79f5dec8a0e64d5ed7c
SHA512

3f749f143f2d610975de06ab5d281e0e2ac9066426066760e51f9d6bdd6c7d91e08b96e98a81a1423fe20124b956651b74d276f111d660dcead860eb8d726457
SSDEEP

12288:lXl3DgTZOcnf5kGVrrYqQ0fHG0nBRDKoRU5hzM6SHOjr/DcYgSVA:lXlTgTZOc5kGVfv7f3BRDKoy5h1/D7V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7131a1a6f0d58609177fe0e9dc0dcba9

Files

7131a1a6f0d58609177fe0e9dc0dcba9
.exe windows:4 windows x86 arch:x86

972f17d2a5e2219b45408899693d3603

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeW
GetCurrentProcess
TlsAlloc
SetCriticalSectionSpinCount
GetSystemTimeAsFileTime
GetSystemInfo
GetOEMCP
GetModuleHandleA
GetTimeFormatA
DeleteCriticalSection
DeleteFiber
CompareStringW
OpenMutexA
TerminateProcess
EnumCalendarInfoW
CreateMutexA
GlobalHandle
SetFileAttributesW
GetModuleFileNameA
ResumeThread
FreeEnvironmentStringsA
GetProcAddress
GetFileType
GetTimeZoneInformation
FoldStringA
GetEnvironmentStrings
FlushFileBuffers
SetEnvironmentVariableA
HeapSize
VirtualAlloc
LCMapStringW
FillConsoleOutputCharacterW
WideCharToMultiByte
SystemTimeToFileTime
GetFullPathNameA
GetACP
GetEnvironmentStringsW
SetEndOfFile
SetVolumeLabelW
FileTimeToDosDateTime
GetDateFormatW
WriteFile
HeapAlloc
EnumResourceNamesW
SleepEx
HeapFree
FreeLibrary
GetNamedPipeInfo
FindResourceExA
GetFileAttributesExW
ReadConsoleInputA
HeapCreate
CreatePipe
GetTickCount
FormatMessageW
HeapDestroy
OpenMutexW
IsValidCodePage
UnhandledExceptionFilter
GetDateFormatA
EnterCriticalSection
GetCurrentThreadId
GetUserDefaultLCID
IsBadWritePtr
InitializeCriticalSection
WriteFileEx
TlsGetValue
CreateMailslotW
GetSystemDirectoryW
InterlockedDecrement
CloseHandle
EnumSystemLocalesA
LoadLibraryA
IsValidLocale
VirtualFree
RtlUnwind
SetFilePointer
TlsSetValue
InterlockedExchange
FreeResource
GetLastError
TlsFree
LeaveCriticalSection
SetCurrentDirectoryW
DebugBreak
WaitForSingleObjectEx
UnlockFileEx
SetLastError
MultiByteToWideChar
GetCPInfo
GetLocaleInfoA
OpenEventA
GetLocaleInfoW
GetVersionExA
SetStdHandle
LocalSize
VirtualProtect
SetConsoleCursorInfo
GetCommandLineA
SetHandleCount
TryEnterCriticalSection
ReadFile
GetStringTypeA
QueryPerformanceCounter
CreateFileMappingW
ExitProcess
WaitForMultipleObjects
FreeEnvironmentStringsW
FindNextFileW
GetStdHandle
GetPrivateProfileIntW
VirtualQuery
WriteConsoleW
GetCalendarInfoW
GetStartupInfoA
CompareStringA
GetCurrentProcessId
GetCurrentThread
UnlockFile
FindAtomA
LCMapStringA
HeapReAlloc
OpenProcess

comctl32

ImageList_GetImageRect
ImageList_DrawIndirect
InitCommonControlsEx
CreatePropertySheetPageA
ImageList_DrawEx
ImageList_SetDragCursorImage
ImageList_EndDrag

shell32

RealShellExecuteExA
ExtractAssociatedIconW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHFileOperation

comdlg32

PageSetupDlgW
GetSaveFileNameW
ChooseColorW

user32

GetSysColorBrush
GetUserObjectInformationW
SetWindowsHookA
ModifyMenuA
DrawFrame
SetCapture
RegisterClassA
DlgDirListW
CheckMenuItem
ChangeDisplaySettingsExW
BroadcastSystemMessageW
DrawCaption
CreateDialogParamA
ToAscii
ChildWindowFromPoint
MonitorFromRect
ChangeDisplaySettingsW
PostThreadMessageW
WINNLSEnableIME
CharUpperA
MapVirtualKeyA
LoadKeyboardLayoutA
RegisterClassExA
SetWindowTextA
EnumDisplayMonitors
IsCharLowerW
GetNextDlgGroupItem
DrawIconEx
RemovePropW
LoadImageW
CharLowerA

Sections

.text
Size: 209KB - Virtual size: 208KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 262KB - Virtual size: 261KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 110KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

972f17d2a5e2219b45408899693d3603

Headers

File Characteristics

Imports

kernel32

comctl32

shell32

comdlg32

user32

Sections

.text Size: 209KB - Virtual size: 208KB

.rdata Size: 262KB - Virtual size: 261KB

.data Size: 110KB - Virtual size: 121KB

.rsrc Size: 20KB - Virtual size: 20KB

.text
Size: 209KB - Virtual size: 208KB

.rdata
Size: 262KB - Virtual size: 261KB

.data
Size: 110KB - Virtual size: 121KB

.rsrc
Size: 20KB - Virtual size: 20KB