7261b977fb63be26c7edd434c96834e4

Sharing

Copy URL Twitter E-mail

General

Target

7261b977fb63be26c7edd434c96834e4
Size

82KB
MD5

7261b977fb63be26c7edd434c96834e4
SHA1

3614a8dd68ec1db3dbf14eafd59160607dfe439b
SHA256

60a7bdc0f98d46449befb62f8b1c46ba104531a59631966a9c6bfecf8eec82c3
SHA512

ea014f7e92b5d112813a6711057ff551a5709b6a41a82c02ec24a0a7ee2e0ed75731fde91123d68ce33a6f4d275d5b8019f3c3a73934fa3786c702e472d8029d
SSDEEP

1536:27p8+PrPHYauBop61nV+d3Hnt5D+wpIo70qu43dmuc8/:w8+jPYauB06JM3HLbpIo043gu3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7261b977fb63be26c7edd434c96834e4

Files

7261b977fb63be26c7edd434c96834e4
.exe windows:4 windows x86 arch:x86

2b1455a8d180184397bf9e5d87029386

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

EqualRect
PostQuitMessage
EnumWindows
EnableMenuItem
SetWindowPos
FrameRect
GetSubMenu
GetScrollPos
GetSysColor
GetMessageA
GetSysColorBrush
SetWindowTextA
UnhookWindowsHookEx

kernel32

GetFileAttributesA
GetThreadLocale
ExitProcess
GetACP
VirtualAllocEx
GetTempPathA
RtlUnwind
GetSystemTime
GetCurrentProcessId
SetUnhandledExceptionFilter
GetStartupInfoA
GetTimeZoneInformation
FileTimeToSystemTime
InterlockedExchange

gdi32

DPtoLP
SelectClipPath
CreateCompatibleBitmap
FillRgn
ExcludeClipRect
CreateICW
SetViewportExtEx
CopyEnhMetaFileA
GetMapMode

ole32

StringFromGUID2
CoCreateInstance
CoInitialize
CoRevokeClassObject
CoInitializeSecurity
CoTaskMemRealloc
StgOpenStorage
OleRun
DoDragDrop

advapi32

CheckTokenMembership
GetSecurityDescriptorDacl
CryptHashData
RegQueryValueExW
RegCreateKeyExW
QueryServiceStatus
FreeSid
RegCreateKeyA
GetUserNameA
AdjustTokenPrivileges

msvcrt

fprintf
_fdopen
puts
_mbscmp
__initenv
_lock
strncpy
iswspace
signal
_strdup
strlen
__getmainargs
__setusermatherr
raise
strcspn
fflush
_flsbuf
_CIpow

comctl32

ImageList_GetIcon
ImageList_LoadImageA
ImageList_GetBkColor
InitCommonControls
CreatePropertySheetPageA
ImageList_Destroy
ImageList_SetIconSize
ImageList_DragEnter
ImageList_Write
ImageList_DrawEx
ImageList_ReplaceIcon
ImageList_LoadImageW
ImageList_GetIconSize

shell32

DragQueryFileA
SHBrowseForFolderA
DragAcceptFiles
ShellExecuteEx
CommandLineToArgvW
ExtractIconExW
ShellExecuteW
ExtractIconW
DoEnvironmentSubstW
DragQueryFileW
SHGetPathFromIDList

oleaut32

VariantCopy
SysReAllocStringLen
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayCreate
SafeArrayUnaccessData
SafeArrayGetUBound
SafeArrayRedim

Sections

.text
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

zgpbcap
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rnlhwnt
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2b1455a8d180184397bf9e5d87029386

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 33KB - Virtual size: 32KB

.data Size: 41KB - Virtual size: 40KB

.rsrc Size: 7KB - Virtual size: 34KB

zgpbcap Size: - Virtual size: 32KB

rnlhwnt Size: - Virtual size: 4KB

.text
Size: 33KB - Virtual size: 32KB

.data
Size: 41KB - Virtual size: 40KB

.rsrc
Size: 7KB - Virtual size: 34KB

zgpbcap
Size: - Virtual size: 32KB

rnlhwnt
Size: - Virtual size: 4KB