7367c92fdf904b2c2fa1554a85da327b

Sharing

Copy URL Twitter E-mail

General

Target

7367c92fdf904b2c2fa1554a85da327b
Size

233KB
MD5

7367c92fdf904b2c2fa1554a85da327b
SHA1

5baa3daa9e2861250c5a3300a015e836634b212b
SHA256

8f7ac6339b90229decffc1816ca2648fb1a090b15467679cf057a95a72a37608
SHA512

190ec1aa1be0e990989123666b25e948c241581c4cdf14e1fc99aa1ee527de52e45798d5a2a35c57dc0589147309bb441181334e563957b4fcef5b1c3637a657
SSDEEP

6144:/Ohg8mPHy29F38y02TnRWn9wTLXLOVqAbvOxiwrzJ6sdzEg:/Wg8mPSG8h2TRWUCEAbvgii6sJE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7367c92fdf904b2c2fa1554a85da327b

Files

7367c92fdf904b2c2fa1554a85da327b
.exe windows:4 windows x86 arch:x86

1b36c45e7faae520d4d28ccbee38f263

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
UnhandledExceptionFilter
EnumSystemLocalesA
DeleteCriticalSection
SetHandleCount
GetCPInfo
HeapAlloc
LoadLibraryA
GetEnvironmentStringsW
IsBadWritePtr
EnterCriticalSection
EnumResourceLanguagesA
GetACP
GetStdHandle
InterlockedExchange
GetTickCount
GetOEMCP
TlsFree
TlsGetValue
FreeEnvironmentStringsA
InitializeCriticalSection
HeapCreate
TlsSetValue
HeapDestroy
SetFileTime
WriteFile
LeaveCriticalSection
TlsAlloc
GetProcAddress
GetCurrentThread
SetLastError
HeapFree
WriteConsoleOutputCharacterA
GetVersion
WriteProfileStringA
GetStringTypeW
VirtualQuery
GetFileType
LCMapStringW
GetSystemTimeAsFileTime
GetStartupInfoA
GetCurrentProcessId
GetEnvironmentStrings
MultiByteToWideChar
HeapReAlloc
WideCharToMultiByte
ExitProcess
GetCommandLineA
FreeEnvironmentStringsW
VirtualAlloc
TerminateProcess
QueryPerformanceCounter
GetCurrentProcess
GetStringTypeA
GetModuleHandleA
LCMapStringA
GetModuleFileNameA
lstrcmpiA
GetCurrentThreadId
RtlUnwind
VirtualFree

gdi32

LineTo
DeviceCapabilitiesExW
GetTextFaceA
IntersectClipRect
MoveToEx
GetMapMode
GetTextExtentPointA
GetTextExtentPointW
CloseFigure
CopyEnhMetaFileW
Polygon
GetICMProfileA
PolyPolygon
CopyMetaFileA
GdiGetBatchLimit
PolyBezierTo
GetGlyphOutlineW
CreateColorSpaceW
CreateFontIndirectA
GetEnhMetaFileW
gdiPlaySpoolStream
EnumMetaFile

advapi32

LookupPrivilegeValueA
CryptDestroyKey
RegQueryValueW
RegCreateKeyA
RegEnumValueW
LookupSecurityDescriptorPartsW
LogonUserA
CryptDestroyHash
RegSetValueExA
StartServiceA
RevertToSelf
CryptDecrypt
DuplicateToken
CryptSetProviderExW
CryptCreateHash
RegReplaceKeyW
RegQueryInfoKeyW

comdlg32

PageSetupDlgA
ReplaceTextA
LoadAlterBitmap
GetSaveFileNameA
FindTextA
GetOpenFileNameA

Sections

.text
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 131KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1b36c45e7faae520d4d28ccbee38f263

Headers

File Characteristics

Imports

kernel32

gdi32

advapi32

comdlg32

Sections

.text Size: 95KB - Virtual size: 94KB

.data Size: 131KB - Virtual size: 142KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 95KB - Virtual size: 94KB

.data
Size: 131KB - Virtual size: 142KB

.rsrc
Size: 5KB - Virtual size: 5KB