7462ffb7411973098c4f72b4f6adf992

Sharing

Copy URL Twitter E-mail

General

Target

7462ffb7411973098c4f72b4f6adf992
Size

22KB
MD5

7462ffb7411973098c4f72b4f6adf992
SHA1

75c717e325def0663eb67aaa6307022f3320c66f
SHA256

73e2b2af037a335cc363b016cbb0ad5c49a273e052ff208c7b0fde093c16d70d
SHA512

4648c4b5c8fa64a94da168d7a37498eb980ef7b285b1fa7107f4a8d30333810f2f8c1b1b6210389bcc4dfe03bd035d45c8e61b16b80495397af865e6c608e751
SSDEEP

384:BS5zOWjB6FniD/uc0QQSoSqBKOX5+eibo5pPA57mHmen:U5zJB6FiaZTTf5+eOwA5gm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7462ffb7411973098c4f72b4f6adf992

Files

7462ffb7411973098c4f72b4f6adf992
.exe windows:4 windows x86 arch:x86

4cba443feb16cdbf5947a3a5d04872ed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

olecli32

OleLockServer

rpcrt4

MesIncrementalHandleReset
NdrConformantStructBufferSize
CreateStubFromTypeInfo
NDRcopy
CStdStubBuffer_CountRefs
NdrByteCountPointerBufferSize
NDRCContextBinding
MesBufferHandleReset
NDRCContextMarshall
NDRSContextMarshallEx
NdrByteCountPointerUnmarshall
MesDecodeIncrementalHandleCreate
DllGetClassObject
DceErrorInqTextW
NdrClientInitialize
MesHandleFree
MesEncodeFixedBufferHandleCreate
NdrByteCountPointerFree
NDRSContextMarshall
NdrAsyncServerCall
DllRegisterServer
NdrAsyncClientCall
MesInqProcEncodingId
NdrAllocate

user32

SetWindowPos
KillTimer
TranslateMessage
DefWindowProcA
MessageBoxW
GetParent
BeginPaint
PostMessageW
ReleaseDC
SetWindowLongW
PostQuitMessage
SetCursor
EndDialog
UpdateWindow
CharNextA
SendMessageA
DispatchMessageA
CreateWindowExA
EndPaint
SendMessageW
GetWindowRect
GetClientRect
GetSysColor
GetWindowLongA
IsWindow
wsprintfA
wsprintfW
GetDlgItem
SetWindowLongA
GetDC
ShowWindow
EnableWindow
SetFocus
LoadStringA
GetSystemMetrics
InvalidateRect

oleaut32

RegisterTypeLib
GetActiveObject
VariantChangeTypeEx
SafeArrayPutElement
SafeArrayGetUBound
VariantCopy
GetErrorInfo
SysReAllocStringLen
VariantCopyInd
SysFreeString
VariantClear
LoadTypeLibEx
SafeArrayGetElement
LoadTypeLib
SysAllocStringLen
OleLoadPicture
SafeArrayPtrOfIndex
VariantInit
SafeArrayGetLBound
SysStringByteLen
SafeArrayAccessData
SysAllocStringByteLen
SafeArrayCreate
SysStringLen
CreateErrorInfo

shell32

DllUnregisterServer
PickIconDlg
PathQualify
SHDefExtractIconW
Shell_GetImageLists
DriveType
DAD_DragMove
SHChangeNotifyRegister
SHGetSetSettings
PifMgr_OpenProperties
Shell_MergeMenus
RestartDialog
DAD_DragLeave
DllRegisterServer
GetFileNameFromBrowse
DragAcceptFiles
SHChangeNotifyDeregister
DllCanUnloadNow
DAD_DragEnterEx
DllGetClassObject
Shell_GetCachedImageIndex
SHILCreateFromPath
IsLFNDrive
DllGetVersion
IsNetDrive
DllInstall
DragFinish
SHCoCreateInstance
PathResolve

kernel32

GetTempPathA
GetCommandLineW
CopyFileW
IsDBCSLeadByte
IsValidCodePage
SizeofResource
AddAtomW
GetComputerNameW
MulDiv
GetLastError
GetExitCodeProcess
CloseHandle
ExitProcess
CreateFileMappingW
VirtualAlloc
IsBadCodePtr
LockResource
GetCurrentDirectoryW
SetFileAttributesA
LoadLibraryExA
FindNextFileA
lstrcatW
OutputDebugStringW
ResumeThread
LoadResource
FileTimeToLocalFileTime
GetCurrentProcess
CreateDirectoryA
FindResourceA
ExpandEnvironmentStringsA
RemoveDirectoryW
CreateMutexA
CreateProcessW
DeviceIoControl
OpenProcess
RaiseException
GetFullPathNameW
CreateFileMappingA
GetWindowsDirectoryW
VirtualFree
ReleaseSemaphore
WriteConsoleW
SetThreadPriority

advapi32

RegEnumValueW
RegEnumKeyExW
RegDeleteValueA
AllocateAndInitializeSid
RegSetValueExA
RegQueryValueExW
RegDeleteKeyW
RegOpenKeyExW
RegDeleteKeyA
OpenThreadToken
FreeSid
RegQueryValueExA
RegSetValueExW
RegCloseKey
RegDeleteValueW
RegQueryInfoKeyW
RegCreateKeyExW
RegCreateKeyExA
RegEnumKeyExA
GetTokenInformation
CloseServiceHandle
InitializeSecurityDescriptor
OpenProcessToken
RegOpenKeyExA

Sections

.textbss
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.debug
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 512B - Virtual size: 440B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4cba443feb16cdbf5947a3a5d04872ed

Headers

File Characteristics

Imports

olecli32

rpcrt4

user32

oleaut32

shell32

kernel32

advapi32

Sections

.textbss Size: - Virtual size: 12KB

.data Size: 1KB - Virtual size: 1KB

.debug Size: 1KB - Virtual size: 1KB

.rdata Size: 1KB - Virtual size: 1KB

.text Size: 512B - Virtual size: 440B

.rsrc Size: 3KB - Virtual size: 3KB

.idata Size: 12KB - Virtual size: 12KB

.textbss
Size: - Virtual size: 12KB

.data
Size: 1KB - Virtual size: 1KB

.debug
Size: 1KB - Virtual size: 1KB

.rdata
Size: 1KB - Virtual size: 1KB

.text
Size: 512B - Virtual size: 440B

.rsrc
Size: 3KB - Virtual size: 3KB

.idata
Size: 12KB - Virtual size: 12KB