7520afe6986d94353888f33e315cc497

Sharing

Copy URL

Twitter E-mail

General

Target

7520afe6986d94353888f33e315cc497
Size

859KB
MD5

7520afe6986d94353888f33e315cc497
SHA1

53ad05c13e723138d6c9f4504df44f2c713dacbf
SHA256

69d679932d4e6e3ac60c70e7255f1a716d589c036b9d89fd649313806b3cdd5e
SHA512

d515649b9167537e9420566ba0303c33521a66202d3ce25a41810a3746ae95386c18f1dd52e256194826f727b9721be5609b7474d60eb9e85dfb5ef2f6b5470b
SSDEEP

12288:vVONXWALeaxJCdRCsp8srcqgiY7kLExBus21XR1qmGemsdOJM2DOkswyneKK9:INXWSeddRbKCy7kLaA1X/ksYu2DDnJ/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
7520afe6986d94353888f33e315cc497

Files

7520afe6986d94353888f33e315cc497
.exe windows:5 windows x86 arch:x86

5bb84dbee290e8b5bc6d9e3ca620c9f6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

crtdll

qsort
_popen
_strncnt
wcstod
_wcsset
_pwctype_dll
_strdec
wcscspn
_rmdir
tmpnam
_setsystime
feof
_ismbbpunct
strftime
fwrite
strcoll
_mbscat
_winmajor_dll
_beep
tan
_matherr
_copysign
wcsncat
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
wcsftime
_baseminor_dll
_fileno
__iscsymf
fscanf
sin
strncpy
_c_exit
??3@YAXPAX@Z
_locking
wcsrchr
mblen
isleadbyte
swprintf
_execl
_errno
_wcsrev
_ismbcprint
_dup
time
strtod
strrchr
_mbspbrk
_mbsrchr
_ismbbtrail
_aexit_rtn_dll
_logb
putchar
ispunct
_mbsspn
strstr
memcmp
_strinc
__pxcptinfoptrs
_spawnvp
_mbsinc
ldiv
free
__iscsym
sprintf
_fgetchar
_rmtmp
_ismbbprint
_cexit
wcsncpy
fprintf

user32

CopyIcon
IMPGetIMEW
ChangeClipboardChain
GetGuiResources
SetDlgItemTextW
LoadRemoteFonts
WINNLSGetEnableStatus
GetWindowRgn
SetInternalWindowPos
DialogBoxParamW
PrivateExtractIconsA
wvsprintfA
DeviceEventWorker
CharToOemBuffW
IMPQueryIMEW
IsCharLowerW
SetRect
PaintMenuBar
MapVirtualKeyA
OemToCharBuffA
RegisterUserApiHook
EnumDesktopWindows
TileChildWindows
ScrollDC
SendMessageCallbackA
CreateCursor

oleaut32

VarDecFromI2
VarTokenizeFormatString
OleTranslateColor
VarUI8FromBool
VarBstrFromI4
VarR4FromUI2
CreateDispTypeInfo
VarR4FromUI4
CreateStdDispatch
VarCyFix
VarUI1FromR4
CreateErrorInfo
OleLoadPictureEx
OleLoadPicturePath
VarUI2FromUI1
SafeArrayPutElement
LPSAFEARRAY_Unmarshal
VarUI1FromI4
GetActiveObject
VarBoolFromCy
SafeArrayDestroy
VarMonthName
VarI2FromUI2
SafeArrayUnlock
LoadTypeLib
VarUI1FromStr
VarUI4FromI1
VarCyAbs
VariantChangeType
VarUI8FromDec
VARIANT_UserMarshal

iyuv_32

DriverDialogProc
DllMain
AboutDialogProc
DriverProc

kernel32

GetProcessAffinityMask
BeginUpdateResourceA
GetCommModemStatus
GetConsoleSelectionInfo
SetProcessWorkingSetSize
GetLocaleInfoW
GetFirmwareEnvironmentVariableA
GetConsoleScreenBufferInfo
SetConsoleDisplayMode
_lcreat
FindVolumeMountPointClose
UTUnRegister
HeapAlloc
GlobalLock
AttachConsole
GetLastError
LocalReAlloc
FlushInstructionCache
HeapDestroy
VirtualFreeEx
lstrcatA
SetVolumeLabelA
SetThreadExecutionState
WaitForSingleObject
WriteConsoleOutputA
GlobalFindAtomA
LoadLibraryA
IsSystemResumeAutomatic
lstrcpynA
GetConsoleFontInfo
FindClose
GlobalUnWire
DebugBreak
GetNumaHighestNodeNumber
GetFileInformationByHandle
RegisterWaitForSingleObjectEx
GetEnvironmentVariableA
DeleteFiber
VirtualAlloc
SetConsoleTextAttribute
ZombifyActCtx
GetNamedPipeHandleStateW
WaitNamedPipeA
GetCommandLineW
SwitchToThread
GetConsoleAliasesLengthA

msorcl32

SQLDescribeCol
LoadByOrdinal
SQLSetScrollOptions
SQLColumns
SQLPrimaryKeys
SQLGetConnectOption
SQLNumResultCols
SQLError
SQLPrepare
SQLExecDirect
SQLAllocConnect
SQLGetData
SQLBindParameter
SQLDisconnect
SQLSetConnectOption
SQLCancel
SQLBindCol
SQLParamData
SQLAllocEnv
SQLBrowseConnect
SQLTables
SQLFetch
SQLExtendedFetch
SQLProcedures
SQLConnect
SQLSetStmtOption
SQLAllocStmt
SQLStatistics
SQLFreeStmt
SQLSetPos
SQLDescribeParam
SQLMoreResults
SQLFreeEnv
SQLPutData
SQLForeignKeys
SQLNumParams

Sections

.text
Size: 364KB - Virtual size: 364KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 211KB - Virtual size: 211KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 280KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5bb84dbee290e8b5bc6d9e3ca620c9f6

Headers

DLL Characteristics

File Characteristics

Imports

crtdll

user32

oleaut32

iyuv_32

kernel32

msorcl32

Sections

.text Size: 364KB - Virtual size: 364KB

.rdata Size: 211KB - Virtual size: 211KB

.data Size: 280KB - Virtual size: 1.7MB

.rsrc Size: 1024B - Virtual size: 1024B

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 364KB - Virtual size: 364KB

.rdata
Size: 211KB - Virtual size: 211KB

.data
Size: 280KB - Virtual size: 1.7MB

.rsrc
Size: 1024B - Virtual size: 1024B

.reloc
Size: 1024B - Virtual size: 1024B