7549f2a20d8e71810156532ec302fd38

Sharing

Copy URL Twitter E-mail

General

Target

7549f2a20d8e71810156532ec302fd38
Size

144KB
MD5

7549f2a20d8e71810156532ec302fd38
SHA1

9373fbfc30201f6dff7a87452f8e4e6ef8f5aa12
SHA256

ab6edeaf67fe598963b63c67d7859b2dee516e0de4a4cd380c59cff0dd92c27b
SHA512

d0e38c3c0ae12f4eba627353426e06e1e7f69fd0553acb73e9a4ab473295893efabc1ae4fd8e66d4037c8050d7967239e1e7fdc0b24a313326700ef958fa6eac
SSDEEP

3072:QMgvHiP8W0QWIJIwHMYSQvMptbLMJZLiseXN+vOEVElhIjuDxgszJ6YMp1XVcwY9:QMEikJSsYnuKZenEalG+f9WDXVhxq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7549f2a20d8e71810156532ec302fd38

Files

7549f2a20d8e71810156532ec302fd38
.exe windows:5 windows x86 arch:x86

b565bcfb9b1f0df94412230aa77d7d07

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

FreeSid
RegQueryInfoKeyA
RegCloseKey
OpenProcessToken
RegOpenKeyExA
AdjustTokenPrivileges
RegSetValueExA
GetTokenInformation
RegCreateKeyExA
RegQueryValueExA
EqualSid
RegDeleteValueA

kernel32

LocalFree
SetFileAttributesA
CreateEventA
VirtualQuery
IsDBCSLeadByte
GetVolumeInformationA
MoveFileA
_lclose
LockResource
lstrcmpiA
GetCurrentThreadId
GetModuleFileNameA
IsDebuggerPresent
GetVersionExA
GetCurrentProcessId
FindResourceA
SetEvent
GetExitCodeProcess
LoadLibraryExA
GetShortPathNameA
FreeLibrary
RemoveDirectoryA
TerminateThread
TerminateProcess
SetUnhandledExceptionFilter
LockFileEx
lstrcpyA
FindClose
GetDriveTypeA
GetCurrentThreadId
_lopen
ResetEvent
GetSystemDirectoryA
CreateProcessA
lstrcatA
lstrcpynA
GetStartupInfoA
SetFilePointer
GlobalLock
GetTickCount
ExitProcess
FormatMessageA
FindFirstFileA
FreeResource
CreateThread
GetLastError
GetCurrentProcess
CreateFileA
GlobalAlloc
CloseHandle
SizeofResource
GetModuleHandleA
GetTempFileNameA
FindNextFileA
WriteFile
GetTempPathA
CreateDirectoryA
GlobalUnlock
LoadResource
GetFileAttributesA
SetFileTime
lstrcmpA
DeleteFileA
SetCurrentDirectoryA
_llseek
LocalAlloc
UnhandledExceptionFilter
GlobalFree
GetCommandLineA
GetProcAddress
MulDiv
GetCurrentDirectoryA
lstrlenA
CreateMutexA
GetSystemInfo
ReadFile
GetWindowsDirectoryA
GetDiskFreeSpaceA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

gdi32

GetDeviceCaps

user32

EnableWindow
PeekMessageA
CallWindowProcA
LoadStringA
ShowWindow
GetDlgItemTextA
GetDesktopWindow
SendMessageA
GetDlgItem
ExitWindowsEx
DispatchMessageA
EndDialog
CharUpperA
wsprintfA
SetWindowTextA
MessageBoxA
SetWindowPos
SetWindowLongA
GetWindowRect
CharPrevA
GetWindowLongA
CharNextA
MessageBeep
SetDlgItemTextA
GetSystemMetrics

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.keqg
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 139KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b565bcfb9b1f0df94412230aa77d7d07

Headers

File Characteristics

Imports

advapi32

kernel32

version

gdi32

user32

Sections

.text Size: 8KB - Virtual size: 7KB

.data Size: 6KB - Virtual size: 9KB

.keqg Size: 3KB - Virtual size: 3KB

.edata Size: 139KB - Virtual size: 155KB

.text
Size: 8KB - Virtual size: 7KB

.data
Size: 6KB - Virtual size: 9KB

.keqg
Size: 3KB - Virtual size: 3KB

.edata
Size: 139KB - Virtual size: 155KB