7796492c7aceb4bb15118e77a8206949

Sharing

Copy URL

Twitter E-mail

General

Target

7796492c7aceb4bb15118e77a8206949
Size

209KB
MD5

7796492c7aceb4bb15118e77a8206949
SHA1

63b18ae128939abb1c1caa61235ca44b6b5056c1
SHA256

620f41726974edc12d8f549a10f992e773a6dca73d71b5efcb87f3d76ef1114c
SHA512

915b744565570de2a432cfa0a20281b330f500825bd7c1434390bf238ac69c86762f5cb72a31bbb125059dbba76a3d26204dc7f7d2c4666722f112143b825b26
SSDEEP

3072:XXeNQvWQTcEboCY8w3H1kjRLM35gfMzfkK9z3Plre5j2ymmFrHx0GkKZZ5:Hec2Ebj0H0I3qOfkKjru2ymeqGkKZZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7796492c7aceb4bb15118e77a8206949

Files

7796492c7aceb4bb15118e77a8206949
.exe windows:4 windows x86 arch:x86

043f0796d538d9b518f2b3f8734a6210

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeW
SetEvent
SetCurrentDirectoryW
DosDateTimeToFileTime
GlobalGetAtomNameW
GetLastError
GetDateFormatA
GetCurrentDirectoryA
GetFileAttributesW
SetCurrentDirectoryA
DeleteAtom
GetFullPathNameA
SetUnhandledExceptionFilter
GetTimeFormatW
InitializeCriticalSection
SetLastError
GetProcessHeaps
ExitThread
GetEnvironmentStringsW
CreateFileA
EnumTimeFormatsA
GetCurrentDirectoryW
IsValidLocale
lstrcpyA
GetUserDefaultLCID
lstrlen
SetErrorMode
SetThreadPriority
FindAtomW
EnumDateFormatsW
lstrcpyW
GetVolumeInformationA
GetModuleHandleA
CreateMailslotA
GetCommandLineW
GetStartupInfoA
RemoveDirectoryA
GetNumberFormatA
EnumCalendarInfoA
FileTimeToLocalFileTime
GetFileSize
GetProcAddress
lstrcpynW
GetWindowsDirectoryW
SleepEx
GetAtomNameW
lstrcmpiA
GetTempFileNameW
GetDiskFreeSpaceW
ExpandEnvironmentStringsW
CreateEventA
GetSystemDirectoryA
WinExec
DisconnectNamedPipe
lstrcmpA
lstrcatW

user32

GetDC
CopyImage
DialogBoxIndirectParamW
SetWindowPos
DialogBoxParamA
GetCapture
CascadeWindows
EnumChildWindows
GetScrollPos
OffsetRect
SetMenu
GetWindowTextLengthW
LoadMenuW
GetDlgItemTextA
LoadMenuIndirectA
CharUpperA
SetWindowRgn
CreateDialogIndirectParamW
CallWindowProcW
GetClassInfoW
GetWindowTextA
SetDlgItemInt
CharNextA
GetActiveWindow
DefFrameProcW
CharLowerA
InsertMenuW
ShowCursor
BringWindowToTop
MessageBoxIndirectW
RegisterClassW

gdi32

ExtEscape
PlayMetaFile
CreateEllipticRgn
GetCharABCWidthsW
Chord
StartDocA
StartPage
GetPixel
ModifyWorldTransform

advapi32

RegCloseKey
RegOpenKeyW
RegCreateKeyW
RegQueryValueW
RegDeleteKeyW

shlwapi

SHRegWriteUSValueA
StrRetToStrA

comdlg32

PageSetupDlgA
ChooseFontW
GetSaveFileNameW
ReplaceTextA

oleaut32

VarI1FromUI8

opengl32

glRasterPos4iv

wininet

FtpGetFileEx
GetUrlCacheEntryInfoExW
InternetAttemptConnect
FtpOpenFileA
FtpGetCurrentDirectoryA
GopherOpenFileW
InternetQueryOptionW
SetUrlCacheEntryInfoA
GopherGetAttributeA
FtpPutFileW
InternetAlgIdToStringW
FtpOpenFileW
UpdateUrlCacheContentPath
InternetShowSecurityInfoByURLW
InternetSetStatusCallbackW
DeleteUrlCacheEntryA

urlmon

FindMediaType
CoInternetQueryInfo
URLDownloadW
BindAsyncMoniker
GetComponentIDFromCLSSPEC
HlinkGoForward
FaultInIEFeature
IsAsyncMoniker
URLOpenBlockingStreamW
CoInternetGetProtocolFlags
ObtainUserAgentString
WriteHitLogging
RegisterBindStatusCallback
MkParseDisplayNameEx
CreateURLMonikerEx
CopyStgMedium

inetcomm

MimeOleSMimeCapRelease
MimeOleSMimeCapsFull
MimeOleGenerateCID
MimeOleGetInternat
MimeOleSetCompatMode
MimeOleGetExtContentType
HrGetLastOpenFileDirectoryW
HrSaveAttachToFile
MimeOleGetPropertySchema
CreateRangeList
MimeOleSMimeCapsFromDlg
CreateIMAPTransport2
MimeOleGetFileInfoW

sqlunirl

_CallWindowProc@20
_DragQueryFile_@16
_GetICMProfile_@12
_GetFileVersionInfo_@16
_CreateColorSpace_@4

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.c
Size: 1024B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ZzVZAe
Size: 1024B - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vOQw
Size: 512B - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.yvH
Size: 5KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.kEtEHk
Size: 2KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lYRQVO
Size: 512B - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.EsK
Size: 1024B - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Ip
Size: 1KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.BWp
Size: 2KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 165KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

043f0796d538d9b518f2b3f8734a6210

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shlwapi

comdlg32

oleaut32

opengl32

wininet

urlmon

inetcomm

sqlunirl

Sections

.text Size: 13KB - Virtual size: 12KB

.c Size: 1024B - Virtual size: 12KB

.ZzVZAe Size: 1024B - Virtual size: 37KB

.vOQw Size: 512B - Virtual size: 21KB

.yvH Size: 5KB - Virtual size: 31KB

.kEtEHk Size: 2KB - Virtual size: 9KB

.lYRQVO Size: 512B - Virtual size: 41KB

.EsK Size: 1024B - Virtual size: 14KB

.data Size: 14KB - Virtual size: 13KB

.Ip Size: 1KB - Virtual size: 22KB

.BWp Size: 2KB - Virtual size: 145KB

.rsrc Size: 165KB - Virtual size: 165KB

.reloc Size: 1024B - Virtual size: 1000B

.text
Size: 13KB - Virtual size: 12KB

.c
Size: 1024B - Virtual size: 12KB

.ZzVZAe
Size: 1024B - Virtual size: 37KB

.vOQw
Size: 512B - Virtual size: 21KB

.yvH
Size: 5KB - Virtual size: 31KB

.kEtEHk
Size: 2KB - Virtual size: 9KB

.lYRQVO
Size: 512B - Virtual size: 41KB

.EsK
Size: 1024B - Virtual size: 14KB

.data
Size: 14KB - Virtual size: 13KB

.Ip
Size: 1KB - Virtual size: 22KB

.BWp
Size: 2KB - Virtual size: 145KB

.rsrc
Size: 165KB - Virtual size: 165KB

.reloc
Size: 1024B - Virtual size: 1000B