7860eeaa29b8dba8fa720b5dd57f660a

Sharing

Copy URL Twitter E-mail

General

Target

7860eeaa29b8dba8fa720b5dd57f660a
Size

377KB
MD5

7860eeaa29b8dba8fa720b5dd57f660a
SHA1

60329cb013c40afe605e63917cef661000c878d2
SHA256

97f55cf7fb00a18d7a195f7b155c52eaef22283d6eeb53e3d6fa4eb15c3706f8
SHA512

e70057e7eb0daa7da7d8ce968dce3e61606ed8dd45eb0cef8032166ee3ab0297c95167bd04ea05283b08d37f772fdca38bdd648ecca88a9f0f689e203e43308d
SSDEEP

6144:a+X6EcY2mPw+MHOHuc2egPvIBJf7nnhu4Vf5uezdO0yssr9hb+RygMUXwA7mdiwZ:a+X6RYJUPvITPV20tsRhb+R1wA7e52j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7860eeaa29b8dba8fa720b5dd57f660a

Files

7860eeaa29b8dba8fa720b5dd57f660a
.exe windows:4 windows x86 arch:x86

b5f6cdb883dc6546fca6d0f3cd8d1b2a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

LogonUserA
CryptSignHashA
CreateServiceW
CryptCreateHash
RegRestoreKeyA
RevertToSelf
CryptDuplicateHash
LookupPrivilegeDisplayNameA
CryptContextAddRef
RegCreateKeyExW
CryptAcquireContextA
InitiateSystemShutdownA
RegRestoreKeyW
RegQueryValueExW
RegDeleteValueA
CryptExportKey
CryptGetProvParam
RegQueryValueExA
CryptDeriveKey
DuplicateToken
CryptSetProvParam
RegQueryValueW

comdlg32

GetSaveFileNameW
ReplaceTextA
PageSetupDlgW
FindTextA

kernel32

SetLastError
GetTempPathW
GetCurrentProcess
ReadFile
HeapFree
GetCurrentThreadId
GetCPInfo
InitializeCriticalSection
TlsAlloc
LeaveCriticalSection
GetStringTypeA
EnumSystemLocalesA
GetCurrentProcessId
EnterCriticalSection
CreateMutexA
HeapSize
DeleteCriticalSection
InterlockedExchange
TlsSetValue
GetStringTypeW
GetACP
TlsFree
MultiByteToWideChar
GetLastError
GetTempPathA
HeapCreate
LoadLibraryA
VirtualAlloc
GetEnvironmentStrings
GetSystemInfo
SetHandleCount
GetSystemTimeAsFileTime
RtlUnwind
WriteConsoleOutputW
GetAtomNameA
GetModuleFileNameA
GetVersionExA
CompareStringW
LCMapStringA
SetStdHandle
GetDateFormatA
FreeEnvironmentStringsW
GetLocaleInfoW
GetEnvironmentStringsW
GetModuleHandleA
SetEnvironmentVariableA
GetProcAddress
TlsGetValue
IsBadWritePtr
GetCurrentThread
IsValidCodePage
OpenMutexA
GetOEMCP
GetFileType
GetTickCount
IsValidLocale
VirtualQuery
CloseHandle
GetUserDefaultLCID
HeapAlloc
FreeEnvironmentStringsA
GetStdHandle
HeapReAlloc
GetLocaleInfoA
SetFilePointer
CompareStringA
QueryPerformanceCounter
HeapDestroy
FlushFileBuffers
VirtualProtect
UnhandledExceptionFilter
GetTimeZoneInformation
LCMapStringW
WriteFile
VirtualFree
WideCharToMultiByte
ExitProcess
GetTimeFormatA
GetStartupInfoA
OpenMutexW
ReadConsoleOutputW
GetProfileStringW
GetCommandLineA
TerminateProcess

shell32

ShellExecuteW
ExtractAssociatedIconExA
SHGetPathFromIDListW
ShellExecuteExA

comctl32

InitCommonControlsEx

gdi32

GetTextAlign

user32

GetWindowRgn
RegisterClassExA
SetWindowContextHelpId
ScreenToClient
GetSubMenu
DdeAccessData
CloseWindowStation
IsCharLowerW
GetClipboardSequenceNumber
UnregisterDeviceNotification
IsChild
CreateDesktopA
SetRect
MessageBoxIndirectW
DdeQueryStringW
SetForegroundWindow
GetMenuStringW
OemKeyScan
GetClassNameW
GetKeyNameTextW
RegisterClassA
EndMenu
CloseClipboard
ScrollWindow
CreateIconFromResource
SetRectEmpty

Sections

.text
Size: 184KB - Virtual size: 183KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 176KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b5f6cdb883dc6546fca6d0f3cd8d1b2a

Headers

File Characteristics

Imports

advapi32

comdlg32

kernel32

shell32

comctl32

gdi32

user32

Sections

.text Size: 184KB - Virtual size: 183KB

.rdata Size: 9KB - Virtual size: 29KB

.data Size: 176KB - Virtual size: 176KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 184KB - Virtual size: 183KB

.rdata
Size: 9KB - Virtual size: 29KB

.data
Size: 176KB - Virtual size: 176KB

.rsrc
Size: 6KB - Virtual size: 6KB