7b86a2209a77598c2302aa7cae4cb315

Sharing

Copy URL Twitter E-mail

General

Target

7b86a2209a77598c2302aa7cae4cb315
Size

791KB
MD5

7b86a2209a77598c2302aa7cae4cb315
SHA1

d5f73ea7a5e6f97b6e75c000a15a099ec0f60c34
SHA256

4cb8b494c2dc3cb9ac05547ecd86eb00e203bd7a0407bf471ff3f0aab1728106
SHA512

ecb9887989a663986388585575dc9854999a57bf006bd27fd528d267f322107992ffb92574515eba9eb49fa2b3d6ccbc3fe8e1e666e2ec627ce1894fbc856f82
SSDEEP

12288:pXsSqt1qHhKEBgbSO9CC4Qp20XzvF+z2SPt97fTrdWjIUZaal5+9w/iJWDaZn:pJqt1YhK2gz9X5zdAlfTxISF1I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7b86a2209a77598c2302aa7cae4cb315

Files

7b86a2209a77598c2302aa7cae4cb315
.exe windows:4 windows x86 arch:x86

c75699acd29758b7d83bee1a160aef2e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DrawIcon
RegisterClassA
RegisterClassExA
GetClassInfoExA
SetWindowsHookExA
FindWindowExA
TabbedTextOutW
DdeConnect
LoadStringW

kernel32

GetTimeZoneInformation
EnumSystemLocalesA
FlushFileBuffers
WideCharToMultiByte
GetCurrentThreadId
LCMapStringA
QueryPerformanceCounter
InitializeCriticalSectionAndSpinCount
HeapValidate
GetProcessHeap
ExitProcess
Sleep
FreeLibrary
GetModuleHandleA
GetACP
GetStringTypeW
IsDebuggerPresent
SetStdHandle
IsValidLocale
IsValidCodePage
LeaveCriticalSection
GetDateFormatA
DeleteCriticalSection
GetStringTypeA
HeapDestroy
CreateMutexA
SetLastError
GetCurrentThread
FreeEnvironmentStringsW
RtlUnwind
SetHandleCount
WriteFile
GetTimeFormatA
SetConsoleCtrlHandler
CreateFileA
WriteConsoleA
GetLastError
VirtualFree
LoadLibraryW
GetSystemTimeAsFileTime
LCMapStringW
GetCommandLineA
GetTickCount
PulseEvent
TlsGetValue
TlsAlloc
GetProcAddress
GetSystemDirectoryW
GetModuleFileNameW
TlsSetValue
HeapSize
GetFileType
lstrlenA
WriteConsoleW
CloseHandle
GetUserDefaultLCID
InterlockedIncrement
CompareStringA
GetCurrentProcess
GetModuleHandleW
LoadLibraryA
DebugBreak
SetUnhandledExceptionFilter
CompareStringW
GetOEMCP
HeapReAlloc
OutputDebugStringW
VirtualQuery
ReadConsoleOutputAttribute
OutputDebugStringA
SetEnvironmentVariableA
GetCommandLineW
CreateMailslotW
UnhandledExceptionFilter
GetStartupInfoA
HeapAlloc
GetConsoleOutputCP
GetLocaleInfoA
GetLocaleInfoW
GetModuleFileNameA
GetStartupInfoW
VirtualAlloc
RaiseException
IsBadReadPtr
ReadFile
GetConsoleMode
GetCurrentProcessId
EnterCriticalSection
TlsFree
VirtualUnlock
HeapCreate
GetEnvironmentStringsW
InterlockedExchange
GetStdHandle
HeapFree
MultiByteToWideChar
SetFilePointer
InterlockedDecrement
GetCPInfo
TerminateProcess
OpenMutexA
GetConsoleCP
GetFileAttributesExW

shell32

CheckEscapesW
SHChangeNotify

comctl32

InitCommonControlsEx

advapi32

CryptHashSessionKey
InitiateSystemShutdownW
CryptSignHashW
CryptSetKeyParam
RegSetKeySecurity
RegRestoreKeyW
LookupAccountNameW
CryptImportKey
LookupSecurityDescriptorPartsW
CryptEnumProviderTypesW
CryptSetProviderExA
RegSetValueExA
RegSetValueW
RegOpenKeyW
RegEnumValueA
LookupAccountNameA
CryptExportKey
CryptReleaseContext
CryptSetProviderExW
CryptHashData
LogonUserW
CryptEnumProvidersW
RegSetValueA
StartServiceW

Sections

.text
Size: 593KB - Virtual size: 593KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c75699acd29758b7d83bee1a160aef2e

Headers

File Characteristics

Imports

user32

kernel32

shell32

comctl32

advapi32

Sections

.text Size: 593KB - Virtual size: 593KB

.rdata Size: 64KB - Virtual size: 73KB

.data Size: 122KB - Virtual size: 121KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 593KB - Virtual size: 593KB

.rdata
Size: 64KB - Virtual size: 73KB

.data
Size: 122KB - Virtual size: 121KB

.rsrc
Size: 11KB - Virtual size: 10KB