7b8d56e31eeb740171d914b1665d54f5

Sharing

Copy URL

Twitter E-mail

General

Target

7b8d56e31eeb740171d914b1665d54f5
Size

756KB
MD5

7b8d56e31eeb740171d914b1665d54f5
SHA1

7a2e7e8b3f84ca992f27df4fd63f40c7dd26e810
SHA256

afa6cd8f90a77eff6ceea680b28744c05dc3ff3fa97c26dbef103dcb89ba558a
SHA512

9008806fdd3b4854dfb279c41be6572a424077b64ed574653701da8b7c1cd856bb4f4abf4d69b47ace6cd2cf3ce68c745ad93bc0c02a433b348bc89485ef953d
SSDEEP

12288:hshvDB0WLMstn5/9/UJk56+zeyrwWaVo2KxkzcaiMUy7lpVWbSmf/coKjoilRKjX:hsJDB++n5/e656BhnmyUy7lWbSG/LkoN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7b8d56e31eeb740171d914b1665d54f5

Files

7b8d56e31eeb740171d914b1665d54f5
.dll windows:5 windows x86 arch:x86

2ce2ddf8ce0b058b2f55c7e4cb16a1de

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

R:\ujrMvmlzw\cTcuFnwYguxzG\ygkojaecd\IjZwjxqR.pdb

Imports

comdlg32

PrintDlgW
GetOpenFileNameW
GetSaveFileNameA

shlwapi

StrToIntExA
StrCatBuffA

msvcrt

_controlfp
__set_app_type
wcscspn
__p__fmode
__p__commode
_amsg_exit
swscanf
_initterm
fseek
towlower
_acmdln
exit
_ismbblead
_XcptFilter
_exit
strcoll
iswxdigit
strtol
strstr
_cexit
__setusermatherr
putchar
__getmainargs
puts
gmtime
strncmp

kernel32

GetModuleHandleA
DeleteAtom
SuspendThread
WaitCommEvent
FreeResource
LocalFree
LoadResource
IsBadReadPtr
lstrlenA
GetFileAttributesExW
LocalReAlloc
GetModuleFileNameW
IsValidLanguageGroup
GetCommProperties
FindFirstFileW
GetPriorityClass
FindNextFileW
lstrcmpA
LoadLibraryW
FindNextFileA
ConvertDefaultLocale
FindNextChangeNotification

gdi32

TextOutA
EnumFontsW
AddFontResourceW
CreateFontW
SetPaletteEntries
GetRgnBox
BeginPath
PatBlt
GetTextExtentPointW
GetCharWidth32W
ExcludeClipRect
RoundRect
FillRgn
CreatePenIndirect
CreateBrushIndirect
GetFontData
SetViewportOrgEx
DeleteDC
CreatePolygonRgn

user32

GetKeyboardLayout
ShowScrollBar
ShowWindowAsync
DestroyWindow
CreateMenu
GetNextDlgGroupItem
DrawFrameControl
SetCaretPos
TrackPopupMenu
GetWindowTextLengthW
GetMenuItemInfoW
SetWindowLongW
OemToCharBuffA
GetTopWindow
GrayStringW
GetFocus
GetMenu
CharPrevW
CharNextA
mouse_event
AllowSetForegroundWindow
FindWindowExA
GetShellWindow
MoveWindow
GetDlgCtrlID
IsCharAlphaNumericW
GetMenuCheckMarkDimensions
GetCursorPos
OpenDesktopW
SetCursor
DefWindowProcA
FindWindowA
EnableWindow
CopyAcceleratorTableW
MonitorFromRect
DrawTextW
GetKeyboardLayoutNameW
GetMessagePos
SetTimer
OemToCharA
DestroyIcon
ShowWindow
GetUserObjectInformationA
IsCharLowerA

Exports

Exports

?LoadAppNameA@@YGEKPAHF~U
showtitle
?LoadListOriginal@@YGIHPAMK_N~U
?CopyVersionNew@@YGIJPA_NPAM~U
?ExecuteLoaderTrayXBwyGD@@YGKGHE@Z

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.kip
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ticy
Size: 512B - Virtual size: 447B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ticx
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zdata
Size: 512B - Virtual size: 264B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.heap
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 725KB - Virtual size: 724KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2ce2ddf8ce0b058b2f55c7e4cb16a1de

Headers

File Characteristics

PDB Paths

Imports

comdlg32

shlwapi

msvcrt

kernel32

gdi32

user32

Exports

Exports

Sections

.text Size: 21KB - Virtual size: 20KB

.kip Size: 1024B - Virtual size: 520B

.ticy Size: 512B - Virtual size: 447B

.ticx Size: 3KB - Virtual size: 2KB

.zdata Size: 512B - Virtual size: 264B

.data Size: 2KB - Virtual size: 2KB

.heap Size: - Virtual size: 1.3MB

.rsrc Size: 725KB - Virtual size: 724KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 21KB - Virtual size: 20KB

.kip
Size: 1024B - Virtual size: 520B

.ticy
Size: 512B - Virtual size: 447B

.ticx
Size: 3KB - Virtual size: 2KB

.zdata
Size: 512B - Virtual size: 264B

.data
Size: 2KB - Virtual size: 2KB

.heap
Size: - Virtual size: 1.3MB

.rsrc
Size: 725KB - Virtual size: 724KB

.reloc
Size: 2KB - Virtual size: 1KB