7b9af66d416ec34e96b6ac31761cfd4a

Sharing

Copy URL Twitter E-mail

General

Target

7b9af66d416ec34e96b6ac31761cfd4a
Size

248KB
MD5

7b9af66d416ec34e96b6ac31761cfd4a
SHA1

8b9c5b45bdee53ba5669df492e6a6f70fa518612
SHA256

5b504ea94b1f53c08c206c341dbb9af4220a16f2574d063c3ca00d3eabb18598
SHA512

412980f022373a6a73194c6c5aac1ab56af547a627031fe1d81f8be7cc07e8e77ac792985baa83c27edd201799cf59a439a8b5db90572a370dfb4ba7b1310496
SSDEEP

6144:0b0OQoGpeyKlHhfcZq7tPwZMYcjYlSaPZDWKzWXTool:0oO93b+FlSHKajoM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7b9af66d416ec34e96b6ac31761cfd4a

Files

7b9af66d416ec34e96b6ac31761cfd4a
.dll windows:4 windows x86 arch:x86

a4b8f54af257ccccc4e0ac9edf8f4286

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_adjust_fdiv
__wgetmainargs
_XcptFilter
__setusermatherr
__set_app_type
__p__fmode
__p__commode
__dllonexit
__CxxFrameHandler
_c_exit
wcstod
wcscoll
wcscmp
setlocale
memmove
exit
_wcsdup
_onexit
_initterm
_controlfp
_cexit

user32

GetMonitorInfoW
CharToOemBuffA
DefWindowProcW
EnableWindow
FindWindowW
GetActiveWindow
GetDC
GetNextDlgTabItem
LoadIconW
LoadMenuW
OffsetRect
PeekMessageW
SendDlgItemMessageW
SendMessageTimeoutW
SendMessageW
WinHelpW
UpdateWindow
SetRect
SetFocus
SetCursor
CallNextHookEx

kernel32

lstrlenW
lstrcmpW
TerminateProcess
SetUnhandledExceptionFilter
SetThreadPriority
MultiByteToWideChar
AddAtomW
CreateEventW
CreateFileW
DeleteAtom
ExitProcess
GetCommandLineA
GetCurrentThreadId
GetDateFormatW
GetLastError
GetModuleHandleA
GetSystemTimeAsFileTime
GetUserDefaultLCID
GetVersionExA
GlobalAddAtomW
GlobalAlloc
GlobalFree
GlobalGetAtomNameW
HeapAlloc
HeapCreate
InterlockedIncrement
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
MulDiv

ole32

CLSIDFromString
CreateILockBytesOnHGlobal
StringFromCLSID
StgCreateDocfileOnILockBytes
ReleaseStgMedium
OleUninitialize
OleRegGetUserType
OleInitialize
IsEqualGUID

comdlg32

GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError
ChooseFontW

advapi32

RegSetValueExW
RegCreateKeyExW
RegDeleteKeyW
RegOpenKeyExA
RegOpenKeyExW
RegQueryValueExA
RegQueryValueExW
RegCloseKey

gdi32

TextOutW
SetTextColor
SetDCBrushColor
SetBkMode
SelectObject
ScaleWindowExtEx
Rectangle
RectVisible
PtVisible
GetTextMetricsW
GetTextExtentPoint32W
GetTextColor
GetStockObject
GetPaletteEntries
GetObjectW
GetDeviceCaps
GetBkColor
ExtTextOutW
Escape
DeleteObject
DPtoLP
CreateSolidBrush
CreatePen
CreateICW
CreateFontIndirectW
CreateDCW
CreateCompatibleDC

shell32

SHGetSettings
ShellExecuteExW
ShellAboutW
SHGetSpecialFolderPathW
DragQueryFileW
DragFinish

shlwapi

PathFindFileNameW

Exports

Exports

EnumExposureCompReset
FreeArray
Memcpy2DFromArray
ThreadSynchronize

Sections

.text
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a4b8f54af257ccccc4e0ac9edf8f4286

Headers

File Characteristics

Imports

msvcrt

user32

kernel32

ole32

comdlg32

advapi32

gdi32

shell32

shlwapi

Exports

Exports

Sections

.text Size: 164KB - Virtual size: 164KB

.data Size: 72KB - Virtual size: 112KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 164KB - Virtual size: 164KB

.data
Size: 72KB - Virtual size: 112KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 4KB