7a89b5469468846b0cee604a1c522a3f

Sharing

Copy URL

Twitter E-mail

General

Target

7a89b5469468846b0cee604a1c522a3f
Size

357KB
MD5

7a89b5469468846b0cee604a1c522a3f
SHA1

9e52eadfdc6c2b4ba4d4e451de17c3fb610c7086
SHA256

ce7f643599d6dc1a0a5a92eef9bdf96d3c8eef17a56ae7a0696238e22e4ceeae
SHA512

3233946fe85a2ac994385984348612c2c08c67466d2f41824abc2fb7908370da6116d1399484a75323e6807de8d6c977710f8f6d74b402cc02e8e75ce2a5e6ec
SSDEEP

6144:l8TqdZu2IpfCTbhbjOr6uukiwzI4QL4WitxA5hpOaA5+qJFL2:l8OZuzQTbhbar5lWitxA5hooGFL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7a89b5469468846b0cee604a1c522a3f

Files

7a89b5469468846b0cee604a1c522a3f
.exe windows:4 windows x86 arch:x86

465f9c3f6baff1054e8c9289953f6885

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowLongW
SendIMEMessageExW
MessageBoxW
SystemParametersInfoW
RegisterClassExA
SetSystemCursor
SetWindowPlacement
RegisterClassA
IsCharAlphaNumericA
EnumPropsA
SetWindowWord
SetScrollRange
IsChild
SwitchToThisWindow
EnumDisplaySettingsExW
CharUpperBuffW
GetUserObjectSecurity
ChangeMenuW
GetWindowWord
DefDlgProcW

comctl32

InitCommonControlsEx

kernel32

SetStdHandle
TryEnterCriticalSection
HeapFree
GetProcAddress
GetUserDefaultLCID
GetTimeZoneInformation
GetCommandLineW
GetStartupInfoW
GetFileType
SetEnvironmentVariableA
GetCommandLineA
VirtualFree
EnumCalendarInfoExA
WriteFile
QueryPerformanceCounter
GetModuleFileNameW
GetDateFormatA
GetCPInfo
UnhandledExceptionFilter
LeaveCriticalSection
TlsFree
LCMapStringW
OpenMutexA
WideCharToMultiByte
RtlUnwind
GetEnvironmentStringsW
GetACP
ReadFile
VirtualAlloc
IsValidLocale
CloseHandle
HeapDestroy
CompareStringW
GetVersion
VirtualProtect
ExitProcess
GetModuleFileNameA
CreateMutexA
HeapReAlloc
SetHandleCount
IsValidCodePage
SetFilePointer
FreeEnvironmentStringsA
GetStdHandle
GetCurrentThread
CompareFileTime
VirtualQuery
GetLastError
GetStartupInfoA
GetEnvironmentStrings
EnumSystemLocalesA
InterlockedExchangeAdd
InitializeCriticalSection
SetLastError
EnumResourceTypesA
TlsSetValue
FreeEnvironmentStringsW
GetStringTypeA
DeleteCriticalSection
WritePrivateProfileSectionA
GetTickCount
GetSystemInfo
GetTimeFormatA
LCMapStringA
GetCurrentProcess
TlsAlloc
GetCurrentThreadId
lstrcpy
GetCompressedFileSizeA
MultiByteToWideChar
TerminateProcess
IsBadWritePtr
GetOEMCP
GetCurrentProcessId
TlsGetValue
HeapAlloc
GetSystemTimeAsFileTime
GetModuleHandleA
LoadLibraryA
EnterCriticalSection
HeapCreate
GetLocaleInfoW
GetStringTypeW
GetLocaleInfoA
HeapSize
WriteProfileStringA
FlushFileBuffers
CompareStringA
SetConsoleOutputCP
InterlockedExchange
SuspendThread
GetVersionExA

advapi32

CryptDestroyKey
RegQueryMultipleValuesW
InitializeSecurityDescriptor
CryptDuplicateHash
RegQueryInfoKeyW
InitiateSystemShutdownA
RegConnectRegistryA
RegDeleteKeyW
RegCreateKeyExA
CryptGetProvParam
RegOpenKeyExW
GetUserNameW
GetUserNameA

Sections

.text
Size: 161KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

465f9c3f6baff1054e8c9289953f6885

Headers

File Characteristics

Imports

user32

comctl32

kernel32

advapi32

Sections

.text Size: 161KB - Virtual size: 161KB

.rdata Size: 8KB - Virtual size: 21KB

.data Size: 172KB - Virtual size: 172KB

.rsrc Size: 13KB - Virtual size: 13KB

.text
Size: 161KB - Virtual size: 161KB

.rdata
Size: 8KB - Virtual size: 21KB

.data
Size: 172KB - Virtual size: 172KB

.rsrc
Size: 13KB - Virtual size: 13KB