7a6fc15b801a8dcbe80baca5a23c17b6

Sharing

Copy URL Twitter E-mail

General

Target

7a6fc15b801a8dcbe80baca5a23c17b6
Size

343KB
MD5

7a6fc15b801a8dcbe80baca5a23c17b6
SHA1

668237f39f266b7fee6a2ac5cba7606529a063af
SHA256

52d94ec5af1ed575ee27bdfdfe01b9127c3b833a2de79432dd6afb38dafb103c
SHA512

86a045d2e8191a57688f4e07f537227f0ef802dec8311b583bbf8e31a649e8617df3c72645681676b1558e80aa1980b4eceee86505d8c68a8ab7c89978307798
SSDEEP

6144:+Uka508RJ6lyD5Nj/ZTm8iTAy1PRNFNh9U05WV/uAk03AwddIaeuq:+RavJgG5NjpWLJN9UQWFDpte

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7a6fc15b801a8dcbe80baca5a23c17b6

Files

7a6fc15b801a8dcbe80baca5a23c17b6
.exe windows:5 windows x86 arch:x86

4b9e5276cc5a495f7de5bc85d5a31244

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteKeyA
RegFlushKey
StartServiceA
RegQueryInfoKeyA
RegSetValueExA
ControlService
OpenSCManagerA
RegCloseKey
RegOpenKeyExA
OpenServiceA
RegCreateKeyExA
ImpersonateSelf
RegDeleteValueA
RegEnumKeyExA
RegQueryValueExA
DeleteService
RegEnumValueA
CloseServiceHandle
QueryServiceStatus
RevertToSelf

ole32

CoInitialize
CoCreateInstance
CoUninitialize

setupapi

SetupInstallServicesFromInfSectionA
SetupInstallFromInfSectionA
SetupOpenInfFileA

user32

CharUpperW
CharUpperA
CharToOemA
LoadStringA
CharLowerW
FindWindowA
RegisterWindowMessageA
PostMessageA
FindWindowExA
GetSystemMetrics
MessageBoxA
UnregisterClassA
CharLowerA
wsprintfA

kernel32

RtlUnwind
lstrlenA
UnhandledExceptionFilter
IsBadCodePtr
SetHandleCount
FreeEnvironmentStringsW
FormatMessageA
GetModuleHandleA
SetPriorityClass
LockResource
GetTempPathA
GetStdHandle
TlsGetValue
lstrcmpiA
GetUserDefaultLCID
DeleteFileA
VirtualAlloc
RaiseException
OpenEventA
LCMapStringW
RemoveDirectoryA
EnterCriticalSection
GetCommandLineA
LoadLibraryExA
WaitForSingleObject
CloseHandle
SizeofResource
WideCharToMultiByte
MoveFileExA
FatalAppExitA
SetEndOfFile
SetConsoleCtrlHandler
HeapFree
FindFirstFileA
GetPrivateProfileStringA
GetDateFormatA
GetCurrentDirectoryA
ReadFile
SetThreadPriority
SetFilePointer
TlsFree
TlsAlloc
GetSystemDirectoryA
LCMapStringA
IsValidLocale
OpenProcess
ReleaseMutex
GetThreadLocale
IsValidCodePage
SetLastError
VirtualFree
CreateFileA
LoadLibraryExW
LocalFree
CreateMutexA
SetStdHandle
lstrcmpiW
HeapSize
CreateProcessA
ResumeThread
GetProcessHeap
HeapAlloc
GetStringTypeExA
LeaveCriticalSection
TlsSetValue
FreeEnvironmentStringsA
EnumSystemLocalesA
GetLocalTime
CompareStringA
SetUnhandledExceptionFilter
VirtualQuery
FindResourceExA
GetTimeZoneInformation
LoadResource
HeapReAlloc
GetWindowsDirectoryA
SetEnvironmentVariableA
CompareStringW
FindClose
FreeLibrary
GetACP
lstrlenW
GetSystemTimeAsFileTime
FlushFileBuffers
GetTimeFormatA
DeleteCriticalSection
FreeResource
WriteFile
GetStringTypeExW
GetSystemInfo
GetOEMCP
GetFileType
HeapDestroy
VirtualProtect
FindNextFileA
SetFileAttributesA
GetCurrentThreadId
SetErrorMode
VirtualAllocEx

shell32

SHGetDesktopFolder
SHGetFolderPathA
SHGetSpecialFolderLocation
SHGetMalloc

psapi

EnumProcesses
GetModuleBaseNameA
EnumProcessModules

atmlib

ATMFinish
ATMGetNtmFields
ATMGetGlyphListA
ATMGetOutline
ATMMakePFMW
ATMGetPostScriptName
ATMEnumMMFontsW
ATMFontStatus

ufat

Format
Chkdsk
ChkdskEx
FormatEx

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 314KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4b9e5276cc5a495f7de5bc85d5a31244

Headers

File Characteristics

Imports

advapi32

ole32

setupapi

user32

kernel32

shell32

psapi

atmlib

ufat

Sections

.text Size: 19KB - Virtual size: 19KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 314KB - Virtual size: 1.5MB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 19KB - Virtual size: 19KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 314KB - Virtual size: 1.5MB

.rsrc
Size: 4KB - Virtual size: 3KB