7a76c50f9f0e5ee5f5d8f86fec1842b8

General

Target

7a76c50f9f0e5ee5f5d8f86fec1842b8
Size

77KB
MD5

7a76c50f9f0e5ee5f5d8f86fec1842b8
SHA1

b1f339803ef49eea84d0f0106e20f04bb25996ae
SHA256

9838bd38fe4a5e67a3636620d5f5d19f4738fa5b0d69d8456dc70f712a2d55de
SHA512

4379878a0c6127ab773c260902178f4ce313e821b422f0bddbd3c5cba1efd7f7a290fa8f77f7c1b7afc5f69bed4b4b379aa955d53490f0120b76f7d5cc5faf02
SSDEEP

1536:jeMUyNcTGqQ4jBIOhsQuABFk+ir7GZks+XNdOqyExThMyHKlWM8:aMRNcQ4jBIOZxkp7Gks+TyWThMMM8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7a76c50f9f0e5ee5f5d8f86fec1842b8

Files

7a76c50f9f0e5ee5f5d8f86fec1842b8
.exe windows:4 windows x86 arch:x86

225e4aa728a064d50d467bc02d9c1f4a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFiber
CmdBatNotification
EnumTimeFormatsW
UnregisterWait
UnregisterConsoleIME
ReplaceFile
OpenWaitableTimerA
HeapLock
RegisterConsoleVDM
TerminateJobObject

ole32

CoDisconnectObject
CoSuspendClassObjects
BindMoniker
OleCreateLinkToFile
CoInitialize
CoGetTreatAsClass
CoGetObjectContext
OleDestroyMenuDescriptor
CoMarshalInterface
OleNoteObjectVisible

msvcrt

_ltow
_pctype
_itow
realloc
_wcslwr
strncat
fprintf
_ltoa
_strcmpi
__dllonexit
_except_handler3

ulib

??0PATH@@QAE@XZ
?Cast@KEYBOARD@@SGPAV1@PBVOBJECT@@@Z
?Flush@KEYBOARD@@QAEEXZ
?GotABreak@KEYBOARD@@SGEXZ
?ReplaceWithChars@BSTRING@@QAEEKKDK@Z
??1COMM_DEVICE@@UAE@XZ
?Stricmp@MBSTR@@SGHPAD0@Z
?DoNotRestoreConsoleMode@KEYBOARD@@UAEXXZ
?Resize@FSTRING@@UAEEK@Z
?QueryPackedLog@MESSAGE@@QAEEPAVHMEM@@PAK@Z
?WriteByte@STREAM@@QAEEE@Z
?Initialize@SORTED_LIST@@QAEEE@Z
?SetDevice@PATH@@QAEEPBVWSTRING@@@Z
?Strcmps@MBSTR@@SGHPAD0@Z
?Initialize@FSN_FILTER@@QAEEXZ

advapi32

SetKernelObjectSecurity
RegCreateKeyW
IsValidSid
QueryServiceStatus
OpenServiceW

Sections

.text
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

225e4aa728a064d50d467bc02d9c1f4a

Headers

File Characteristics

Imports

kernel32

ole32

msvcrt

ulib

advapi32

Sections

.text Size: 71KB - Virtual size: 70KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 10KB

.rsrc Size: 1024B - Virtual size: 944B

.text
Size: 71KB - Virtual size: 70KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 10KB

.rsrc
Size: 1024B - Virtual size: 944B