7a7b9d7f07f2d006b2e7ac8df1ba24df

Sharing

Copy URL Twitter E-mail

General

Target

7a7b9d7f07f2d006b2e7ac8df1ba24df
Size

20KB
MD5

7a7b9d7f07f2d006b2e7ac8df1ba24df
SHA1

9a65c3d3a109098690bb7fb3a81b5a6cf5756152
SHA256

66380ff67efd938b4e3be369ea06b9e9d13f074ba3b9227cd3b84e9aed85fffe
SHA512

fad39e5f3456c3484549b5e4d7356bae9597b0f79543cac005ed90a29dd3c5dfb30ba693d5436c98d83ad5a4466544a11167270f11d077e0615cbf6bb9b41d05
SSDEEP

384:Rx38JYPDxZJFnOEj8lKwVG9iqyrQWYyEST3wQNVfO:bs2FZ2Ew7VGzyrMyESTgQW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7a7b9d7f07f2d006b2e7ac8df1ba24df

Files

7a7b9d7f07f2d006b2e7ac8df1ba24df
.exe windows:4 windows x86 arch:x86

90531139f2ae41794d2bbb6ac75946f3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SendMessageA
FindWindowExA
FindWindowA
TranslateMessage
UpdateWindow
CreateWindowExA
DefWindowProcA
DispatchMessageA
GetForegroundWindow
GetKeyNameTextA
GetMessageA
ShowWindow
SetTimer
RegisterClassExA
PostQuitMessage
MessageBoxA
LoadIconA
LoadCursorA
GetWindowTextA
wsprintfA

kernel32

RtlZeroMemory
lstrlenA
lstrcpyA
CloseHandle
CopyFileA
CreateFileA
CreateMutexA
CreateToolhelp32Snapshot
DeleteFileA
ExitProcess
FindResourceA
FreeLibrary
GetComputerNameA
GetCurrentProcess
GetDateFormatA
GetLastError
GetModuleHandleA
GetPrivateProfileStringA
GetProcAddress
GetShortPathNameA
GetSystemDirectoryA
GetTimeFormatA
GetVersionExA
GetWindowsDirectoryA
GlobalAlloc
GlobalFree
LoadLibraryA
LoadResource
LockResource
OpenProcess
Process32First
Process32Next
ReadFile
RtlMoveMemory
GetCommandLineA
SetFilePointer
SizeofResource
Sleep
TerminateProcess
WinExec
WriteFile
WritePrivateProfileStringA
_lclose
_lcreat
_llseek
_lopen
_lwrite
lstrcatA
lstrcmpiA

wsock32

socket
send
recv
ioctlsocket
htons
gethostbyname
connect
closesocket
WSAStartup
WSACleanup

advapi32

OpenServiceA
RegSetValueExA
RegQueryValueExA
RegOpenKeyA
RegCreateKeyA
RegCloseKey
AdjustTokenPrivileges
OpenSCManagerA
OpenProcessToken
LookupPrivilegeValueA
GetUserNameA
ControlService
CloseServiceHandle

shell32

ShellExecuteA

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

90531139f2ae41794d2bbb6ac75946f3

Headers

File Characteristics

Imports

user32

kernel32

wsock32

advapi32

shell32

Sections

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 5KB - Virtual size: 14KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 5KB - Virtual size: 14KB

.rsrc
Size: 4KB - Virtual size: 3KB