7a7d5183d34ee8b4a9e3bc6474f0b6df

Sharing

Copy URL

Twitter E-mail

General

Target

7a7d5183d34ee8b4a9e3bc6474f0b6df
Size

592KB
MD5

7a7d5183d34ee8b4a9e3bc6474f0b6df
SHA1

b58d5b3502540de56ab8334ac6cef7a9aa23a646
SHA256

7a61c49974cebcaa976662ff9b7c1fa0469ffa3241ba6f79eb558e843ab87c95
SHA512

ea3a94391aa03fda596f6ab55900994ffb13d0c7843319666bfc3b3309db4f844f3eacc57119be00b5a87eacc04a09cae08e42763132f265cb4395e201cd84c9
SSDEEP

12288:FJZrMghJ+JDjknlbumFgOXxWTVcm3jG+tI8mCprcMIF9ozvnBC6:XZIpanlbuWXxWVcmi+tVmmrcrFAvB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7a7d5183d34ee8b4a9e3bc6474f0b6df

Files

7a7d5183d34ee8b4a9e3bc6474f0b6df
.exe windows:4 windows x86 arch:x86

5492b6860abb0ab34a39f2281645f19a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\obaq\ogogyj\dlayvtsef\dmre

Imports

shell32

SHQueryRecycleBinW
SHUpdateRecycleBinIcon

comctl32

ImageList_AddIcon
CreateMappedBitmap
ImageList_SetFlags
ImageList_Add
ImageList_GetFlags
CreateStatusWindowA
ImageList_Replace
CreatePropertySheetPage
ImageList_DragLeave
ImageList_GetImageCount
ImageList_Create
ImageList_GetBkColor
ImageList_DrawEx
InitCommonControlsEx
ImageList_SetDragCursorImage
ImageList_Remove
CreateUpDownControl
ImageList_GetImageInfo
ImageList_DragShowNolock
DestroyPropertySheetPage
_TrackMouseEvent
ImageList_ReplaceIcon
ImageList_GetIconSize

advapi32

CryptGetDefaultProviderA
RegFlushKey
CryptSetProviderExW
LookupSecurityDescriptorPartsW
LookupAccountNameW
CryptSetKeyParam
CryptVerifySignatureW
GetUserNameA
CryptDecrypt
CryptSetProviderA
RegSetKeySecurity
RegOpenKeyA

user32

MsgWaitForMultipleObjects
DialogBoxParamW
InsertMenuItemA
MessageBoxW
BlockInput
SetWinEventHook
GetUpdateRgn
NotifyWinEvent
IsIconic
DestroyIcon
CreateWindowExA
DefWindowProcW
EnumPropsExW
InvertRect
SetClipboardData
DestroyWindow
RegisterClassA
ShowWindow
RegisterClassExA
DrawStateW
GetCaretPos
BringWindowToTop
GetMenuContextHelpId
GetDlgItemTextA
AppendMenuW
IsCharAlphaA
GetMenuCheckMarkDimensions
DdeUninitialize

comdlg32

GetFileTitleA
LoadAlterBitmap

kernel32

SetStdHandle
VirtualProtect
GetFileType
TerminateProcess
EnumCalendarInfoExA
EnumResourceTypesA
GetTimeZoneInformation
GetVersionExA
GetDiskFreeSpaceW
VirtualFree
TlsFree
GetEnvironmentStrings
FindFirstFileW
HeapSize
EnterCriticalSection
TlsSetValue
lstrcmpi
GetLastError
GetCommandLineW
GetModuleHandleA
GetConsoleTitleW
GetEnvironmentVariableA
IsValidLocale
FreeEnvironmentStringsA
WritePrivateProfileSectionW
GetPrivateProfileStringA
GetThreadPriority
ReadFile
GetCurrentThreadId
CreateProcessA
CompareStringA
ExitThread
GetStringTypeA
LCMapStringW
OpenMutexA
GetTimeFormatW
SetConsoleCursorInfo
GetProcAddress
WideCharToMultiByte
GetMailslotInfo
GlobalAddAtomA
TlsGetValue
ReadConsoleA
GetCurrentProcessId
QueryPerformanceCounter
MultiByteToWideChar
GetCPInfo
CloseHandle
FlushFileBuffers
VirtualQuery
GetStringTypeW
SetEndOfFile
HeapCreate
GlobalFindAtomA
ConvertDefaultLocale
EnumSystemLocalesA
LeaveCriticalSection
FindResourceExA
IsValidCodePage
CreatePipe
GetStdHandle
HeapFree
CreateNamedPipeA
LocalAlloc
CompareStringW
CreateWaitableTimerA
GetProfileIntW
GetLocaleInfoA
GetNumberFormatA
LoadLibraryA
GetLocalTime
lstrlen
SetFileAttributesA
GetEnvironmentVariableW
OutputDebugStringW
CreateEventW
FreeEnvironmentStringsW
GetUserDefaultLCID
GetTickCount
HeapAlloc
GetAtomNameA
WriteFile
HeapDestroy
FlushInstructionCache
GetOEMCP
UnhandledExceptionFilter
GetStartupInfoA
SetFilePointer
GetStartupInfoW
InterlockedExchange
GetModuleFileNameW
RtlUnwind
IsBadWritePtr
GlobalGetAtomNameW
LCMapStringA
OpenEventA
SetEnvironmentVariableA
WriteConsoleOutputAttribute
LoadLibraryExA
WritePrivateProfileStructA
GetLocaleInfoW
SetLastError
OpenProcess
ExitProcess
InitializeCriticalSection
DeleteCriticalSection
GetModuleFileNameA
VirtualAlloc
GetSystemInfo
GetEnvironmentStringsW
GetACP
GetSystemTimeAsFileTime
FileTimeToDosDateTime
IsDebuggerPresent
CreateMutexA
GetCurrentThread
SetHandleCount
GetTimeFormatA
GetCurrentProcess
MoveFileA
GlobalAddAtomW
FindNextFileW
GetCommandLineA
TlsAlloc
CreateRemoteThread
GetDateFormatA
WaitNamedPipeA
HeapReAlloc

Sections

.text
Size: 172KB - Virtual size: 170KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 264KB - Virtual size: 263KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5492b6860abb0ab34a39f2281645f19a

Headers

File Characteristics

PDB Paths

Imports

shell32

comctl32

advapi32

user32

comdlg32

kernel32

Sections

.text Size: 172KB - Virtual size: 170KB

.rdata Size: 264KB - Virtual size: 263KB

.data Size: 112KB - Virtual size: 129KB

.rsrc Size: 40KB - Virtual size: 38KB

.text
Size: 172KB - Virtual size: 170KB

.rdata
Size: 264KB - Virtual size: 263KB

.data
Size: 112KB - Virtual size: 129KB

.rsrc
Size: 40KB - Virtual size: 38KB