7ab8487e2eec8aaeff1cf0191b5b7628

Sharing

Copy URL

Twitter E-mail

General

Target

7ab8487e2eec8aaeff1cf0191b5b7628
Size

520KB
MD5

7ab8487e2eec8aaeff1cf0191b5b7628
SHA1

698df30d1594f454b0ebac8fbe9405628ee34b9b
SHA256

522dee6836d2e11e928b56955b118591960e794abc405735f25c175b00b4bb72
SHA512

8d94c6c3b3429be3180982459eebd6041697e5b3de304cbaa961e6301ed558cbcb5ef10e9bff8a45c236f0e0fd599c2f976d307acc9ffb3a77065c508d508952
SSDEEP

6144:WVOG/vXTUXypf64VRHJ7TG2FQVSIpZ5PtL9E927YKNqzGuIw5Uk/uLWpEDjNhoyD:S/bUm64VZJ7hQVFtLBK/uiiDpSiwo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7ab8487e2eec8aaeff1cf0191b5b7628

Files

7ab8487e2eec8aaeff1cf0191b5b7628
.exe windows:4 windows x86 arch:x86

2993c9ec8ef9aaeb9fd2fe01909b1c22

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetFileTitleA

gdi32

CopyEnhMetaFileA
CreateFontIndirectW
AddFontResourceA
SetICMProfileW
EndPage
SwapBuffers
GetObjectType
GetColorAdjustment

kernel32

FreeEnvironmentStringsW
HeapFree
GetTempPathW
GetEnvironmentVariableW
SetConsoleTextAttribute
InterlockedExchange
TlsFree
SetHandleCount
RtlUnwind
QueryPerformanceCounter
GetTimeZoneInformation
DeleteCriticalSection
ReleaseSemaphore
FindNextFileW
GetTickCount
GetEnvironmentStrings
TlsAlloc
GetLocalTime
GetVersion
GetACP
TlsGetValue
InitializeCriticalSection
LockResource
GetStdHandle
ReadFile
MoveFileExW
HeapReAlloc
TransactNamedPipe
LocalSize
LeaveCriticalSection
GlobalCompact
CompareStringW
GetThreadLocale
LoadLibraryA
GetCurrencyFormatA
GetFileType
MultiByteToWideChar
EnterCriticalSection
VirtualUnlock
CommConfigDialogA
LCMapStringW
VirtualAlloc
GetPrivateProfileIntW
SetStdHandle
AddAtomA
lstrlen
GetConsoleTitleW
GetCurrentProcessId
SetConsoleWindowInfo
TlsSetValue
GetCurrentThreadId
GlobalSize
SetThreadAffinityMask
HeapDestroy
GetOEMCP
GetSystemTimeAsFileTime
InterlockedIncrement
LCMapStringA
GetExitCodeProcess
GetStartupInfoA
EnumCalendarInfoExW
GetCurrentDirectoryW
HeapCreate
GetCompressedFileSizeW
SetEnvironmentVariableA
FreeEnvironmentStringsA
CreateMutexA
CloseHandle
GetSystemDirectoryW
GetCommandLineA
UnhandledExceptionFilter
WideCharToMultiByte
SetFilePointer
OutputDebugStringA
WriteFile
LockFile
EnumTimeFormatsA
GetCurrentProcess
VirtualQuery
InterlockedDecrement
CompareStringA
GetCPInfo
GetVolumeInformationW
ExitProcess
GetMailslotInfo
FlushFileBuffers
GetCurrentThread
GetModuleFileNameA
GetWindowsDirectoryW
GetLogicalDrives
GlobalHandle
GetModuleHandleA
WaitForMultipleObjects
VirtualFree
GetProcAddress
TerminateProcess
HeapAlloc
GetSystemTime
GetStringTypeA
IsBadWritePtr
LocalReAlloc
SetLastError
GetStringTypeW
CopyFileA
OpenMutexA
GetLastError
GetEnvironmentStringsW
CreateNamedPipeW

shell32

ShellAboutW
SHUpdateRecycleBinIcon
SHFileOperation
ExtractIconEx

user32

CharUpperW
DdeDisconnect
SetClassWord
GetWindowTextLengthA
GetMenuItemID
DdeQueryStringA
DdeCreateStringHandleW
SetPropA
FindWindowExA
LoadImageA
SetMenuInfo
DdeAbandonTransaction
GetDlgItem
GetKeyState
CopyIcon
RegisterWindowMessageW
SetWindowWord
RegisterClassA
FillRect
IsCharAlphaNumericW
DestroyMenu
VkKeyScanW
GetAsyncKeyState
DdeUnaccessData
BroadcastSystemMessage
EnumDisplaySettingsW
MapWindowPoints
MessageBoxW
EnumPropsW
CharPrevA
UnhookWindowsHook
GetClassNameA
IsCharUpperW
IsCharAlphaNumericA
GetTabbedTextExtentW
DeleteMenu
MoveWindow
RegisterClassExA
GetDC
wvsprintfW
SetShellWindow
RegisterDeviceNotificationA
GetUpdateRgn
DdeGetData
GetWindowPlacement
GetUserObjectInformationW
ShowCaret
CharLowerBuffW
GetScrollPos
DestroyIcon
SetWindowLongW
SetCaretBlinkTime
SetWindowRgn
ShowWindow
WindowFromPoint

comctl32

ImageList_SetBkColor
ImageList_GetImageInfo
ImageList_LoadImageW
ImageList_SetFlags
DrawInsert
ImageList_GetFlags
CreateStatusWindowA
ImageList_SetFilter
ImageList_SetIconSize
CreateStatusWindow
ImageList_DragLeave
ImageList_Destroy
InitCommonControlsEx
ImageList_Write
CreateToolbar
CreateToolbarEx
ImageList_GetImageCount
ImageList_Merge
ImageList_SetOverlayImage
CreatePropertySheetPageW
CreateStatusWindowW

wininet

FtpRenameFileA
UrlZonesDetach
IsHostInProxyBypassList
GopherOpenFileW
CreateUrlCacheEntryA
FtpFindFirstFileA
FtpFindFirstFileW
GopherCreateLocatorW

Sections

.text
Size: 140KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2993c9ec8ef9aaeb9fd2fe01909b1c22

Headers

File Characteristics

Imports

comdlg32

gdi32

kernel32

shell32

user32

comctl32

wininet

Sections

.text Size: 140KB - Virtual size: 136KB

.rdata Size: 256KB - Virtual size: 252KB

.data Size: 108KB - Virtual size: 130KB

.rsrc Size: 12KB - Virtual size: 8KB

.text
Size: 140KB - Virtual size: 136KB

.rdata
Size: 256KB - Virtual size: 252KB

.data
Size: 108KB - Virtual size: 130KB

.rsrc
Size: 12KB - Virtual size: 8KB