7b49a7999428556c109be5771dce3b2e

Sharing

Copy URL

Twitter E-mail

General

Target

7b49a7999428556c109be5771dce3b2e
Size

455KB
MD5

7b49a7999428556c109be5771dce3b2e
SHA1

2b539957e2c9720bfc1f4018448803f0399cb421
SHA256

7d01c814e4dc147036470e958c30ec7daa1a2140961e6865d0d6b2db40c66d46
SHA512

ab3e7fc465603c98b20a6e8bab8bb9af3c702b2992d24e437ee80b9e6b68fd7775e507df24bf39963368ad55d2f1ff1250b271d93784450ca68e3f238a0b60d6
SSDEEP

12288:tPUdz/leuYergLm9AhJ4rhFkpMMnMMMMME0bJvQI6xMdI0+6DtByCVwHM1a:tsN/leuZz8W7kpMMnMMMMME029s+6RwH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7b49a7999428556c109be5771dce3b2e

Files

7b49a7999428556c109be5771dce3b2e
.exe windows:4 windows x86 arch:x86

78821274f4b59859a0df3d7755ef409b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

activeds

ADsGetObject

user32

GetMessageA
CharNextA
TranslateMessage
wsprintfA
CallMsgFilterW
DispatchMessageA
RegisterWindowMessageA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

advapi32

RegSetValueExA
RegDeleteKeyA
RevertToSelf
OpenThreadToken
ImpersonateLoggedOnUser
RegEnumKeyExA
RegOpenKeyExA
RegEnumValueA
RegCreateKeyExA
RegDeleteValueA
RegQueryValueExA
RegNotifyChangeKeyValue
RegQueryInfoKeyA
RegCloseKey

kernel32

CreateFileA
VirtualAlloc

urlmon

UrlMkSetSessionOption
CoInternetGetSession
CoInternetParseUrl
CopyBindInfo

shlwapi

StrCatBuffW

wininet

InternetCombineUrlA
InternetCrackUrlA

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 237KB - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 205KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

78821274f4b59859a0df3d7755ef409b

Headers

DLL Characteristics

File Characteristics

Imports

activeds

user32

version

advapi32

kernel32

urlmon

shlwapi

wininet

Sections

.text Size: 5KB - Virtual size: 5KB

.reloc Size: 512B - Virtual size: 24B

.rsrc Size: 237KB - Virtual size: 236KB

.idata Size: 1KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 1.8MB

.rdata Size: 205KB - Virtual size: 204KB

.text
Size: 5KB - Virtual size: 5KB

.reloc
Size: 512B - Virtual size: 24B

.rsrc
Size: 237KB - Virtual size: 236KB

.idata
Size: 1KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 1.8MB

.rdata
Size: 205KB - Virtual size: 204KB