7b38272684f001c5bf5b2c439f1b9601

Sharing

Copy URL Twitter E-mail

General

Target

7b38272684f001c5bf5b2c439f1b9601
Size

524KB
MD5

7b38272684f001c5bf5b2c439f1b9601
SHA1

0a171e24c559c63021a01ad71ae137153186aa42
SHA256

2f3a0651716ba2e99074d7f6fbc910e11e925d40c82dfa5d492ba1b96763e0aa
SHA512

044bd12e469d64cdec23c4eed0a8a9c8ac34e3b33eca9b215cfa3b25990168648102d69ac1ea185f90ce81e5885645b804c89138fc9e5e6fb175f7a6234dd182
SSDEEP

12288:Bnwkx2FIZopq4wZgw8bsbh+FFvXtn+q4D8jkd4cVm9yNOyXSfmyBh6C6aOohv0SL:Bnwkx2FioM4wGw8bsbhqFvXt94wjkd4c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7b38272684f001c5bf5b2c439f1b9601

Files

7b38272684f001c5bf5b2c439f1b9601
.exe windows:4 windows x86 arch:x86

c56845f61158e17d2cf0d7442b279ff3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CopyMetaFileA
CreatePolyPolygonRgn
StretchBlt
CreateFontIndirectA

user32

DialogBoxParamA
GetPropA
DdeAbandonTransaction
SetForegroundWindow
SendMessageTimeoutW
GetKBCodePage
CascadeChildWindows
CreateIcon
RegisterClassA
GetDlgItemInt
OpenDesktopA
RegisterClassExA
IsCharLowerW
DdeQueryStringA
ModifyMenuA
MapVirtualKeyExA
GetWindowPlacement
EnumDesktopsA
UnregisterClassW
RegisterHotKey
MonitorFromPoint
AdjustWindowRectEx

comctl32

InitCommonControlsEx

kernel32

HeapCreate
GetStringTypeW
HeapAlloc
WriteConsoleW
SetLastError
ReadFile
QueryPerformanceCounter
GetTickCount
LoadLibraryA
DeleteCriticalSection
lstrlenW
GetModuleHandleA
GetCurrentProcess
GetConsoleMode
GetModuleFileNameA
OpenMutexA
GetConsoleCP
InterlockedDecrement
FreeLibrary
FreeEnvironmentStringsA
LCMapStringW
GetUserDefaultLCID
GlobalGetAtomNameA
GetStartupInfoW
GetDateFormatA
GetSystemDefaultLCID
HeapReAlloc
TlsSetValue
GetCommandLineA
RtlUnwind
TlsFree
IsValidLocale
EnumSystemLocalesW
SetCurrentDirectoryA
TlsGetValue
EnumTimeFormatsW
IsValidCodePage
GetStdHandle
GetProcAddress
LeaveCriticalSection
GlobalUnfix
FreeEnvironmentStringsW
InterlockedExchange
GetLocaleInfoA
WriteConsoleA
GetACP
InterlockedIncrement
Sleep
CreateFileA
HeapDestroy
VirtualAlloc
GetSystemTimeAsFileTime
GetEnvironmentStringsW
TlsAlloc
CreateMutexA
GetConsoleOutputCP
GetStartupInfoA
GetOEMCP
CloseHandle
GetCommandLineW
LocalHandle
EnumSystemLocalesA
GetLastError
CompareStringW
VirtualFree
TerminateProcess
CompareStringA
GetFileType
lstrcpyA
VirtualQuery
GetCurrentThreadId
GetProcessHeap
GetSystemDefaultLangID
EnumResourceNamesA
WideCharToMultiByte
SetStdHandle
GetVersionExA
ExitProcess
SetUnhandledExceptionFilter
GetEnvironmentStrings
SetEnvironmentVariableW
LCMapStringA
GlobalHandle
IsDebuggerPresent
GetModuleFileNameW
SetHandleCount
GetCPInfo
SetFilePointer
GetTimeZoneInformation
UnhandledExceptionFilter
GetCurrentProcessId
GetLocaleInfoW
GetTimeFormatA
FlushFileBuffers
MultiByteToWideChar
EnterCriticalSection
InitializeCriticalSection
HeapSize
HeapFree
WriteFile
GetCurrentThread
GetCurrencyFormatA
SetConsoleCtrlHandler
GetStringTypeA
GetPrivateProfileSectionW
SetEnvironmentVariableA

Sections

.text
Size: 189KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 314KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c56845f61158e17d2cf0d7442b279ff3

Headers

File Characteristics

Imports

gdi32

user32

comctl32

kernel32

Sections

.text Size: 189KB - Virtual size: 188KB

.rdata Size: 10KB - Virtual size: 17KB

.data Size: 314KB - Virtual size: 314KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 189KB - Virtual size: 188KB

.rdata
Size: 10KB - Virtual size: 17KB

.data
Size: 314KB - Virtual size: 314KB

.rsrc
Size: 10KB - Virtual size: 9KB