7e388656a74b45362ca04909b6b612f5

Sharing

Copy URL Twitter E-mail

General

Target

7e388656a74b45362ca04909b6b612f5
Size

89KB
MD5

7e388656a74b45362ca04909b6b612f5
SHA1

5bbd38ab8f19e7975ffe90869400a0ca6790733f
SHA256

05f74368de522a31af9e0e688f0b70a45ff12bcdf836686c30e1cd7c02feab5c
SHA512

f0b021d02b1dd290c833fb333522dee98ab6092f5b6d3852752f902f626e5c53f0a4c2e6b490e21404faa74057fb525b0701f9cb4b4f114ef63d9d8d2090fbb0
SSDEEP

1536:qFnM17kHS4Z2VQMWhpZxXkWXrBbX9MYOAusTc4E5gEzJd82KkRlpvO9c:eMESjVQ1h7xUCEYTRM5PJe2zRj3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7e388656a74b45362ca04909b6b612f5

Files

7e388656a74b45362ca04909b6b612f5
.exe windows:5 windows x86 arch:x86

68c92203394376a712e420a4bd562575

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

strrchr
__p__fmode
__p__commode
_exit
exit
strcmp
_write
calloc
sqrt
_errno
_initterm
_setmode
strlen
_vsnprintf
__set_app_type
_except_handler3
__getmainargs
_XcptFilter
free
__setusermatherr
fputs
_adjust_fdiv
_acmdln
getenv
memmove

kernel32

WriteFile
GetEnvironmentStringsW
FileTimeToSystemTime
GetStartupInfoA
GetSystemTimeAsFileTime
GetEnvironmentVariableA
WideCharToMultiByte
ReadFile
MoveFileA
LCMapStringW
FreeLibrary
VirtualAlloc
GetModuleHandleW

gdi32

SetGraphicsMode
SaveDC
UnrealizeObject
GetMapMode
GetROP2
EnumFontFamiliesExA
LineTo
GetTextMetricsW
SetMetaFileBitsEx
GetViewportExtEx
CopyEnhMetaFileA
GetTextExtentPoint32W
CloseEnhMetaFile
OffsetRgn
RemoveFontResourceA
AbortDoc
SetWindowOrgEx
GetTextExtentPointA

user32

GetTopWindow
GetCursorPos
IsChild
TrackPopupMenu
SetScrollRange
SetClassLongA
ClientToScreen
GetParent
ReleaseDC
SetWindowsHookExA
GetSysColorBrush
GetLastActivePopup

oleaut32

LoadTypeLib
SysAllocStringByteLen
SysStringByteLen
VariantCopyInd
VariantInit
SysFreeString
SafeArrayRedim
SafeArrayCreate
CreateErrorInfo
GetActiveObject
SysAllocStringLen

ole32

RevokeDragDrop
PropVariantClear
CoTaskMemRealloc
CoGetInterfaceAndReleaseStream
CLSIDFromString
StringFromIID
OleSetClipboard
CreateStreamOnHGlobal
RegisterDragDrop
StgOpenStorageOnILockBytes
CoInitialize
OleRun
CoInitializeEx

comctl32

ImageList_SetBkColor
CreateToolbarEx
CreatePropertySheetPageW
ImageList_Destroy
CreateStatusWindowA
CreatePropertySheetPageA
ImageList_GetIcon
ImageList_GetBkColor
ImageList_Add
ImageList_DrawEx

advapi32

RegCloseKey
RegCreateKeyExW
EqualSid
RegDeleteValueA
SetSecurityDescriptorOwner
QueryServiceStatus
RegEnumKeyExA
CryptAcquireContextA

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

68c92203394376a712e420a4bd562575

Headers

File Characteristics

Imports

msvcrt

kernel32

gdi32

user32

oleaut32

ole32

comctl32

advapi32

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 21KB - Virtual size: 21KB

.data Size: 62KB - Virtual size: 61KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 21KB - Virtual size: 21KB

.data
Size: 62KB - Virtual size: 61KB

.rsrc
Size: 3KB - Virtual size: 2KB