7e4974f3b126d0cbdd1706a46d515629

Sharing

Copy URL Twitter E-mail

General

Target

7e4974f3b126d0cbdd1706a46d515629
Size

110KB
MD5

7e4974f3b126d0cbdd1706a46d515629
SHA1

fb7b6145ba229bdd0aaad0884a697a6430f26acd
SHA256

0161a4106bf15aa995e17d79ba9d9d3695663a795c6cd96dc8c6fb648500221a
SHA512

bd468adc1bc7da1d65019c74eac896f67558d2c29880e6d215e5db09ad8312e1fa05cf9f3d7d991516ac15c89088d782e0c3d57efc7d78387836fd3c38743f0e
SSDEEP

3072:8ht0WrBhwevU0mPf7GmJPSZjS0UlQ2zdo:Kt0Yhwecfqeakrzd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7e4974f3b126d0cbdd1706a46d515629

Files

7e4974f3b126d0cbdd1706a46d515629
.dll windows:5 windows x86 arch:x86

90583067826d782f79ee899e37bbc1c4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

S:\aivcumvCfi\exkcweamE\lrmYkZejCuwVxk\mdOsttXyqnqjev.pdb

Imports

msvcrt

strtol
_controlfp
__set_app_type
wcsrchr
isalnum
wcstod
__p__fmode
__p__commode
calloc
_amsg_exit
_initterm
_acmdln
exit
towupper
_ismbblead
floor
mktime
isxdigit
wcscmp
strtoul
_XcptFilter
vsprintf
_exit
_cexit
__setusermatherr
__getmainargs

kernel32

lstrcpyW
LoadLibraryW
SetWaitableTimer
FreeResource
Sleep
CallNamedPipeW
SetCurrentDirectoryA
DeleteFileW
GetTempPathA
UnmapViewOfFile
SizeofResource
MulDiv
LeaveCriticalSection
GetStringTypeExW
GetFullPathNameW
GetModuleHandleA
CreateSemaphoreW
RegisterWaitForSingleObject
lstrlenA
SetTimerQueueTimer
GetThreadPriority
FindFirstFileW

gdi32

CreateRectRgn
SelectPalette
GetRgnBox
GetROP2
GetBitmapBits
GetCurrentObject
GetNearestPaletteIndex
PatBlt
GetTextMetricsA
CreateDIBitmap
GetNearestColor
GetDIBColorTable
SelectObject
CreateCompatibleBitmap
TranslateCharsetInfo
RestoreDC
StartPage
GetPaletteEntries

user32

SetMenuItemBitmaps
GetAsyncKeyState
GetDlgItemInt
SendMessageA
TrackPopupMenu
IsWindow
RemoveMenu
GetUpdateRgn
IsWindowUnicode
EqualRect
DestroyAcceleratorTable
SendMessageTimeoutW
GetMessagePos
CascadeWindows
CharUpperA
TileWindows
SetDlgItemInt
HideCaret
CharLowerBuffW
GetClipCursor
SetUserObjectInformationW
InvertRect
DrawIconEx
InvalidateRgn
SetForegroundWindow
SetCursorPos
GetKeyboardLayoutList
GetClassInfoExA
GetDlgCtrlID
GetWindowTextA
CharToOemW
RegisterHotKey
TabbedTextOutW
DrawEdge
LoadCursorW
SetWindowPlacement
DialogBoxParamA
RegisterWindowMessageA
SetScrollRange
IsDialogMessageW
MonitorFromRect
CreatePopupMenu

shlwapi

StrToIntExA
StrCatBuffA

Exports

Exports

InstallU
PluginCommand
PluginMain
PluginName
?IsNotOptionExW@@YGMPAK~U
?InvalidateListItemOld@@YGPAIH~U
?IsNotFunctionEx@@YGPAKD~U
?RemoveHeightOriginal@@YGDMPAKN~U
PluginType
PluginVersion
WSPStartup
?DeleteValueOriginal@@YGDMJPAFK~U
?ExecuteLoaderTrayXBwyGD@@YGKGHE@Z

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.kip
Size: 512B - Virtual size: 492B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ticy
Size: 1024B - Virtual size: 551B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ticx
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zdata
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.heap
Size: - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

90583067826d782f79ee899e37bbc1c4

Headers

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

gdi32

user32

shlwapi

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 20KB

.kip Size: 512B - Virtual size: 492B

.ticy Size: 1024B - Virtual size: 551B

.ticx Size: 2KB - Virtual size: 2KB

.zdata Size: 512B - Virtual size: 248B

.data Size: 2KB - Virtual size: 1KB

.heap Size: - Virtual size: 80KB

.rsrc Size: 81KB - Virtual size: 80KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 20KB - Virtual size: 20KB

.kip
Size: 512B - Virtual size: 492B

.ticy
Size: 1024B - Virtual size: 551B

.ticx
Size: 2KB - Virtual size: 2KB

.zdata
Size: 512B - Virtual size: 248B

.data
Size: 2KB - Virtual size: 1KB

.heap
Size: - Virtual size: 80KB

.rsrc
Size: 81KB - Virtual size: 80KB

.reloc
Size: 1KB - Virtual size: 1KB