7ba3485c8382f1aa932a84c15d84a53e

Sharing

Copy URL

Twitter E-mail

General

Target

7ba3485c8382f1aa932a84c15d84a53e
Size

82KB
MD5

7ba3485c8382f1aa932a84c15d84a53e
SHA1

77278e2ce35fa9325f948436f9ccf833badac6b4
SHA256

19bcd02eec7ec928dda31eb015e99896c0a97e7d7e2c21dc3f129b519a7d8880
SHA512

74fbd47e94ddd5944126f700289edb18db7d848b4e70989ba18db7ee20b26f926b5efc891238e5456c50176d544546118e34d111bb96e7f926cea73c84188932
SSDEEP

1536:cV3TWhV2JcVwFd9kiZo+QEdbOa9Z6diEmEEkRXiwI8YvZc:cRTWhV2J9dSco+LiHdi8Jy18YvZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7ba3485c8382f1aa932a84c15d84a53e

Files

7ba3485c8382f1aa932a84c15d84a53e
.exe windows:4 windows x86 arch:x86

c93f3a4fd603bd99ecd6afe4d283ae66

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

FrameRect
SetWindowTextA
EnableMenuItem
GetScrollPos
EnumWindows
PostQuitMessage
UnhookWindowsHookEx
EqualRect
GetSysColor
GetSysColorBrush
GetMessageA
GetSubMenu
SetWindowPos

kernel32

InterlockedExchange
GetTempPathA
VirtualAllocEx
GetTimeZoneInformation
GetTickCount
GetStartupInfoA
SetUnhandledExceptionFilter
GetCurrentProcessId
GetThreadLocale
GetFileAttributesA
GetSystemTime
QueryPerformanceCounter
ExitProcess
FileTimeToSystemTime
RtlUnwind

gdi32

CreateCompatibleBitmap
ExcludeClipRect
GetMapMode
CopyEnhMetaFileA
SelectClipPath
DPtoLP
SetViewportExtEx
CreateICW
FillRgn

ole32

StgOpenStorage
OleRun
CoInitialize
CoCreateInstance
StringFromGUID2
CoInitializeSecurity
CoRevokeClassObject
CoTaskMemRealloc
DoDragDrop

advapi32

RegCreateKeyA
AdjustTokenPrivileges
GetUserNameA
GetSecurityDescriptorDacl
FreeSid
CheckTokenMembership
CryptHashData
QueryServiceStatus
RegQueryValueExW
RegCreateKeyExW

msvcrt

iswspace
signal
strncpy
fprintf
strcspn
_mbscmp
raise
_fdopen
_lock
_strdup
fflush
strlen
__initenv
_CIpow
_flsbuf
puts
__setusermatherr
__getmainargs

comctl32

ImageList_SetIconSize
ImageList_Write
ImageList_GetIconSize
ImageList_LoadImageA
ImageList_GetBkColor
ImageList_ReplaceIcon
ImageList_LoadImageW
CreatePropertySheetPageA
ImageList_Destroy
ImageList_GetIcon
ImageList_DragEnter
InitCommonControls
ImageList_DrawEx

shell32

ShellExecuteEx
DragQueryFileA
ExtractIconW
DoEnvironmentSubstW
SHBrowseForFolderA
ShellExecuteW
DragAcceptFiles
ExtractIconExW
DragQueryFileW
SHGetPathFromIDList
CommandLineToArgvW

oleaut32

SafeArrayRedim
SafeArrayCreate
SafeArrayPtrOfIndex
SafeArrayUnaccessData
SafeArrayPutElement
SysReAllocStringLen
SafeArrayGetUBound
VariantCopy

Sections

.text
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

yeorwso
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c93f3a4fd603bd99ecd6afe4d283ae66

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 34KB - Virtual size: 34KB

.data Size: 41KB - Virtual size: 41KB

.rsrc Size: 6KB - Virtual size: 34KB

yeorwso Size: - Virtual size: 4KB

.text
Size: 34KB - Virtual size: 34KB

.data
Size: 41KB - Virtual size: 41KB

.rsrc
Size: 6KB - Virtual size: 34KB

yeorwso
Size: - Virtual size: 4KB