7bbec5e18419d8071c39b474f3f3b4cf

General

Target

7bbec5e18419d8071c39b474f3f3b4cf
Size

170KB
MD5

7bbec5e18419d8071c39b474f3f3b4cf
SHA1

99e36ddd312af2df155d25665518308f88e53d5e
SHA256

3bdfb45216c4b63ffd6f9c26985ad0cc86878fce1152e3dd1731cb5b4954a9ae
SHA512

53ce0fb72a6f2bd01a16a67b5b3c8524fab1e79e90642ab3eb4ed81cfb8ee3f0199079226e9225ddf8ed67d760d2293dd09aafb66ba567ba55f0ffee48b3853f
SSDEEP

3072:+YahorLVDXDnvSUldxcNsplALB+VvcS2lagG2ranXx/WU5kqlZJ5tV4fd6hRH:+Do3VDfZcOLAF+Vv2wH2raXpWy5rVwy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7bbec5e18419d8071c39b474f3f3b4cf

Files

7bbec5e18419d8071c39b474f3f3b4cf
.exe windows:4 windows x86 arch:x86

ad739f96322f22cc161a653676508b9f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

rpcrt4

UuidCreate

user32

GetClassLongA
MessageBoxW

advapi32

RegCreateKeyExW
RegCloseKey
RegSetValueExW

kernel32

GetVersionExA
ExitProcess
MultiByteToWideChar
GetCPInfo
GetFullPathNameW
EnterCriticalSection
GetModuleHandleA
GetThreadPriority
InitializeCriticalSection
CloseHandle
SetStdHandle
WideCharToMultiByte
IsValidLocale
GlobalAlloc
Sleep
SetCommConfig
GetConsoleOutputCP
GetCurrentProcess
TerminateProcess
GetLocaleInfoW
HeapSize
EnumSystemLocalesA
LCMapStringA
GetProcAddress
WriteConsoleW
RaiseException
LCMapStringW
RtlUnwind
IsDebuggerPresent
SetEndOfFile
EnumResourceNamesA
WriteConsoleA
DeleteCriticalSection
HeapFree
ExitProcess
GetModuleFileNameW
IsValidCodePage
GetLastError
ReadFile
InterlockedIncrement
GetCurrentThreadId
WriteFile
SetUnhandledExceptionFilter
GetUserDefaultLCID
GetCurrentDirectoryW
GetCommandLineA
HeapAlloc
CreateFileA
HeapReAlloc
GetProcessHeap
InterlockedDecrement
UnhandledExceptionFilter
LeaveCriticalSection
GetFullPathNameA

shell32

SHFileOperationW
SHCreateDirectoryExW
SHGetFolderPathW

ole32

CoCreateGuid
CoCreateInstance
StringFromGUID2
CoInitialize
CoUninitialize
CoSetProxyBlanket

Sections

.text
Size: 148KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ad739f96322f22cc161a653676508b9f

Headers

File Characteristics

Imports

rpcrt4

user32

advapi32

kernel32

shell32

ole32

Sections

.text Size: 148KB - Virtual size: 148KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 18KB - Virtual size: 17KB

.crt Size: 512B - Virtual size: 68KB

.text
Size: 148KB - Virtual size: 148KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 18KB - Virtual size: 17KB

.crt
Size: 512B - Virtual size: 68KB