7bdba0a539b7282eb00895e234626d43

Sharing

Copy URL

Twitter E-mail

General

Target

7bdba0a539b7282eb00895e234626d43
Size

68KB
MD5

7bdba0a539b7282eb00895e234626d43
SHA1

72c7d0af5e79eebf0630a77902ab559d94acfa19
SHA256

691f339505c76f9ef6fb08db967945e70cc03fb8f22e5e9e68992a68e715ae35
SHA512

1b3124b48a2558f8cc0ff6dbe30ac71b3c419d786acc694e42f3e1befc5c1985ea240ba70d71fd7e8ca8bd4ee338add3054415a5065e9ca711f55cdf8febae2d
SSDEEP

1536:kjox8m6h8e8nW1Rv8SOYl5ASkztMRQ59Btz9:CKe8W1184l5AS6yRsh9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7bdba0a539b7282eb00895e234626d43

Files

7bdba0a539b7282eb00895e234626d43
.exe windows:4 windows x86 arch:x86

42d1b4463b87d8175c754acf27565724

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

??3@YAXPAX@Z
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
??1type_info@@UAE@XZ
_onexit
__dllonexit
wcstombs
malloc
realloc
free
atoi
isalpha
_mbscmp
localtime
strftime
memcmp
memchr
srand
rand
strcat
_ftol
time
difftime
_mbsstr
_mbsicmp
exit
_mbsrev
_mbsnbcpy
sprintf
ftell
fseek
memmove
??0exception@@QAE@ABQBD@Z
??1exception@@UAE@XZ
_mbsinc
_CxxThrowException
??0exception@@QAE@ABV0@@Z
fopen
fclose
fread
fwrite
__CxxFrameHandler
strcpy
_mbsrchr
strlen
memcpy
??2@YAPAXI@Z
memset
_controlfp

shell32

SHGetPathFromIDListA
SHGetMalloc
ShellExecuteA
SHGetSpecialFolderLocation

advapi32

RegOpenKeyExA
RegQueryValueExA
AddAccessAllowedAce
IsValidSid
GetLengthSid
AllocateAndInitializeSid
InitializeAcl
FreeSid
GetUserNameA
RegDeleteValueA
RegDeleteKeyA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl

ws2_32

connect
closesocket
recv
socket
gethostbyname
WSACleanup
inet_ntoa
WSAIoctl
inet_addr
htons
WSAStartup
send
WSASocketA
WSAGetLastError
gethostname

kernel32

GetCurrentThread
SetThreadPriority
CreateProcessA
ResumeThread
SetFileTime
GetVersionExA
SetFileAttributesA
DeleteFileA
GetSystemDirectoryA
GetFileTime
ReadFile
GetFileAttributesA
FindFirstFileA
FindNextFileA
FindClose
CreateEventA
OpenEventA
CreateFileA
GetLastError
Sleep
GetFileSize
WriteFile
SetFilePointer
SetPriorityClass
CloseHandle
GetModuleFileNameA
GetProcessHeap
HeapAlloc
GlobalMemoryStatus
GetSystemInfo
GetVolumeInformationA
GetDiskFreeSpaceExA
GetDriveTypeA
GetLogicalDriveStringsA
FileTimeToSystemTime
GetFileInformationByHandle
MapViewOfFile
CreateFileMappingA
UnmapViewOfFile
SystemTimeToFileTime
GetLocalTime
RaiseException
InterlockedExchange
LocalAlloc
GetStartupInfoA
GetCurrentProcess
lstrcatA
lstrcpyA
GetEnvironmentVariableA
GetShortPathNameA
FreeLibrary
GetModuleHandleA
GetProcAddress
LoadLibraryA
WaitForSingleObject
CreateThread
WaitForMultipleObjects
GetTickCount
GetTempPathA
GetComputerNameA
SetEndOfFile
HeapFree

user32

GetSystemMetrics
MessageBoxA
GetDesktopWindow

Sections

.text
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

42d1b4463b87d8175c754acf27565724

Headers

File Characteristics

Imports

msvcrt

shell32

advapi32

ws2_32

kernel32

user32

Sections

.text Size: 43KB - Virtual size: 42KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 4KB - Virtual size: 5KB

.rsrc Size: 1KB - Virtual size: 16KB

.text
Size: 43KB - Virtual size: 42KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 5KB

.rsrc
Size: 1KB - Virtual size: 16KB