7bdd8e4da0d445f50c1a52c23c4dfe99 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7bdd8e4da0d445f50c1a52c23c4dfe99
Size

61KB
MD5

7bdd8e4da0d445f50c1a52c23c4dfe99
SHA1

bd785ea2950b93fa1d118ec04206db020f19cc77
SHA256

46e482b5a1fa3c8587301b8f505b9bda306910370b4ac2d35768f83a0fa3aa6a
SHA512

65562bccf7fc542e723b5f6581a365bf2dfd938104aaec5b680e285668ba3193c4b5c6c22e9a66b6643de62d03d980d9a0c6814513535f3e84244b2c7c17f447
SSDEEP

1536:F5/wpKy01BGikjC0tO4Hv6Ur+sL+EzV+ZPYTjMKpHXM6uWZJ:T/wpKy0AjOKCczoZPYTjMKF+4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7bdd8e4da0d445f50c1a52c23c4dfe99

Files

7bdd8e4da0d445f50c1a52c23c4dfe99
.exe windows:4 windows x86 arch:x86

4b0b9f198d9b3a19841eddbd20a16d32

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CloseWindowStation
DispatchMessageA
OpenDesktopA
CloseDesktop
GetWindowThreadProcessId
ExitWindowsEx
GetIconInfo
GetClipboardData
GetDlgItem
LoadCursorA
DrawIcon
GetKeyState
SetProcessWindowStation
GetMessageA
GetCursorPos

shlwapi

wnsprintfA
PathFindFileNameW
StrCmpNIW
PathMatchSpecW
PathRemoveFileSpecW
wvnsprintfA
wnsprintfW
PathFileExistsW
wvnsprintfW
StrStrW

kernel32

GetLocalTime
lstrlenW
GetModuleFileNameW
CreateProcessW
GetFileTime
VirtualProtect
CreateEventW
CreateFileA
HeapReAlloc
VirtualAlloc
GetVersionExW
HeapAlloc
CreateMutexW
GetTickCount
GetSystemTimeAsFileTime
LeaveCriticalSection
GetLastError
GetFileSize
ResetEvent
GetFileAttributesW
FindNextFileW
GetModuleHandleA
EnterCriticalSection
FindClose
GlobalLock

advapi32

RegSetValueExA
CryptHashData
RegCreateKeyExA
GetUserNameW
CryptAcquireContextW
CryptGetHashParam
RegQueryValueExA
CryptReleaseContext
RegDeleteValueA
CryptDestroyHash

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE