7bf652c13fe8aad9031f89f9e3a34e29

Sharing

Copy URL Twitter E-mail

General

Target

7bf652c13fe8aad9031f89f9e3a34e29
Size

381KB
MD5

7bf652c13fe8aad9031f89f9e3a34e29
SHA1

0558373d551a519c2cecfd8b4cf6fcdacd9ff109
SHA256

b997edf6861e1957be39484bea3dffe728e3677852955f5a02bcbc9c24ed8602
SHA512

784091e57689119106b299acd8f008011d1911093d05748fd76937c2d3c0aef2dd8dc42a56fbe1c200e7b3e086a65976e3d40d03e9189ec75016f4a27c9b1481
SSDEEP

3072:cHniEo6atcecSRrflACIjGRExbYpXWoDmvlGcT3AIz5Wp8FGlRWNITPTg6C:cHnN0rdyTxbYpX8dAIz5Wp8KWqT7gL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7bf652c13fe8aad9031f89f9e3a34e29

Files

7bf652c13fe8aad9031f89f9e3a34e29
.exe windows:4 windows x86 arch:x86

603d8153126da5547792fa8c6b8c20b6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

hid

HidD_GetHidGuid
HidD_GetAttributes
HidD_GetProductString
HidD_FlushQueue
HidD_GetFeature
HidD_SetFeature
HidD_GetPreparsedData
HidP_GetCaps
HidD_FreePreparsedData

ws2_32

inet_ntoa
gethostbyname
ntohl
inet_addr
ioctlsocket
connect
select
send
recv
WSAGetLastError
recvfrom
WSACleanup
WSAStartup
socket
setsockopt
htonl
htons
sendto
closesocket
gethostname

advapi32

RegisterEventSourceW
RegCloseKey
RegSetValueExW
RegCreateKeyExW
ReportEventA
RegSetValueExA
RegCreateKeyExA

setupapi

SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsA
SetupDiDestroyDeviceInfoList

user32

GetWindowTextA
GetWindowThreadProcessId
MessageBoxA
GetDesktopWindow
GetWindow
wsprintfW
IsWindow
EnumWindows
SetWindowPos

kernel32

FlushFileBuffers
SetStdHandle
IsBadWritePtr
GetStringTypeA
GetStringTypeW
IsBadCodePtr
CompareStringA
CompareStringW
GetOEMCP
GetACP
GetCPInfo
SetUnhandledExceptionFilter
LCMapStringW
LCMapStringA
MultiByteToWideChar
WideCharToMultiByte
HeapSize
RaiseException
GetLocalTime
GetSystemTime
GetTimeZoneInformation
RtlUnwind
ExitProcess
TerminateProcess
OpenProcess
VirtualProtect
VirtualFree
GetCurrentThread
GetVersionExA
CloseHandle
ReadFile
SetFilePointer
VirtualAlloc
GetFileSize
GetLastError
lstrcatA
GetSystemDirectoryA
CreateFileA
HeapReAlloc
HeapAlloc
GetProcessHeap
GetProcAddress
LoadLibraryA
IsBadReadPtr
FreeLibrary
HeapFree
GetModuleFileNameA
WriteFile
ResumeThread
SuspendThread
Thread32Next
Thread32First
CreateToolhelp32Snapshot
GetCurrentThreadId
GetCurrentProcessId
GetVersion
Sleep
CreateThread
GetModuleHandleA
Process32Next
Process32First
GetSystemDirectoryW
GetWindowsDirectoryW
GetModuleFileNameW
GetStdHandle
lstrlenW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
CreateMutexA
OpenMutexA
GetTickCount
GetPrivateProfileIntA
GetPrivateProfileStringA
ReleaseMutex
WaitForSingleObject
TerminateThread
WritePrivateProfileStringA
SetLastError
FlushInstructionCache
GetCurrentProcess
OutputDebugStringA
InterlockedDecrement
InterlockedIncrement
InterlockedExchange
GlobalFree
GlobalAlloc
SetEnvironmentVariableA

Sections

.text
Size: 94KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.UniKey
Size: 280KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

603d8153126da5547792fa8c6b8c20b6

Headers

File Characteristics

Imports

hid

ws2_32

advapi32

setupapi

user32

kernel32

Sections

.text Size: 94KB - Virtual size: 96KB

.bss Size: - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 4KB

.idata Size: 512B - Virtual size: 4KB

.reloc Size: 1KB - Virtual size: 4KB

.UniKey Size: 280KB - Virtual size: 280KB

.text
Size: 94KB - Virtual size: 96KB

.bss
Size: - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 4KB

.idata
Size: 512B - Virtual size: 4KB

.reloc
Size: 1KB - Virtual size: 4KB

.UniKey
Size: 280KB - Virtual size: 280KB