7c5f1ae8764e9dcd9d19ad40f8faa7ee

Sharing

Copy URL Twitter E-mail

General

Target

7c5f1ae8764e9dcd9d19ad40f8faa7ee
Size

640KB
MD5

7c5f1ae8764e9dcd9d19ad40f8faa7ee
SHA1

2d91a36ce868031b286324f674bc0a12c67cfec3
SHA256

9cb4f6dccbd7e04ef240d9ce0692a260d5a63a7da24a3712a4a63d8065a6af4e
SHA512

e6d0a981d3308244320a13f9a6bd03a73ff04989727c83558ca86dec15f4eee24f4b6c0e5144af7b982b64134a2733cfad6bfd0a9c9f3648cc59314dc670acf0
SSDEEP

12288:bgsOvvgZvf10DIIaii5LulisMJoGIrbBgmqcIUgc3/v9v:btkgZ10DzaiiQlXTGIHBgwII3/v9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7c5f1ae8764e9dcd9d19ad40f8faa7ee

Files

7c5f1ae8764e9dcd9d19ad40f8faa7ee
.exe windows:4 windows x86 arch:x86

7fbf555cd869ad619e5339ce4e562a88

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\kjvh\tiic\gqewd\hfe.pdb

Imports

shell32

SHGetFileInfoA
RealShellExecuteExA
SHFileOperationW

user32

CloseDesktop
DdeGetLastError
BlockInput
SetDeskWallpaper
GetSystemMenu
CharPrevExA
DdeImpersonateClient
GetClipboardOwner
IsDialogMessageA
GetMenuItemCount
DefWindowProcA
RemovePropW
GetNextDlgTabItem
GetScrollPos
SetDlgItemTextW
CharToOemBuffA
DrawIcon
ActivateKeyboardLayout
GetGuiResources
GetCursorPos
CreateIconFromResource
CreateWindowExW
GetKeyboardType
GetMenuItemRect
DestroyCursor
GetForegroundWindow
IsIconic
ShowWindow
CharToOemW
CloseWindowStation
RegisterClassA
GetWindowModuleFileNameW
DrawAnimatedRects
MessageBoxA
CallMsgFilterA
DestroyWindow
CharLowerBuffA
GetClassNameW
CharToOemA
TabbedTextOutA
UnhookWinEvent
RegisterClassExA
IntersectRect
FindWindowW
IsCharUpperW
TileWindows
InsertMenuItemA
ValidateRgn
OpenIcon
GetClipboardFormatNameA
EnableWindow
GetMonitorInfoA
DdeGetData
ChangeDisplaySettingsExA
SetMenuDefaultItem
AdjustWindowRect

comctl32

ImageList_SetBkColor
ImageList_GetDragImage
ImageList_Remove
CreateUpDownControl
ImageList_SetFilter
ImageList_DragLeave
ImageList_GetImageInfo
ImageList_GetIconSize
CreateStatusWindowW
ImageList_DragMove
DrawStatusText
DrawStatusTextA
ImageList_Draw
ImageList_EndDrag
ImageList_Merge
ImageList_Create
ImageList_DrawIndirect
MakeDragList
DrawInsert
ImageList_DragShowNolock
ImageList_GetImageRect
InitCommonControlsEx
ImageList_AddMasked

wininet

InternetGoOnline
GopherFindFirstFileW
InternetCloseHandle
SetUrlCacheConfigInfoW

kernel32

UnhandledExceptionFilter
CompareStringA
GetLocaleInfoW
GetOEMCP
GlobalFindAtomW
GetCurrentProcessId
HeapReAlloc
GetModuleHandleA
FreeLibrary
FindAtomA
LCMapStringW
GetTickCount
Sleep
FlushInstructionCache
GetModuleFileNameA
GetCurrentThreadId
AddAtomW
lstrcmp
GetCommandLineW
SetConsoleActiveScreenBuffer
CloseHandle
WriteConsoleA
HeapDestroy
CopyFileA
GetUserDefaultLangID
GetFileAttributesA
GetModuleFileNameW
FindFirstFileA
TransmitCommChar
IsDebuggerPresent
InterlockedDecrement
TerminateProcess
WideCharToMultiByte
GetFileType
VirtualAlloc
SetFilePointer
GetLocaleInfoA
GetEnvironmentStrings
GetTimeFormatA
HeapFree
CreateFileA
LoadLibraryW
SetEnvironmentVariableA
TlsFree
CreateMailslotA
SetConsoleCursorPosition
FreeEnvironmentStringsW
GetCommandLineA
GetTimeZoneInformation
IsValidLocale
ConvertDefaultLocale
GetConsoleMode
GetCompressedFileSizeA
VirtualQuery
GetCurrentProcess
MultiByteToWideChar
SetFileAttributesW
GetFileAttributesExA
RtlUnwind
CreateMutexA
GetPrivateProfileSectionA
GlobalCompact
GetMailslotInfo
GetEnvironmentStringsA
GlobalLock
FlushFileBuffers
GetCurrentThread
CreateDirectoryExW
GlobalSize
ExitProcess
GetVersionExA
GetStartupInfoW
GlobalReAlloc
GetNamedPipeInfo
CopyFileExA
GetLastError
LockFile
GetDateFormatA
SetThreadContext
LCMapStringA
DeleteAtom
GetSystemDefaultLCID
FileTimeToDosDateTime
GetStringTypeW
HeapCreate
WriteFile
OpenMutexA
SleepEx
CreateWaitableTimerA
WriteConsoleW
InitializeCriticalSectionAndSpinCount
GetSystemDirectoryA
TlsGetValue
GetSystemTimeAsFileTime
WriteConsoleInputW
LoadLibraryA
GetSystemDefaultLangID
GetLogicalDriveStringsW
EnumResourceNamesW
SetStdHandle
WaitNamedPipeW
VirtualProtect
EnumSystemLocalesA
IsValidCodePage
FindFirstFileW
SetFileTime
SetLastError
ReadFile
SetHandleCount
EnumResourceTypesA
InterlockedIncrement
LeaveCriticalSection
GetStartupInfoA
GetStringTypeA
CompareStringW
GetCPInfo
FindAtomW
GetACP
FoldStringA
SetThreadPriority
FlushConsoleInputBuffer
OpenEventW
GlobalFindAtomA
WriteProfileSectionW
DebugActiveProcess
GetEnvironmentStringsW
GetProcAddress
HeapSize
InitializeCriticalSection
GetProcessHeap
DeleteCriticalSection
SetConsoleCtrlHandler
TlsAlloc
GetConsoleCP
VirtualFree
QueryPerformanceCounter
SetConsoleScreenBufferSize
GetUserDefaultLCID
IsBadReadPtr
CreateFileMappingW
FreeEnvironmentStringsA
GetConsoleOutputCP
SetUnhandledExceptionFilter
DosDateTimeToFileTime
EnterCriticalSection
GetStdHandle
InterlockedExchange
SetVolumeLabelA
TlsSetValue
HeapAlloc

Sections

.text
Size: 216KB - Virtual size: 212KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 264KB - Virtual size: 262KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 120KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7fbf555cd869ad619e5339ce4e562a88

Headers

File Characteristics

PDB Paths

Imports

shell32

user32

comctl32

wininet

kernel32

Sections

.text Size: 216KB - Virtual size: 212KB

.rdata Size: 264KB - Virtual size: 262KB

.data Size: 120KB - Virtual size: 129KB

.rsrc Size: 36KB - Virtual size: 34KB

.text
Size: 216KB - Virtual size: 212KB

.rdata
Size: 264KB - Virtual size: 262KB

.data
Size: 120KB - Virtual size: 129KB

.rsrc
Size: 36KB - Virtual size: 34KB