7c58e3b8bcf365c8ab8a016b589af0a9

Sharing

Copy URL Twitter E-mail

General

Target

7c58e3b8bcf365c8ab8a016b589af0a9
Size

547KB
MD5

7c58e3b8bcf365c8ab8a016b589af0a9
SHA1

c1a8c605ae02493a866b096b1f891bc4528754eb
SHA256

109d27d192ac3b9363f97fc82948590141f33cb4ab5e6b0b144bec09b49e64ee
SHA512

dd40fa8c9708ffc66b59a8eeeb2369db93fbfb1e956fa0bbfb59da793aec5dda1987f8176ae8c202419db09c9f1079fbc7d091a433ffb0adfb00f779c724e0d3
SSDEEP

12288:8Ud06l3UOFJdBFehoo5QqIOXf7Yi+X+kd+Wy9e3scxsynw:8UdJU4nFe55lZjYu4+D9yL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7c58e3b8bcf365c8ab8a016b589af0a9

Files

7c58e3b8bcf365c8ab8a016b589af0a9
.exe windows:4 windows x86 arch:x86

8f81f68b752696b34ddd837645a479dd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptImportKey
AbortSystemShutdownA
CryptSignHashW
RegSetValueExW
CryptExportKey
RegCreateKeyExA

user32

SetThreadDesktop
GetClipboardData
ScreenToClient
GetScrollPos
GetKeyboardLayoutNameA
LoadStringA
GetClassLongW
GetSystemMenu
GetDC
GetNextDlgGroupItem
SendNotifyMessageA
GetCursorInfo
WindowFromDC
DlgDirSelectComboBoxExA
DispatchMessageW
SetDlgItemInt
EnableWindow
ChangeDisplaySettingsExA
MonitorFromWindow
wvsprintfA
LoadBitmapA
RegisterClassA
GetWindowDC
GetDesktopWindow
RegisterClassExA
GetScrollBarInfo
GetClipboardSequenceNumber

kernel32

SetLastError
SetLocaleInfoA
GetCurrentThreadId
GetVersionExA
HeapAlloc
GetTempFileNameW
FindResourceW
WriteFile
CreateMutexA
CreateFileMappingA
LocalCompact
EnumSystemLocalesA
HeapFree
SetConsoleTitleA
IsValidLocale
GetTickCount
GetNamedPipeHandleStateW
IsBadWritePtr
GetDateFormatA
GetModuleHandleA
LeaveCriticalSection
TerminateThread
VirtualQueryEx
WaitForMultipleObjectsEx
InterlockedDecrement
ReadFile
GetCurrentProcessId
GetSystemInfo
HeapCreate
GetEnvironmentStringsW
LCMapStringA
GetStartupInfoA
GetModuleFileNameA
TlsFree
InitializeCriticalSection
GetEnvironmentStrings
DeleteCriticalSection
ExitProcess
DebugBreak
SetHandleCount
VirtualQuery
EnumCalendarInfoExA
TlsAlloc
GetFileType
TerminateProcess
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetLastError
VirtualProtect
FreeEnvironmentStringsA
GetOEMCP
GetStringTypeA
GetNamedPipeInfo
GetLocaleInfoW
EnterCriticalSection
UnhandledExceptionFilter
LoadLibraryA
TlsGetValue
VirtualFree
lstrlenW
LCMapStringW
OpenMutexA
FlushFileBuffers
GetModuleFileNameW
GetProfileStringA
GetLocaleInfoA
GetACP
InterlockedIncrement
SetConsoleMode
IsValidCodePage
GetStringTypeW
QueryPerformanceCounter
GetCommandLineW
GetUserDefaultLCID
GetProcAddress
GetCurrentProcess
InterlockedExchange
WideCharToMultiByte
CompareStringW
CloseHandle
FreeEnvironmentStringsW
GetCPInfo
SetEnvironmentVariableA
HeapReAlloc
lstrcatA
GetTimeFormatA
GetCommandLineA
HeapValidate
SetConsoleCtrlHandler
VirtualAlloc
GetStartupInfoW
SetStdHandle
SetFilePointer
GetPrivateProfileIntW
TlsSetValue
IsBadReadPtr
RtlUnwind
MultiByteToWideChar
GetStdHandle
CompareStringA
GetCurrentThread
OutputDebugStringA
HeapDestroy

comctl32

InitCommonControlsEx

Sections

.text
Size: 215KB - Virtual size: 214KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 312KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8f81f68b752696b34ddd837645a479dd

Headers

File Characteristics

Imports

advapi32

user32

kernel32

comctl32

Sections

.text Size: 215KB - Virtual size: 214KB

.rdata Size: 12KB - Virtual size: 43KB

.data Size: 312KB - Virtual size: 312KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 215KB - Virtual size: 214KB

.rdata
Size: 12KB - Virtual size: 43KB

.data
Size: 312KB - Virtual size: 312KB

.rsrc
Size: 6KB - Virtual size: 6KB