7c790c9079b6e6aa7a7aa76c77892632

Sharing

Copy URL Twitter E-mail

General

Target

7c790c9079b6e6aa7a7aa76c77892632
Size

525KB
MD5

7c790c9079b6e6aa7a7aa76c77892632
SHA1

7e8ca699622d0a505bdb1109f3ac0a0ac95b6da2
SHA256

6e30fe373177d8266ed364fd4d41a1a585fb2c60649478a5bddb06367c4acf77
SHA512

c0ca04b5d542e1746e0d2480d0aaf94f9c45ea2d8adbc5c6b4e2fffb3e8480221c0743cd27ea798bd977f9a82bf479b8509275876d7fb9bc5dad2bea9fcb85f4
SSDEEP

12288:nupVyUdkXnSjFBpSNIFu4ADahtKjfrz1EA4:upVyUdkCjFE4ztKj31v4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7c790c9079b6e6aa7a7aa76c77892632

Files

7c790c9079b6e6aa7a7aa76c77892632
.exe windows:4 windows x86 arch:x86

5f37f480dc3a6ed140211a5863430b53

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

h:\ajclkoze\sssaqofms\angnyko\geuwtrfro\cstoek.pdb

Imports

kernel32

CompareStringW
FreeLibrary
GetProcAddress
TlsGetValue
CreateMutexA
FreeEnvironmentStringsW
lstrcpy
GetConsoleMode
VirtualAlloc
GetTimeZoneInformation
GetLocaleInfoW
SetUnhandledExceptionFilter
GetOEMCP
IsDebuggerPresent
GetTimeFormatA
GetCurrentProcess
CreateRemoteThread
RemoveDirectoryA
TerminateProcess
HeapCreate
VirtualUnlock
SetFilePointer
WriteConsoleA
SetEvent
WriteFile
CloseHandle
GetCurrentThreadId
GetDateFormatA
ExitThread
CreateFileA
GetEnvironmentStrings
EnumSystemLocalesA
RtlUnwind
GetConsoleOutputCP
InterlockedIncrement
GetDiskFreeSpaceExW
GetEnvironmentStringsW
GetCPInfo
LoadLibraryA
SetFileAttributesA
HeapSize
WriteConsoleW
GetStringTypeA
GetCurrentProcessId
GetStringTypeExW
SetEnvironmentVariableA
SetHandleCount
EnumDateFormatsExA
GetStdHandle
GetModuleHandleA
GetModuleFileNameA
LCMapStringW
InterlockedDecrement
GetModuleHandleW
GetCommandLineA
MoveFileA
Sleep
InterlockedExchange
ExitProcess
InitializeCriticalSectionAndSpinCount
ReadConsoleOutputA
HeapDestroy
GetConsoleCP
SetLastError
UnhandledExceptionFilter
GetLocaleInfoA
CompareStringA
CreateDirectoryExA
OpenMutexA
GetStringTypeW
VirtualQuery
ReadConsoleOutputCharacterA
GetStartupInfoA
TlsAlloc
QueryPerformanceCounter
ReadFile
HeapAlloc
GetTickCount
LeaveCriticalSection
GetLastError
GetUserDefaultLCID
HeapFree
GetFileType
LCMapStringA
SetConsoleCtrlHandler
RtlZeroMemory
VirtualFree
GetACP
FreeEnvironmentStringsA
GetSystemTimeAsFileTime
GetCurrentThread
TlsSetValue
SetStdHandle
WideCharToMultiByte
EnterCriticalSection
TlsFree
FlushFileBuffers
DeleteCriticalSection
IsValidLocale
IsValidCodePage
MultiByteToWideChar
HeapReAlloc

comctl32

InitCommonControlsEx

gdi32

GetEnhMetaFileBits
UpdateICMRegKeyA
GetICMProfileW
StartDocW
SetRectRgn
GetEnhMetaFileA
EnumICMProfilesA
PathToRegion
GetTextCharset
ArcTo
GetColorSpace
SetBkColor
EndPage
AbortPath
GetGlyphOutline
CreateRectRgnIndirect

user32

DlgDirListComboBoxW
CallWindowProcA
RegisterClassExA
GetGUIThreadInfo
DdeKeepStringHandle
EqualRect
MapVirtualKeyA
GetDlgCtrlID
TabbedTextOutW
EnumPropsW
SetFocus
SendIMEMessageExW
GetIconInfo
RegisterClassA

Sections

.text
Size: 377KB - Virtual size: 376KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5f37f480dc3a6ed140211a5863430b53

Headers

File Characteristics

PDB Paths

Imports

kernel32

comctl32

gdi32

user32

Sections

.text Size: 377KB - Virtual size: 376KB

.rdata Size: 20KB - Virtual size: 27KB

.data Size: 106KB - Virtual size: 105KB

.rsrc Size: 20KB - Virtual size: 20KB

.text
Size: 377KB - Virtual size: 376KB

.rdata
Size: 20KB - Virtual size: 27KB

.data
Size: 106KB - Virtual size: 105KB

.rsrc
Size: 20KB - Virtual size: 20KB