7c6a22dfd7c5e0ee92190fcd3045621a

General

Target

7c6a22dfd7c5e0ee92190fcd3045621a
Size

171KB
MD5

7c6a22dfd7c5e0ee92190fcd3045621a
SHA1

927f62f435b68875da3bd70473791c819a531f36
SHA256

71e288651bec04a13648450fa79225513546b1bafb469a9fc4e56d52d66389fc
SHA512

dd676a8e3a301748c0f10c93bc0b3699ce2aa6bcdc7cb1020af6a8d164149c1a596794b8c3363f555cc57671d1ebfc12ee68e2b8527a5bec9834ba6a275b0572
SSDEEP

3072:n9/5ddf5LITXp1jAhACSMtYWs/XgVVO86/gMmrHUXw:n9/5DwlAh7SMmWs/O086/lyHp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7c6a22dfd7c5e0ee92190fcd3045621a

Files

7c6a22dfd7c5e0ee92190fcd3045621a
.exe windows:5 windows x86 arch:x86

632d557784c3e3abbb1c3cea4a939b15

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

A:\xtjt\qowadtd\BgxQzh.pdb

Imports

gdi32

CreatePenIndirect
SetTextAlign
TranslateCharsetInfo
CreatePen
GetRgnBox
SetBrushOrgEx
GetLayout
CreateHatchBrush

user32

GetClassLongA
MenuItemFromPoint
GetKeyState
FillRect
WindowFromPoint
GetKeyboardType
GetClassInfoA
GetMenu
InsertMenuA
GetWindow
InSendMessageEx
CharLowerW
LoadCursorW

comdlg32

PrintDlgExW
GetFileTitleW

kernel32

GetTimeZoneInformation
OpenFile
GetThreadLocale
LoadLibraryA
GetModuleHandleW
ResetEvent
GlobalFlags
GetTickCount
GetVersionExA
GetModuleHandleA
CloseHandle
lstrcmpiW
GetProcAddress
GetVersion
SizeofResource
CreateEventW

Exports

Exports

?igiwdel@@YGXI@Z
?JBBpOuIb@@YGFG_N@Z
?OOgalnugortzXc@@YGHPANH@Z
?ykskvJszBjcqvuuvufxnxr@@YGPAFF@Z
?hyqssCaxtqmqe@@YGPADFPAK@Z

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 233B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.crt
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

632d557784c3e3abbb1c3cea4a939b15

Headers

File Characteristics

PDB Paths

Imports

gdi32

user32

comdlg32

kernel32

Exports

Exports

Sections

.text Size: 17KB - Virtual size: 16KB

.data Size: 2KB - Virtual size: 82KB

.edata Size: 512B - Virtual size: 233B

.crt Size: 4KB - Virtual size: 4KB

.rsrc Size: 144KB - Virtual size: 144KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 17KB - Virtual size: 16KB

.data
Size: 2KB - Virtual size: 82KB

.edata
Size: 512B - Virtual size: 233B

.crt
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 144KB - Virtual size: 144KB

.reloc
Size: 2KB - Virtual size: 2KB