7c9392ad447d9dac215d91589dd83fc4

Sharing

Copy URL Twitter E-mail

General

Target

7c9392ad447d9dac215d91589dd83fc4
Size

247KB
MD5

7c9392ad447d9dac215d91589dd83fc4
SHA1

4672a1ad811448bb0dc9b3d259d3c028f422b6cd
SHA256

c65f060a4fff19d369c9a5367674aa8ba48eae62bd5ea8a217ad64fa74825186
SHA512

9b8d3088a11f11b57933e62f828fd20de532cc84011e82465dd9b427ff259075477a3fa53df2f646eecd03539a1ecfab6feea419d692aac16a4fab10091de585
SSDEEP

3072:lcWzA2JEmufGSL758E2NL2qdFJ8ybulknU1nRSDRz/UZTQJKMh9tmuWj6pxtIiSy:5kc+GSviVn8QulB1nRwaQJKdjsxtTS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7c9392ad447d9dac215d91589dd83fc4

Files

7c9392ad447d9dac215d91589dd83fc4
.exe windows:4 windows x86 arch:x86

06b8f8b2dfe2590d6e1440612f3053d4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDateFormatA
IsValidCodePage
LocalCompact
CompareStringA
GetVersionExA
FreeEnvironmentStringsA
HeapAlloc
LoadLibraryA
GetCommandLineA
VirtualFree
CompareStringW
WriteProfileSectionW
EnumSystemLocalesA
GetFileType
InterlockedExchange
TlsGetValue
GetEnvironmentStrings
HeapSize
InitializeCriticalSection
DeleteCriticalSection
GetStringTypeA
GetOEMCP
IsBadWritePtr
GetStartupInfoA
LoadResource
LCMapStringW
GetTimeZoneInformation
HeapDestroy
GetProcAddress
GetACP
HeapCreate
HeapFree
GetPrivateProfileStringA
GetLocaleInfoW
GetDateFormatW
LeaveCriticalSection
VirtualQuery
UnhandledExceptionFilter
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
SetEnvironmentVariableA
GetCPInfo
GetUserDefaultLCID
HeapReAlloc
TlsSetValue
ExitProcess
FreeEnvironmentStringsW
EnterCriticalSection
VirtualAlloc
TerminateProcess
QueryPerformanceCounter
GetCurrentProcess
TlsAlloc
GetModuleHandleA
GetSystemInfo
SetHandleCount
SetLastError
GetCurrentThreadId
WriteFile
IsValidLocale
GetLocaleInfoA
GetTimeFormatA
GetCurrentProcessId
GetModuleFileNameA
TlsFree
GetLastError
GetStdHandle
GetTickCount
LCMapStringA
GetCurrentThread
GetStringTypeW
GetSystemTimeAsFileTime
VirtualProtect
RtlUnwind

advapi32

CryptEnumProvidersW
CryptGenRandom
RegDeleteKeyA
GetUserNameW
RegOpenKeyW
CryptVerifySignatureA
CryptContextAddRef
LookupAccountNameW
RegQueryMultipleValuesW
StartServiceA
RegReplaceKeyW
RegConnectRegistryW
CryptDuplicateKey
RegQueryValueA

gdi32

SetViewportExtEx
GetCharWidth32A
PolylineTo
PathToRegion
CheckColorsInGamut
CreateMetaFileA
GetEnhMetaFileDescriptionW
MaskBlt
CopyEnhMetaFileW
DeviceCapabilitiesExA
SetMapMode
GetCharABCWidthsW
SetMetaRgn
PolyTextOutW

comdlg32

GetFileTitleA
PrintDlgA
ReplaceTextW
ChooseColorA
ChooseFontA
GetFileTitleW
FindTextA
ChooseFontW
PageSetupDlgA

Sections

.text
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 134KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

06b8f8b2dfe2590d6e1440612f3053d4

Headers

File Characteristics

Imports

kernel32

advapi32

gdi32

comdlg32

Sections

.text Size: 102KB - Virtual size: 101KB

.data Size: 134KB - Virtual size: 161KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 102KB - Virtual size: 101KB

.data
Size: 134KB - Virtual size: 161KB

.rsrc
Size: 9KB - Virtual size: 9KB