7c990fcf8f1a86a93ed7fbe3febb547c

Sharing

Copy URL Twitter E-mail

General

Target

7c990fcf8f1a86a93ed7fbe3febb547c
Size

288KB
MD5

7c990fcf8f1a86a93ed7fbe3febb547c
SHA1

b0edc3dd607455248cfc99213f820657317504ea
SHA256

97fac3698cc2d3d96057803565d8a673957c0d95134cee50b989777338553d4e
SHA512

f09dad43a0aef9480140bba5ff87b30129e13602861814a4e676433f16404a6ee5e9b050333dcba835006fb57780b8785aede1b2774e1cff3f3628426f92648f
SSDEEP

6144:+AEpP/pn1u1yYRHDzV8lLipbSAFgj4pNPTxatjuF3VH:+A8YtDzGl4bvPFh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7c990fcf8f1a86a93ed7fbe3febb547c

Files

7c990fcf8f1a86a93ed7fbe3febb547c
.exe windows:4 windows x86 arch:x86

a4c27d082ce2d2dc40e54012b5cdad07

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\NRQHBOKL\VERBNKS\KDYTERCWMK\HEBTCUITZ.PDB

Imports

comctl32

ImageList_Add
InitCommonControlsEx
ImageList_DrawIndirect
ImageList_LoadImage
DestroyPropertySheetPage
ImageList_SetBkColor
ImageList_SetFilter
ImageList_ReplaceIcon
ImageList_BeginDrag
GetEffectiveClientRect
ImageList_Remove
DrawStatusTextA
ImageList_Write
ImageList_GetBkColor
DrawInsert
CreatePropertySheetPageA
ImageList_Draw
ImageList_GetImageInfo
ImageList_SetOverlayImage
CreateMappedBitmap
ImageList_DragLeave
ImageList_Create
CreatePropertySheetPage

user32

ChangeClipboardChain
DialogBoxParamA
SetCursorPos
CreateDialogIndirectParamW
RegisterClassA
DeferWindowPos
ShowWindow
EnableMenuItem
CreateMDIWindowW
DragObject
SetWindowsHookExA
RegisterClassExA
TabbedTextOutA
CreatePopupMenu
SendNotifyMessageA
GetSysColorBrush
GetThreadDesktop
GetWindowLongW
MonitorFromRect
DdeDisconnect
GetActiveWindow
EnumPropsA
GetSubMenu
SetShellWindow
DestroyWindow
LoadImageA
EnumDesktopWindows
SetWindowWord
ReleaseCapture
DdeConnectList
OemKeyScan
MessageBoxA
GetMenuBarInfo
SetPropW
UnregisterDeviceNotification
SetMenuItemInfoA
DdeNameService
GetFocus
SetCapture
GetClipboardFormatNameA
RemovePropA
SetCursor
GetUpdateRgn
GetCaretPos
SetFocus
CharUpperA
SetWindowsHookExW
CreateWindowExA
DialogBoxParamW
GetCursorInfo
EnumDisplayDevicesA
ShowCursor
CreateWindowExW
HideCaret
SetMenuItemInfoW
UnloadKeyboardLayout
DdeClientTransaction
InvalidateRect
DefWindowProcW
PostThreadMessageW

kernel32

HeapFree
GetCurrentProcessId
WideCharToMultiByte
CompareStringW
MultiByteToWideChar
GetPrivateProfileStructA
GetModuleHandleA
FileTimeToLocalFileTime
GetCurrentThread
GetSystemTime
GetStartupInfoA
GetEnvironmentStrings
SetHandleCount
GetLocalTime
VirtualAlloc
GetProcAddress
GetCurrentThreadId
ExitProcess
WriteFile
GetCurrentProcess
GetFileType
FlushFileBuffers
GetSystemTimeAsFileTime
GetStringTypeW
VirtualFree
UnhandledExceptionFilter
TlsSetValue
TlsGetValue
VirtualQuery
TerminateProcess
RtlUnwind
HeapAlloc
LCMapStringA
SetLastError
OpenEventW
OpenMutexA
TlsAlloc
HeapReAlloc
GetCPInfo
DeleteCriticalSection
GetCommandLineW
FreeEnvironmentStringsA
CloseHandle
GetStdHandle
GetModuleFileNameA
EnterCriticalSection
SetStdHandle
GetVersion
LeaveCriticalSection
EnumDateFormatsExW
SetFilePointer
FreeEnvironmentStringsW
LoadLibraryA
QueryPerformanceCounter
GetTimeZoneInformation
IsBadWritePtr
LCMapStringW
GetLastError
GetCommandLineA
SetEnvironmentVariableA
GetStringTypeA
InterlockedExchange
TlsFree
InterlockedDecrement
InterlockedIncrement
CompareStringA
InitializeCriticalSection
GetModuleFileNameW
ReadFile
HeapCreate
CreateMutexA
GetVersionExA
GetStartupInfoW
GetEnvironmentStringsW
HeapDestroy
SleepEx
GetTempPathW
GetTickCount

shell32

RealShellExecuteW
ExtractIconEx
DragQueryFileW

advapi32

CryptHashData
CryptDuplicateKey
ReportEventA
RegSetKeySecurity
RegReplaceKeyA
RegNotifyChangeKeyValue
AbortSystemShutdownW
RevertToSelf

Sections

.text
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a4c27d082ce2d2dc40e54012b5cdad07

Headers

File Characteristics

PDB Paths

Imports

comctl32

user32

kernel32

shell32

advapi32

Sections

.text Size: 64KB - Virtual size: 61KB

.rdata Size: 96KB - Virtual size: 95KB

.data Size: 84KB - Virtual size: 106KB

.rsrc Size: 40KB - Virtual size: 36KB

.text
Size: 64KB - Virtual size: 61KB

.rdata
Size: 96KB - Virtual size: 95KB

.data
Size: 84KB - Virtual size: 106KB

.rsrc
Size: 40KB - Virtual size: 36KB