7cf655db3371677630542df3e0f753d7

Sharing

Copy URL Twitter E-mail

General

Target

7cf655db3371677630542df3e0f753d7
Size

185KB
MD5

7cf655db3371677630542df3e0f753d7
SHA1

f8e2f1bfb514379b2ff8667b05a1f23f37514448
SHA256

03f831e2ec2c9df4b05392060784d5b18b8a70f10785d8813d5b7be62a820779
SHA512

eacc3911c84134858e8fc6152582a2c6dd49923de2449d786eeefd3dd17783c1304e4a048e47ba5ff624206cc6e19bf50363a5ec791271b99340cbbd7e922829
SSDEEP

3072:WKjuTdyydVN8JKtu/zS1kTSGnp4ejslm3m7xeHDM+VHGOlBd4ErFfSQm4:WtFdcJKtubcGnp5okmI9GOlBSErFfS94

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7cf655db3371677630542df3e0f753d7

Files

7cf655db3371677630542df3e0f753d7
.exe windows:4 windows x86 arch:x86

3b728abbd8a580d62834f3d101bef365

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSetValueExA
CryptAcquireContextA
CryptImportKey
RegEnumKeyExA
RegOpenKeyExA
CryptDestroyHash
RegCloseKey
CryptHashData
CryptReleaseContext
RegQueryValueExA
RegEnumValueA
CryptDestroyKey
CryptCreateHash
CryptGetHashParam
CryptEncrypt
RegDeleteValueA
RegQueryInfoKeyA
RegCreateKeyExA
RegDeleteKeyA

shlwapi

PathFileExistsW
PathCombineW

kernel32

LocalAlloc
UnmapViewOfFile
GetLongPathNameW
CreateFileA
WideCharToMultiByte
GlobalAlloc
Sleep
GetProcessId
GlobalFree
ReadFile
LocalFree
GetFileSize
GetTickCount
EnumResourceTypesA
CreateFileMappingA
SetFilePointer
GetFileAttributesA
MapViewOfFile
GlobalSize
DisableThreadLibraryCalls
WriteFile
CreateFileW
CloseHandle

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

user32

SetFocus
wvsprintfA
GetClassInfoExA
SetWindowTextA
FillRect
DestroyWindow
SetTimer
wsprintfA
GetFocus
SetCapture
EndPaint
PostThreadMessageA
MoveWindow
IsWindow
PostMessageA
DestroyAcceleratorTable
ReleaseCapture
DefWindowProcA
ShowWindow
SetRect
CreateDialogParamA
SetWindowLongA
CallWindowProcA
GetClientRect
SendMessageTimeoutA
BeginPaint
GetParent
GetDesktopWindow
CopyRect
GetWindowTextLengthA
MsgWaitForMultipleObjects
DrawTextA
RedrawWindow
GetDC
GetWindowRect
LoadCursorA
InvalidateRect
GetClassNameA
GetSysColor
CharNextA
SetParent
GetWindowTextA
RegisterWindowMessageA
SendNotifyMessageA
SendMessageA
EqualRect
InvalidateRgn
DispatchMessageA
FindWindowA
KillTimer
IsChild
GetWindowLongA
ReleaseDC
GetWindow
EnumDisplayDevicesA
UnregisterClassA
PeekMessageA
GetQueueStatus
CreateWindowExA
RegisterClassExA
GetDlgItem
CreateAcceleratorTableA
GetActiveWindow
SetWindowPos

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW
VerQueryValueA

wininet

InternetOpenUrlA
InternetOpenA
InternetReadFile
InternetCloseHandle

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA

gdiplus

GdipDisposeImage
GdipGetImagePixelFormat
GdipCreateBitmapFromFile
GdipAlloc
GdipCreateBitmapFromFileICM
GdipFree
GdipCloneImage

ole32

CoUninitialize
CreateStreamOnHGlobal
CLSIDFromProgID
GetRunningObjectTable
CoInitialize
StgCreateDocfile
CoCreateInstance
CreateItemMoniker
CoTaskMemRealloc
CoInitializeSecurity
CoSetProxyBlanket
StgIsStorageFile
BindMoniker
OleUninitialize
StgOpenStorage
OleInitialize
OleLockRunning
CoTaskMemAlloc
StringFromGUID2
CoGetClassObject
CoTaskMemFree
CreateBindCtx
CLSIDFromString

gdi32

CreateCompatibleBitmap
DeleteDC
CreateCompatibleDC
RealizePalette
GetStockObject
GetDIBits
SetStretchBltMode
ExtEscape
GetObjectA
DeleteObject
GetDeviceCaps
BitBlt
CreateDIBSection
CreateDIBitmap
CreateSolidBrush
StretchDIBits
CreateFontA
SelectObject
SelectPalette
SetBkMode

winmm

timeGetTime
timeSetEvent

Sections

.text
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 368KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3b728abbd8a580d62834f3d101bef365

Headers

File Characteristics

Imports

advapi32

shlwapi

kernel32

shell32

user32

version

wininet

setupapi

gdiplus

ole32

gdi32

winmm

Sections

.text Size: 107KB - Virtual size: 106KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 71KB - Virtual size: 71KB

.tls Size: 1024B - Virtual size: 368KB

.text
Size: 107KB - Virtual size: 106KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 71KB - Virtual size: 71KB

.tls
Size: 1024B - Virtual size: 368KB