7d2e0283334ca527fdd2ee9a70729211

Sharing

Copy URL Twitter E-mail

General

Target

7d2e0283334ca527fdd2ee9a70729211
Size

190KB
MD5

7d2e0283334ca527fdd2ee9a70729211
SHA1

0a61cdc5cc3a80b966d8529bef79a4203739447d
SHA256

4cf959619f3bd0b5bb151778d1610789b38c1fe86c5568d3ab6c0d35f4a5e6d6
SHA512

d4e1ad33841c432e5364c5f88bb27382543677ab2ea664039447785bfc4c33971504b8ee764541b328fdca8d4e1849d9fa3b3c08cd81954865917376707112ad
SSDEEP

3072:cJ8DzegNsVe0ziQl3MQ5VT4qVT4AGqjEDgjqm3kr1y2TK54SBGyAiwCiidABv4TT:XQVe0ziQVNZVbGNDgR0r1hTK54uAird5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7d2e0283334ca527fdd2ee9a70729211

Files

7d2e0283334ca527fdd2ee9a70729211
.exe windows:4 windows x86 arch:x86

60ebf7ade28545f057450b8c51d2f862

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFindFileNameW
PathIsUNCW
PathStripToRootW
PathFileExistsW
PathRemoveFileSpecW
PathFindExtensionW
PathAppendW

kernel32

GetLocaleInfoW
InterlockedDecrement
GetCalendarInfoW
SetFilePointer
WideCharToMultiByte
MultiByteToWideChar
FindClose
GetCurrentDirectoryW
DeleteFileW
GetSystemDefaultLangID
ReadFile
lstrcpyW
ConvertDefaultLocale
FindFirstFileW
LocalFileTimeToFileTime
GetCurrentProcessId
LoadLibraryW
MoveFileW
SetFileTime
EnumResourceNamesA
EnumResourceLanguagesW
ExitProcess
CreateDirectoryW
WriteFile
GetModuleFileNameW
FindNextFileW
GetFileAttributesW
CreateFileW
RemoveDirectoryW
SystemTimeToFileTime
GetVersion
GetProcAddress

advapi32

RegQueryValueW
RegOpenKeyExW
RegCreateKeyExW
RegDeleteKeyW
RegEnumKeyExW
RegOpenKeyW
RegSetValueExW
RegQueryInfoKeyW
RegCloseKey
RegEnumKeyW
RegQueryValueExW

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

oleacc

LresultFromObject
CreateStdAccessibleObject

ole32

OleFlushClipboard
CoGetClassObject
CoInitialize
CoFreeUnusedLibraries
CoRetireServer
CoCreateInstance
CoUninitialize
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoRevokeClassObject
CoTaskMemAlloc
OleUninitialize
CoRegisterMessageFilter
CreateILockBytesOnHGlobal
CoTaskMemFree
OleInitialize
CLSIDFromProgID
OleIsCurrentClipboard
CLSIDFromString

user32

InvalidateRect
GetClassLongW
GetClassInfoExW
GetNextDlgGroupItem
CopyAcceleratorTableW
GetNextDlgTabItem
SendDlgItemMessageA
InvalidateRgn
RegisterWindowMessageW
SetRect
CreateWindowExW
IsRectEmpty
WinHelpW
MessageBeep
RemovePropW
GetPropW
CharNextW
CharUpperW
SetPropW
DestroyMenu

gdi32

GetTextColor
ExtSelectClipRgn
ScaleWindowExtEx
ScaleViewportExtEx
DeleteDC
GetStockObject
SetWindowExtEx
RectVisible
GetDeviceCaps
SetViewportOrgEx
GetMapMode
SelectObject
Escape
PtVisible
ExtTextOutW
TextOutW
OffsetViewportOrgEx
GetBkColor
GetRgnBox

Sections

.text
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

60ebf7ade28545f057450b8c51d2f862

Headers

File Characteristics

Imports

shlwapi

kernel32

advapi32

shell32

oleacc

ole32

user32

gdi32

Sections

.text Size: 109KB - Virtual size: 108KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 75KB - Virtual size: 75KB

.edata Size: 1024B - Virtual size: 68KB

.text
Size: 109KB - Virtual size: 108KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 75KB - Virtual size: 75KB

.edata
Size: 1024B - Virtual size: 68KB