7d2197c4cedf3c71e62ef74af9bab06f

Sharing

Copy URL

Twitter E-mail

General

Target

7d2197c4cedf3c71e62ef74af9bab06f
Size

800KB
MD5

7d2197c4cedf3c71e62ef74af9bab06f
SHA1

3c779b6211315e0b8616b8be2bb0523f4bd114f3
SHA256

0f646c26472d54e40f020d864b99f52df8615e9478d7d624b9ad87429657e7e3
SHA512

9461d67f4566bb8e7fa0d38ee96b1bb577b2168151b39bebc17ac6f29e197f7e66e017d93aa1e42ec55c454f78728d7b075a197d19e19338c0cd4f3396cfe2d2
SSDEEP

24576:7CBkRP7IqxvyDgfmTJ8tGVGZwaFrJA0SG7XOLke6oE:7CgDIQy8f8VKwaFrJA0Sbwe7E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7d2197c4cedf3c71e62ef74af9bab06f

Files

7d2197c4cedf3c71e62ef74af9bab06f
.exe windows:4 windows x86 arch:x86

501eac0c2537776f4897282cc7a8e9bf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

m:\ovaa.pdb

Imports

comctl32

InitMUILanguage
CreateUpDownControl
MakeDragList
ImageList_GetImageInfo
ImageList_BeginDrag
ImageList_Remove
CreateToolbar
DrawInsert
InitCommonControlsEx
CreateMappedBitmap
ImageList_DrawEx
ImageList_DrawIndirect
ImageList_EndDrag
GetEffectiveClientRect

kernel32

ReadConsoleInputA
GetSystemInfo
SetThreadPriority
IsValidCodePage
lstrcatA
FreeEnvironmentStringsA
WriteConsoleInputA
SetConsoleTextAttribute
TlsGetValue
GetLocaleInfoW
GetFileTime
HeapDestroy
ExitThread
MapViewOfFileEx
GetPrivateProfileSectionW
GetStartupInfoW
DeleteFiber
GetSystemDefaultLangID
SetConsoleWindowInfo
GetDriveTypeA
HeapAlloc
GetModuleHandleA
MultiByteToWideChar
GetEnvironmentStringsW
WriteFile
LocalFlags
OutputDebugStringA
EnumDateFormatsW
EnumSystemCodePagesA
lstrlenW
InitializeCriticalSection
CreateMailslotW
SetStdHandle
CompareStringW
FormatMessageA
WriteProfileStringW
DeleteCriticalSection
GetTimeFormatA
SetLastError
TlsAlloc
GetDateFormatA
GetEnvironmentStrings
FindAtomW
GetFileType
lstrlen
WideCharToMultiByte
GetModuleFileNameA
VirtualProtect
CompareStringA
GetLastError
FindNextFileA
SetComputerNameA
GetTimeZoneInformation
GlobalUnfix
SetFilePointer
CreateSemaphoreA
GetCurrentDirectoryA
GetCurrentProcess
CreateNamedPipeW
HeapReAlloc
HeapCreate
GlobalAddAtomA
GetStringTypeW
DebugActiveProcess
HeapFree
GetFileAttributesA
GetConsoleOutputCP
GetUserDefaultLCID
GetProcAddress
GlobalFindAtomA
LCMapStringW
GetCurrencyFormatW
DebugBreak
RemoveDirectoryW
GetCurrentThread
SetHandleCount
GetCompressedFileSizeW
GetNamedPipeHandleStateA
GetOEMCP
ReleaseSemaphore
GetStringTypeExA
GetProcessShutdownParameters
GetCPInfo
FreeEnvironmentStringsW
TlsSetValue
GetCurrentThreadId
ExitProcess
HeapValidate
IsBadReadPtr
GetCommandLineW
GetProcessAffinityMask
LCMapStringA
VirtualQuery
LoadLibraryA
TlsFree
GetSystemDirectoryW
LeaveCriticalSection
VirtualAlloc
GetACP
IsBadWritePtr
OpenMutexA
GetLocaleInfoA
GlobalSize
GetThreadPriority
ReadFile
GlobalFlags
GetThreadContext
RtlUnwind
EnterCriticalSection
LocalLock
GetTickCount
GetProcAddress
GetSystemTimeAsFileTime
GetStartupInfoA
LoadLibraryExW
IsValidLocale
QueryPerformanceCounter
FlushFileBuffers
SetConsoleCursorPosition
WriteProfileStringA
SetEnvironmentVariableA
GetNamedPipeHandleStateW
InterlockedIncrement
lstrcpyA
GetCalendarInfoA
MoveFileW
EnumDateFormatsExA
CreateMutexA
CloseHandle
GetStringTypeA
ConvertDefaultLocale
lstrcmpW
CreateEventW
InterlockedDecrement
WaitNamedPipeW
TerminateProcess
WritePrivateProfileStringW
GetStdHandle
VirtualFree
WritePrivateProfileStructA
UnhandledExceptionFilter
GetVersionExA
GetCommandLineA
SetConsoleCtrlHandler
EnumSystemLocalesA
GetCurrentProcessId
InterlockedExchange
GetComputerNameA
FileTimeToLocalFileTime
GetModuleFileNameW
GetProfileSectionA
InterlockedCompareExchange

gdi32

GetMapMode
GetObjectA
GetObjectType
GetDeviceCaps
SelectObject
EnumObjects
DeleteDC
GetPath
CreateDCW
LineTo
RestoreDC

user32

PostThreadMessageW
IsZoomed
CharUpperBuffW
ModifyMenuA
TileWindows
FindWindowExA
CharNextA
GetMessageW
GrayStringA
SetDebugErrorLevel
DefWindowProcW
CharNextExA
FindWindowExW
CharLowerW
SendMessageW
SetScrollRange
GetWindowThreadProcessId
SetWindowPos
RemovePropW
EnumChildWindows
PeekMessageA
GetMenuCheckMarkDimensions
OemToCharBuffA
EndPaint
IsCharUpperA
DispatchMessageA
OemToCharBuffW
GetClipboardFormatNameW
SetMenuItemInfoA
wsprintfW
GetKeyboardLayoutList
AdjustWindowRect
GetKeyboardLayout
MapVirtualKeyExA
GetTabbedTextExtentA
VkKeyScanA
SwitchToThisWindow
GetDC
ChangeMenuW
LoadCursorA
EndMenu
FindWindowA
RegisterClassExA
IsCharLowerA
EnumPropsExW
SetRectEmpty
SetCaretPos
DdeInitializeA
GetWindowRgn
CreateDialogIndirectParamW
DdeQueryStringW
SetUserObjectSecurity
RegisterClassA
DeferWindowPos
CreateDesktopW
CharToOemBuffA
TranslateMDISysAccel
EnumDisplayDevicesA
TabbedTextOutA
ToAscii
ReleaseCapture
GetTitleBarInfo
SetMenuItemInfoW
CallMsgFilter

comdlg32

GetOpenFileNameA

Sections

.text
Size: 212KB - Virtual size: 209KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 404KB - Virtual size: 402KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

501eac0c2537776f4897282cc7a8e9bf

Headers

File Characteristics

PDB Paths

Imports

comctl32

kernel32

gdi32

user32

comdlg32

Sections

.text Size: 212KB - Virtual size: 209KB

.rdata Size: 404KB - Virtual size: 402KB

.data Size: 140KB - Virtual size: 136KB

.rsrc Size: 40KB - Virtual size: 36KB

.text
Size: 212KB - Virtual size: 209KB

.rdata
Size: 404KB - Virtual size: 402KB

.data
Size: 140KB - Virtual size: 136KB

.rsrc
Size: 40KB - Virtual size: 36KB