7d558c3646240e1d11947c0704b5b189

Sharing

Copy URL Twitter E-mail

General

Target

7d558c3646240e1d11947c0704b5b189
Size

82KB
MD5

7d558c3646240e1d11947c0704b5b189
SHA1

9298211214274cb6505ee05cc9f02a33c50ffe56
SHA256

9eac0d0a24a49916a52cbf4ed47941f805dd648bcb41f0a9ad09d1a9a8717258
SHA512

1f2c220ca8b7590c5345d9cbc33151e2ca92fbc2b7dce6ae2303ff3d1fdb1fa50996595ccf3c6488e3e9f439fa01948c4083e8c2156c9fa366ff7ea109e9555a
SSDEEP

1536:S1DRGkqdM+ieh22Yr6i/9IFSGYLcHlfsCXaXzJHbl7WWsSuhUv1og5z9lyhr:M/YhRi/6FSfcHlECqXzJRsFo9Qh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7d558c3646240e1d11947c0704b5b189

Files

7d558c3646240e1d11947c0704b5b189
.exe windows:5 windows x86 arch:x86

d8f7b2008e6300f0f9f45a7f7fbf5316

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

FrameRect
GetSysColor
GetSysColorBrush
SetWindowTextA
GetMessageA
EnumWindows
UnhookWindowsHookEx
GetScrollPos
GetSubMenu
PostQuitMessage
EqualRect
EnableMenuItem
SetWindowPos

kernel32

InterlockedExchange
ExitProcess
FileTimeToSystemTime
GetTempPathA
QueryPerformanceCounter
VirtualAllocEx
GetSystemTime
GetTickCount
GetOEMCP
SetUnhandledExceptionFilter
GetStartupInfoA
GetTimeZoneInformation
RtlUnwind
GetFileAttributesA
GetThreadLocale
GetACP
GetCurrentProcessId

gdi32

SetViewportExtEx
SelectClipPath
CreateICW
GetMapMode
DPtoLP
CreateCompatibleBitmap
ExcludeClipRect
CopyEnhMetaFileA
FillRgn

ole32

CoInitialize
DoDragDrop
StgOpenStorage
OleRun
StringFromGUID2
CoCreateInstance
CoRevokeClassObject
CoTaskMemRealloc
CoInitializeSecurity

advapi32

RegCreateKeyA
GetSecurityDescriptorDacl
CheckTokenMembership
RegCreateKeyExW
RegQueryValueExW
FreeSid
QueryServiceStatus
AdjustTokenPrivileges
GetUserNameA
CryptHashData

msvcrt

__setusermatherr
_flsbuf
fflush
_CIpow
_lock
__getmainargs
__initenv
iswspace
_mbscmp
strlen
_fdopen
strncpy
fprintf
signal
_strdup
strcspn
puts
raise

comctl32

InitCommonControls
ImageList_SetIconSize
ImageList_ReplaceIcon
ImageList_LoadImageA
ImageList_DragEnter
CreatePropertySheetPageA
ImageList_Destroy
ImageList_LoadImageW
ImageList_GetIcon
ImageList_GetIconSize
ImageList_Write
ImageList_GetBkColor
ImageList_DrawEx

shell32

DragQueryFileW
ShellExecuteW
ExtractIconW
SHBrowseForFolderA
ShellExecuteEx
CommandLineToArgvW
DoEnvironmentSubstW
DragQueryFileA
SHGetPathFromIDList
ExtractIconExW
DragAcceptFiles

oleaut32

VariantCopy
SafeArrayCreate
SysReAllocStringLen
SafeArrayRedim
SafeArrayGetUBound
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayUnaccessData

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d8f7b2008e6300f0f9f45a7f7fbf5316

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 33KB - Virtual size: 33KB

.data Size: 41KB - Virtual size: 41KB

.rsrc Size: 6KB - Virtual size: 34KB

.text
Size: 33KB - Virtual size: 33KB

.data
Size: 41KB - Virtual size: 41KB

.rsrc
Size: 6KB - Virtual size: 34KB