7d7b8c44a4513cee0b953027081e8ab6

Sharing

Copy URL Twitter E-mail

General

Target

7d7b8c44a4513cee0b953027081e8ab6
Size

756KB
MD5

7d7b8c44a4513cee0b953027081e8ab6
SHA1

dc98dc51eb34b7162234a086a07589f2688d0c1a
SHA256

67be662e0932a012baccf25e0617d7955ac79ce3716828ca8e1d75276ae6bf85
SHA512

fab84e0002f808a0906bb546308812caa90c9a72fc6f03a980858877c75ba996a3144ea9081923f0e32694db0691a1ac1558cc949c626380834477081952c27c
SSDEEP

12288:0LiT5W3YIlmuE/tkKbDVqKa0iLOgQM9TrqohxNWSkBJV+HFTlU0ED+3mG7zEmqU8:VpTXVliLOSTrqo/NUVme06+3mG7zEmqI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7d7b8c44a4513cee0b953027081e8ab6

Files

7d7b8c44a4513cee0b953027081e8ab6
.exe windows:4 windows x86 arch:x86

b5c9f410a2e00d0c11d50318eb78af14

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\knjej\eoewn\

Imports

user32

GetClipboardFormatNameA
CreateWindowExA
GetUserObjectInformationW
GetKBCodePage
EndTask
MessageBoxA
DdeDisconnectList
ShowWindow
DdeUninitialize
VkKeyScanA
SendMessageW
IsCharLowerW
IsDlgButtonChecked
GetComboBoxInfo
CreateDialogIndirectParamW
RegisterClassExA
CascadeChildWindows
WinHelpA
DefWindowProcW
SetDlgItemTextA
EnumChildWindows
EnableWindow
LoadStringW
InvalidateRgn
CreateIconFromResource
DdeCreateStringHandleW
SetFocus
EndDialog
GetWindowTextA
FindWindowExW
RegisterClassA
DestroyWindow
MapVirtualKeyExW
SetSystemCursor
EndPaint
GetQueueStatus
CharLowerBuffA
IsMenu
GetMenuInfo

comctl32

InitCommonControlsEx
ImageList_SetImageCount
ImageList_Replace
CreateUpDownControl

shell32

SHGetFileInfoA
SHQueryRecycleBinA
DragQueryFileW
RealShellExecuteA
SHGetPathFromIDListA

kernel32

GetPrivateProfileStructW
CompareStringW
GetThreadTimes
SetConsoleCtrlHandler
GetSystemTimeAsFileTime
GetDateFormatA
DeleteCriticalSection
TlsFree
HeapSize
TlsSetValue
LeaveCriticalSection
GetModuleHandleW
GetConsoleMode
IsBadReadPtr
CreateSemaphoreA
GetConsoleTitleW
FindResourceA
CreateMutexA
SetCurrentDirectoryW
EnterCriticalSection
HeapReAlloc
SetConsoleActiveScreenBuffer
DuplicateHandle
FindFirstFileExA
EnumDateFormatsExW
IsValidLocale
GetCurrentProcess
GetWindowsDirectoryA
GetStartupInfoA
ReadConsoleOutputA
GetTempFileNameW
GetProfileSectionA
SetConsoleCP
GetTimeZoneInformation
ReadFile
FindNextChangeNotification
InterlockedExchange
SetConsoleTitleA
GlobalAddAtomA
TlsAlloc
EnumSystemLocalesA
OpenEventW
GetStringTypeW
CreateDirectoryExW
lstrlenA
TerminateProcess
GetConsoleOutputCP
VirtualAlloc
GetFileType
SetLastError
LocalLock
UnhandledExceptionFilter
WritePrivateProfileSectionA
GetTickCount
LoadLibraryA
RtlUnwind
DebugBreak
GetCurrentThread
FreeLibrary
SetUnhandledExceptionFilter
WriteProfileStringW
GetCPInfo
GetLocalTime
FlushFileBuffers
IsDebuggerPresent
HeapFree
GetConsoleCP
FindClose
GetProcAddress
GetCommandLineA
SetEnvironmentVariableA
EnumCalendarInfoExA
GetNamedPipeHandleStateA
RaiseException
MapViewOfFileEx
GetLocaleInfoA
OutputDebugStringA
QueryPerformanceCounter
OpenMutexA
CreateProcessA
CloseHandle
CreateFileA
WideCharToMultiByte
GetEnvironmentStrings
CreateEventA
WaitForSingleObjectEx
GetModuleHandleA
VirtualQueryEx
GetLastError
GetProcessAffinityMask
ExitProcess
InterlockedIncrement
WriteConsoleA
LCMapStringW
GetStringTypeA
GetShortPathNameW
SetHandleCount
TerminateThread
GetProfileStringA
LoadLibraryW
VirtualProtect
WritePrivateProfileStringW
GetModuleFileNameW
InterlockedDecrement
HeapValidate
GetNamedPipeHandleStateW
GlobalCompact
SetLocalTime
TryEnterCriticalSection
GetTimeFormatA
GetEnvironmentStringsW
FreeEnvironmentStringsA
ReleaseMutex
GetCurrentThreadId
FindFirstFileExW
CompareStringA
VirtualFree
CreateMailslotW
GetLocaleInfoW
GetTimeFormatW
CreateWaitableTimerA
MultiByteToWideChar
VirtualQuery
SetCurrentDirectoryA
FindNextFileA
FreeEnvironmentStringsW
HeapDestroy
GetUserDefaultLCID
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetACP
GetOEMCP
Sleep
GetModuleFileNameA
HeapCreate
WriteConsoleW
LoadLibraryExA
FindFirstFileA
GetProcessHeap
LCMapStringA
WriteProfileSectionW
WriteConsoleOutputCharacterA
GetTempPathW
TlsGetValue
OutputDebugStringW
HeapAlloc
EnumResourceLanguagesW
EnumCalendarInfoExW
GetCurrentProcessId
WriteFile
SetFilePointer
IsValidCodePage
SetStdHandle

Sections

.text
Size: 280KB - Virtual size: 279KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 296KB - Virtual size: 295KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b5c9f410a2e00d0c11d50318eb78af14

Headers

File Characteristics

PDB Paths

Imports

user32

comctl32

shell32

kernel32

Sections

.text Size: 280KB - Virtual size: 279KB

.rdata Size: 296KB - Virtual size: 295KB

.data Size: 112KB - Virtual size: 129KB

.rsrc Size: 64KB - Virtual size: 60KB

.text
Size: 280KB - Virtual size: 279KB

.rdata
Size: 296KB - Virtual size: 295KB

.data
Size: 112KB - Virtual size: 129KB

.rsrc
Size: 64KB - Virtual size: 60KB