7d7febbfc6a3849ac09cbbcecf8bbff0

General

Target

7d7febbfc6a3849ac09cbbcecf8bbff0
Size

111KB
MD5

7d7febbfc6a3849ac09cbbcecf8bbff0
SHA1

4d1894ef7ad918f934049daff79e2227c74b1c9b
SHA256

158ed653d7411e65149604831ad69e94c4b3eea0f863e64cff6c1de8ae3fb59e
SHA512

5a3f53c7062e80437859a445957f432e8779cf3824ce3894c1e0cb2fdbbf53d04ff01ff85c52bd752c13d3b0ac04d583b10f14c1014fac51ed918d3281a6846c
SSDEEP

1536:kQOYhsUeLauvLMRWH8xbk7C7r4WOAc0kIahueVSXtrfGH+owcJcqExqMZZjiw:bratLTDMczDduUSXxeJcTx3Zd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7d7febbfc6a3849ac09cbbcecf8bbff0

Files

7d7febbfc6a3849ac09cbbcecf8bbff0
.exe windows:5 windows x86 arch:x86

4b16c873a7b0b9f87b3e172d91853cfe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
GetOEMCP
GetWindowsDirectoryA
GetCommandLineW
GetCurrentProcess
GetConsoleOutputCP
GetDriveTypeA
lstrlenW
MulDiv
GetCommandLineA
GetCurrentProcessId
VirtualAlloc
SetCurrentDirectoryA
GlobalFindAtomA
VirtualFree
IsDebuggerPresent
RemoveDirectoryA
GetUserDefaultLangID
CopyFileA
GlobalFindAtomW
GetACP
GetCurrentThreadId
GetModuleHandleA
GetVersion
RemoveDirectoryW
DeleteFileA
GetCurrentThread
GetThreadLocale
lstrcmpiW
DeleteFileW
GetModuleHandleW
QueryPerformanceCounter
lstrcmpiA
GetTickCount
lstrcmpA
lstrlenA
GetStartupInfoA

gdi32

RestoreDC
SetStretchBltMode
GetClipBox
CreateSolidBrush
SelectPalette
GetPixel
CreateFontIndirectA
SetMapMode
DeleteObject
SetTextAlign
GetTextMetricsA
CreatePalette
SetTextColor
SaveDC
PatBlt
LineTo
SetPixel
CreatePen
SelectObject
GetStockObject
CreateCompatibleDC
GetObjectA
GetDeviceCaps
DeleteDC
RectVisible

user32

GetParent
GetDesktopWindow
GetSystemMetrics
TranslateMessage
CharNextA

glu32

gluQuadricCallback

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4b16c873a7b0b9f87b3e172d91853cfe

Headers

File Characteristics

Imports

kernel32

gdi32

user32

glu32

Sections

.text Size: 13KB - Virtual size: 12KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 79KB - Virtual size: 79KB

.rsrc Size: 11KB - Virtual size: 39KB

.text
Size: 13KB - Virtual size: 12KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 79KB - Virtual size: 79KB

.rsrc
Size: 11KB - Virtual size: 39KB