7da823e3c311c692180d19859e7aea67

Sharing

Copy URL Twitter E-mail

General

Target

7da823e3c311c692180d19859e7aea67
Size

134KB
MD5

7da823e3c311c692180d19859e7aea67
SHA1

398192d872304a57ed3eec24314306345596376d
SHA256

c4c251d2630956028eb4451f4f304a5441cabc12274ec3eca05c2e5105721914
SHA512

5f81543cd704d1df267593b29d0eb41f189a083ff877aa18733c7964bee9b0e889b7bd944efb07522c9903e57ebf3d1730e9609bfcd264a07f3ba13241ed0971
SSDEEP

3072:1zKBTxJfY5VUTIgKoLe9jrvjgH+bXylfTrHp+6kW2QhedK:BKepncc/vjTA3Hr2QgQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7da823e3c311c692180d19859e7aea67

Files

7da823e3c311c692180d19859e7aea67
.exe windows:0 windows x86 arch:x86

3e1dc378882f53b5271a1843936b4773

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFree
LCMapStringW
TlsSetValue
VirtualAlloc
HeapReAlloc
GetStartupInfoA
HeapCreate
_lopen
GetTickCount
GlobalAlloc
CreateFileMappingA
SetFilePointer
FindFirstFileExA
GetProfileSectionW
GetCommandLineA
GetCurrentProcess
IsDBCSLeadByte
GetStringTypeA
GetSystemInfo
GetOEMCP
GetFirmwareEnvironmentVariableA
DeleteFileA
SetCalendarInfoA
ExitProcess
EnumResourceTypesA
FindResourceExA
FreeLibrary
GetCPInfo
InterlockedExchange
ExitProcess
SetHandleCount
LoadResource
GetPrivateProfileIntA
DeleteCriticalSection
EnterCriticalSection
GetFileInformationByHandle
DnsHostnameToComputerNameW
MultiByteToWideChar
GetCPInfoExW
MoveFileA
lstrcmpA
GetStringTypeW
GetLastError
QueryPerformanceCounter
CopyLZFile
VirtualFree
LocalAlloc
HeapCreate
EnumSystemGeoID
GetSystemDefaultUILanguage
UnhandledExceptionFilter
LCMapStringA
UTRegister
ReadConsoleOutputA
GetFullPathNameA
WritePrivateProfileStringA
GlobalLock
GetEnvironmentStringsW
GetVersionExA
FreeEnvironmentStringsW
LZRead
SetFileAttributesA
RtlUnwind
QueryMemoryResourceNotification
GlobalFree
GetCurrentProcessId
GetFileAttributesExA
SetHandleCount
GetAtomNameW
SizeofResource
WritePrivateProfileSectionA
_llseek
WriteFileGather
GetCurrentDirectoryA
OpenProfileUserMapping
FindFirstChangeNotificationW
CreateFileA
GetModuleHandleExA
LockFileEx
ExpungeConsoleCommandHistoryA
GetFileAttributesA
LockResource
CompareStringA
FormatMessageA
EnumResourceNamesA
_lclose
GetPrivateProfileSectionA
DefineDosDeviceA
lstrlenA
ProcessIdToSessionId
TlsAlloc
GetLocaleInfoA
GetShortPathNameA
FlushFileBuffers
HeapDestroy
CreateDirectoryA
WideCharToMultiByte
SetLastError
GetFileAttributesExW
lstrcpynA
OpenFileMappingA
FreeResource
OpenFileMappingW
GetFileType
Module32Next
EnumResourceLanguagesA
WTSGetActiveConsoleSessionId
GetTempPathA
GetPriorityClass
GetPrivateProfileStringA
_lread
_lwrite
FindFirstFileA
BackupWrite
SetLastError
SetEnvironmentVariableA
EnumSystemLocalesA
MapViewOfFile
GetTempFileNameA
SetUnhandledExceptionFilter
lstrcatA
CloseHandle
LoadResource
EnumLanguageGroupLocalesW
VirtualQuery
GetVersionExA
UnmapViewOfFile
DebugActiveProcess
GetProcessHeap
GetLastError
ReadFile
SetStdHandle
LeaveCriticalSection
HeapAlloc
SetClientTimeZoneInformation
HeapFree
lstrcpyA
FreeUserPhysicalPages
TerminateProcess
LCMapStringA
CreateProcessA
AttachConsole
lstrcmpiA
GetACP
CopyFileA
AddVectoredExceptionHandler
GetSystemTimeAsFileTime
GetSystemTime
LocalReAlloc
FreeConsole
CreateMailslotA
GetStdHandle
GlobalUnlock
GetProfileIntA
FreeEnvironmentStringsA

gdi32

CreateFontIndirectA
GetObjectA
GetStockObject
GetDeviceCaps
DeleteObject

user32

VkKeyScanW
SetCaretPos
GetDC
GetDlgItemTextA
ReuseDDElParam
CharPrevExA
PostMessageA
CloseWindowStation
DdeEnableCallback
LoadStringA
DispatchMessageA
RegisterRawInputDevices
DrawFocusRect
GetSystemMetrics
CheckDlgButton
MessageBoxA
GetUserObjectInformationA
EnumThreadWindows
IsCharAlphaW
CreateWindowExW
GetClassInfoExW
MapWindowPoints
ReleaseDC
ToAscii
MessageBoxIndirectW
CheckRadioButton
TabbedTextOutW
LoadAcceleratorsW
SendDlgItemMessageW
SetProgmanWindow
PostMessageW
EnableWindow
UserLpkTabbedTextOut
SetDlgItemTextA
GetWindowRect
DdeQueryStringA
RealGetWindowClassA
IsDlgButtonChecked
DdeUninitialize
GetMenuItemInfoA
SetMenu
wsprintfA
FlashWindowEx
DlgDirListA
EnumDisplayDevicesA
DdeDisconnectList
GetClipboardOwner
GetWindowLongA
LoadBitmapA
LoadCursorFromFileA
SendInput
RegisterWindowMessageA
CharToOemA
SetFocus
DdeNameService
AppendMenuW
GetWindowRect
CharPrevA
LoadMenuIndirectW
IsChild
CreateMDIWindowW
GetParent
SendMessageA
ShowCaret
CharToOemBuffA
CreatePopupMenu
GetDlgItemTextA
MsgWaitForMultipleObjects
EnumWindowStationsW
GetCaretPos
SetCapture
SetShellWindow
GetMonitorInfoA
User32InitializeImmEntryTable
ToUnicodeEx
SetTaskmanWindow
OpenClipboard
ShowWindow
RegisterDeviceNotificationA
RegisterServicesProcess
MessageBeep
SendDlgItemMessageA
DeferWindowPos
ModifyMenuW
SendMessageCallbackA
SetParent
DrawIconEx
DlgDirSelectComboBoxExA
IMPSetIMEA
GetRawInputDeviceInfoA
SetWindowLongA
AllowForegroundActivation
GetMessageA
MessageBeep
CharNextA
GetWinStationInfo
GetWindowLongA
LoadCursorFromFileW
ShowWindow

comctl32

CreatePropertySheetPageA
DestroyPropertySheetPage

comdlg32

GetSaveFileNameA
GetOpenFileNameA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

imagehlp

CheckSumMappedFile

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

pdh

PdhGetDefaultPerfCounterW
PdhGetLogFileTypeW
PdhEnumObjectItemsW
PdhLookupPerfIndexByNameW
PdhEnumObjectsA
PdhSelectDataSourceW
PdhOpenQuery
PdhGetRawCounterArrayW
PdhOpenQueryA
PdhSetCounterScaleFactor
PdhExpandCounterPathA
PdhParseInstanceNameA
PdhParseCounterPathW
PdhLookupPerfNameByIndexA
PdhEnumObjectsW
PdhValidatePathA
PdhCollectQueryData
PdhFormatFromRawValue
PdhGetLogSetGUID
PdhBrowseCountersHA
PdhUpdateLogA
PdhCollectQueryDataEx
PdhValidatePathW
PdhVbGetLogFileSize
PdhEnumMachinesW
PdhOpenLogA
PdhMakeCounterPathW
PdhComputeCounterStatistics
PdhOpenQueryH
PdhRelogA
PdhTranslateLocaleCounterW
PdhIsRealTimeQuery
PdhLookupPerfIndexByNameA
PdhGetDataSourceTimeRangeA
PdhVbIsGoodStatus
PdhGetLogFileTypeA
PdhExpandWildCardPathHW
PdhConnectMachineA
PdhReadRawLogRecord
PdhBrowseCountersHW

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 105KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3e1dc378882f53b5271a1843936b4773

Headers

File Characteristics

Imports

kernel32

gdi32

user32

comctl32

comdlg32

version

imagehlp

advapi32

pdh

Sections

.text Size: 13KB - Virtual size: 12KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 6KB - Virtual size: 17KB

.rsrc Size: 105KB - Virtual size: 152KB

.text
Size: 13KB - Virtual size: 12KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 6KB - Virtual size: 17KB

.rsrc
Size: 105KB - Virtual size: 152KB