7dbc5a639c592069ef2de35d5a141da3

Sharing

Copy URL Twitter E-mail

General

Target

7dbc5a639c592069ef2de35d5a141da3
Size

52KB
MD5

7dbc5a639c592069ef2de35d5a141da3
SHA1

a94a0302069ed539f9c7f56c0c22e966c1ed169d
SHA256

121067041298c339347b5d00eb6cfa878efb179f9f43d6bde63cd9f904792e62
SHA512

1fffa8dff352deca1092279a6d12224eec4c34bc6b42bafc99c86cac61851d0dba1100cec1d52d2c2d655e8fd7acb403b71a000d8ee213a5b4b882b462444b72
SSDEEP

768:a9xZ5PfIs64KfJU5/BqWGORuPWWYxmrFfl/6jGYFa3EVOPemcwRk:aXt6bSX1WYx2Fd/6j7FaImcMk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7dbc5a639c592069ef2de35d5a141da3

Files

7dbc5a639c592069ef2de35d5a141da3
.exe windows:4 windows x86 arch:x86

1ba313a5da037468ab831e03547b9bac

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

ControlService
EqualSid
LockServiceDatabase
LookupAccountSidA
LookupPrivilegeValueA
OpenServiceA
RegCloseKey
RegFlushKey
RegQueryValueA
StartServiceCtrlDispatcherA

kernel32

CreateFileA
CreateFileMappingA
CreateMutexA
DeleteCriticalSection
DisableThreadLibraryCalls
EnumSystemLocalesA
ExitProcess
FreeLibrary
GetCommandLineA
GetConsoleOutputCP
GetCurrentProcess
GetLocalTime
GetModuleHandleA
GetPrivateProfileSectionA
GetProcessHeap
GetShortPathNameA
GetStartupInfoA
GetSystemDirectoryA
GetSystemTime
GetSystemTimeAsFileTime
GetThreadLocale
GetVersionExA
GlobalFree
HeapFree
InterlockedExchange
LCMapStringA
LeaveCriticalSection
LocalAlloc
LocalFree
Module32First
MoveFileExA
MultiByteToWideChar
OpenProcess
QueryPerformanceCounter
RaiseException
RemoveDirectoryA
ResetEvent
SetErrorMode
SetEvent
SetPriorityClass
SetStdHandle
SetUnhandledExceptionFilter
TlsFree
TlsSetValue
UnmapViewOfFile
VirtualFree
VirtualQuery
WideCharToMultiByte
lstrlenA

user32

DispatchMessageA
GetFocus
MsgWaitForMultipleObjects

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerFindFileA
VerInstallFileA
VerLanguageNameA
VerQueryValueA
VerQueryValueIndexA

Sections

.text
Size: 35KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.DATA
Size: 7KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1ba313a5da037468ab831e03547b9bac

Headers

File Characteristics

Imports

advapi32

kernel32

user32

version

Sections

.text Size: 35KB - Virtual size: 36KB

.rdata Size: 512B - Virtual size: 4KB

.DATA Size: 7KB - Virtual size: 16KB

.data Size: 6KB - Virtual size: 8KB

.idata Size: 2KB - Virtual size: 4KB

.text
Size: 35KB - Virtual size: 36KB

.rdata
Size: 512B - Virtual size: 4KB

.DATA
Size: 7KB - Virtual size: 16KB

.data
Size: 6KB - Virtual size: 8KB

.idata
Size: 2KB - Virtual size: 4KB