7dd49330350de8a41fec218ffd33f582

Sharing

Copy URL Twitter E-mail

General

Target

7dd49330350de8a41fec218ffd33f582
Size

720KB
MD5

7dd49330350de8a41fec218ffd33f582
SHA1

7d4b223e38ad7fa51f16a9a4498f6e45ab8f7fb5
SHA256

cb6a6c23ef5ebe0c97ada4ee4c6aaef4c45219c0e9ae87435d9050934beb0744
SHA512

cf8490b60fd872ab1c2714fcc4d850d061737fbb57b720049f785a7481bfa575a75af641290c7bd3242f59c6f221c500b3d4dc31bfb9b6ab38c5d167f08a8a75
SSDEEP

12288:5g/NiWsKvkfhE+GNrhod/fqkPjKnuYYHk2aMG7LSbJi93LZyrJGGAGX:5WiHZEFQ9CkPjNYB279i93LwYGAGX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7dd49330350de8a41fec218ffd33f582

Files

7dd49330350de8a41fec218ffd33f582
.exe windows:4 windows x86 arch:x86

77f2c9687a8fd49413cde7c5370a5caa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\yxrt\auklp\fzzfg\hof\ptzgyedme\bnei.PDB

Imports

shlwapi

PathFindExtensionW
PathRemoveBlanksW

winmm

mixerGetLineControlsA
mixerGetControlDetailsA
waveOutGetDevCapsA
waveOutClose
mciGetErrorStringA
mixerGetLineInfoA

comctl32

ImageList_DragEnter
ImageList_Draw
ImageList_LoadImageA
ImageList_DragLeave
ord17

gdi32

StartPage
MoveToEx
FillRgn
Rectangle
SetBkMode
EndDoc
EndPage
GetNearestColor
Polyline
SetMapMode
ScaleViewportExtEx
ScaleWindowExtEx
OffsetViewportOrgEx
DeleteDC
OffsetRgn
CopyMetaFileA
GetDeviceCaps
SetBkColor
CreateDCA
DPtoLP
GetTextMetricsA
SetDIBits
GetViewportExtEx
GetObjectA
CreateRectRgnIndirect
RoundRect
SelectObject
DeleteObject
CombineRgn
CreateBitmap
CreateFontIndirectA
PtVisible

advapi32

RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA
RegisterEventSourceA
FreeSid
CopySid
RegEnumKeyExA
RegDeleteKeyA
GetLengthSid
GetTokenInformation
StartServiceCtrlDispatcherA
RegDeleteValueA
RegQueryInfoKeyA
DeleteService
RegCloseKey
ReportEventA
DeregisterEventSource
GetUserNameA
CreateServiceA
RegSetValueExA

shell32

SHGetSpecialFolderLocation
SHGetDesktopFolder
ShellExecuteA
DragFinish
ord155
SHBrowseForFolderA

user32

RegisterClassExA
ShowWindow
LoadStringA
RegisterClassA
DefWindowProcA
RegisterWindowMessageA
DestroyWindow
MessageBoxA
GetLastActivePopup
CreateWindowExA
LoadCursorA
LoadIconA

kernel32

SetFilePointer
SetStdHandle
WideCharToMultiByte
TlsAlloc
GetLocaleInfoA
GetFileType
TlsGetValue
InterlockedExchange
GetTimeZoneInformation
GetVersionExA
ExitProcess
FlushFileBuffers
TerminateProcess
GetModuleHandleA
GetEnvironmentStringsW
CompareStringW
GetStringTypeW
ReadFile
LCMapStringA
GetStringTypeA
HeapReAlloc
QueryPerformanceCounter
HeapSize
OpenMutexA
GetCurrentThreadId
FreeEnvironmentStringsW
GetDateFormatA
GetProcAddress
LCMapStringW
VirtualFree
GetCommandLineA
GetStartupInfoA
VirtualProtect
MultiByteToWideChar
DeleteCriticalSection
RaiseException
EnterCriticalSection
TlsSetValue
CreateMutexA
GetCPInfo
VirtualQuery
GetEnvironmentStrings
LeaveCriticalSection
HeapDestroy
UnhandledExceptionFilter
GetTickCount
SetUnhandledExceptionFilter
GetCurrentProcessId
HeapFree
GetSystemInfo
GetACP
RtlUnwind
HeapCreate
SetHandleCount
SetEnvironmentVariableA
GetTimeFormatA
HeapAlloc
CloseHandle
SetLastError
VirtualAlloc
TlsFree
InitializeCriticalSection
CompareStringA
IsBadCodePtr
GetCurrentProcess
LoadLibraryA
GetSystemTimeAsFileTime
GetOEMCP
GetLastError
GetStdHandle
GetModuleFileNameA
WriteFile
FreeEnvironmentStringsA

ole32

OleRegEnumVerbs
GetRunningObjectTable
OleRegGetMiscStatus

oleaut32

LoadTypeLi

Sections

.text
Size: 100KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 468KB - Virtual size: 465KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

77f2c9687a8fd49413cde7c5370a5caa

Headers

File Characteristics

PDB Paths

Imports

shlwapi

winmm

comctl32

gdi32

advapi32

shell32

user32

kernel32

ole32

oleaut32

Sections

.text Size: 100KB - Virtual size: 96KB

.rdata Size: 468KB - Virtual size: 465KB

.data Size: 112KB - Virtual size: 138KB

.rsrc Size: 36KB - Virtual size: 33KB

.text
Size: 100KB - Virtual size: 96KB

.rdata
Size: 468KB - Virtual size: 465KB

.data
Size: 112KB - Virtual size: 138KB

.rsrc
Size: 36KB - Virtual size: 33KB