7df01679f934af1d66e8019090b4321f

Sharing

Copy URL Twitter E-mail

General

Target

7df01679f934af1d66e8019090b4321f
Size

864KB
MD5

7df01679f934af1d66e8019090b4321f
SHA1

65445e03c6f30c8ef8c8324a34dbcf42e287aa78
SHA256

56b0276f3bb6960a5fff60d810b29c00bb0a07a8531bbb68f1a1278d9e5054c4
SHA512

50a6b0fd03d52318e61b4b8e972d7d63873818e4965266fac9ef1cec1ad93875d804de7d6caf6eb3154cf25cc4d2432f238374cc2c9944627a7d9f205860bd16
SSDEEP

24576:4qclid4kwMzi7O1f1AFsLzJUMLv7jRJFpvM4:jAi9wMzTZ1AFwzJUCpvM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7df01679f934af1d66e8019090b4321f

Files

7df01679f934af1d66e8019090b4321f
.exe windows:5 windows x86 arch:x86

003d449ecafb9bbf6ca442ee7dcd69ff

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateDIBPatternBrushPt
EngStrokeAndFillPath
GdiGetSpoolFileHandle
TextOutW
ModifyWorldTransform
DdEntry34
CreateBitmapIndirect
SelectClipRgn
ChoosePixelFormat
ExtCreatePen
DdEntry14
DdEntry48
SetPixelV
EngFindResource
EngComputeGlyphSet
GetEnhMetaFileW
DeleteEnhMetaFile
DdEntry30
SetMiterLimit
GetTextCharset
GetTextExtentExPointI
GetWindowOrgEx
FillRgn
XFORMOBJ_iGetXform
GdiSwapBuffers
AddFontResourceA
GdiGetDevmodeForPage
GetSystemPaletteEntries
DdEntry20
STROBJ_dwGetCodePage
CreateFontIndirectW
Pie
PlgBlt
SetDIBits
CreatePolygonRgn
SetMetaFileBitsEx
GdiStartDocEMF
GdiCreateLocalMetaFilePict
GetBitmapDimensionEx
EnumFontsW
EqualRgn
CreateEnhMetaFileA
GdiPlayDCScript

msvcrt

_execle
__lc_handle
_mbscmp
__set_app_type
_jn
_getche
_heapwalk
_chsize
exit
sprintf
_mbclen
??_Fbad_typeid@@QAEXXZ
_wcstoui64
_set_error_mode
wcstombs
_cwait
_mbscspn
_CxxThrowException
??_Ebad_typeid@@UAEPAXI@Z
_lrotl
_cwprintf
wcsxfrm
_wexecl
_getdrives
_pipe
strpbrk
malloc
atol
_Getdays
_mbctombb
__p__commode
iscntrl
_mbsicoll
rewind
fputs
fread
freopen
??1exception@@UAE@XZ
raise
_wrmdir
___lc_handle_func
??_U@YAPAXI@Z
_adjust_fdiv
__getmainargs
_mbbtype
_inp
_exit

msorcl32

SQLSetCursorName
SQLPrimaryKeys
SQLExtendedFetch
SQLStatistics
SQLSetPos
SQLBindParameter
SQLConnect
SQLTables
ConfigDSN
SQLParamData
SQLColumns
SQLColAttributes
SQLGetConnectOption
SQLPutData
SQLError
SQLAllocConnect
SQLExecute
SQLGetInfo
SQLGetStmtOption
SQLGetCursorName
SQLCancel
SQLBindCol
SQLFreeStmt
SQLTransact
SQLDisconnect
SQLProcedureColumns
SQLExecDirect
SQLDescribeParam
SQLPrepare
SQLSetConnectOption
SQLProcedures
SQLForeignKeys
DllMain
SQLGetData
SQLSetScrollOptions
SQLFetch
SQLRowCount
SQLDriverConnect
SQLAllocStmt

user32

RegisterClassW
PostQuitMessage
DefWindowProcW

opengl32

glColor3b
glPolygonOffset
glGetPixelMapfv
glRasterPos3f
wglRealizeLayerPalette
glColor3ui
glClearIndex
glGetTexLevelParameteriv
glMap2f
glVertex3f
glClearDepth
glRasterPos2iv
glGetTexEnvfv
glLoadMatrixd
glTexCoord1i
glTexImage1D
glTexEnviv
glGetTexGeniv
glTexCoord1s
glMatrixMode
glGetMapdv
glEdgeFlagv
glGetTexImage
glIsList
glTexSubImage1D
glTexCoord4i
glPopMatrix
glPixelStorei
glGetPixelMapusv
glIndexsv
glGetMaterialiv
glGenTextures
glMapGrid1d
glEvalCoord1f
glHint

ntdll

NtAccessCheckByTypeAndAuditAlarm
NtAccessCheck
RtlDnsHostNameToComputerName
RtlQueryInformationActivationContext
RtlSetCriticalSectionSpinCount
RtlxAnsiStringToUnicodeSize
RtlUpcaseUnicodeToOemN
RtlEnterCriticalSection
RtlAddAccessDeniedAceEx
ZwSetSystemTime
ZwQueryVirtualMemory
RtlUnwind
NtQueryQuotaInformationFile
CsrFreeCaptureBuffer
LdrFindResource_U
RtlGenerate8dot3Name
ZwRemoveProcessDebug
ZwCreateIoCompletion
NtSetInformationDebugObject
RtlDeleteAtomFromAtomTable
NtAreMappedFilesTheSame
RtlReleasePebLock
NtCreateWaitablePort
_wcsicmp
ZwCancelIoFile

kernel32

VirtualUnlock
SetProcessPriorityBoost
LZCopy
GetEnvironmentStringsA
EnumResourceNamesW
VirtualAlloc
CreateFileMappingW
GetStringTypeExA
WriteConsoleInputW
BuildCommDCBAndTimeoutsA
VerLanguageNameW
GetSystemPowerStatus
EnumUILanguagesW
LoadLibraryA
SetDefaultCommConfigW
GetCommandLineA
LocalUnlock
GetConsoleDisplayMode
GetFileInformationByHandle
FillConsoleOutputCharacterW
GetNamedPipeInfo
EnumSystemCodePagesW
OpenWaitableTimerW
QueryPerformanceCounter
SetLocalTime
MoveFileWithProgressA
GetVolumeNameForVolumeMountPointA
FindClose
AddLocalAlternateComputerNameA

Sections

.text
Size: 377KB - Virtual size: 377KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 195KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 288KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

003d449ecafb9bbf6ca442ee7dcd69ff

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

msvcrt

msorcl32

user32

opengl32

ntdll

kernel32

Sections

.text Size: 377KB - Virtual size: 377KB

.rdata Size: 195KB - Virtual size: 195KB

.data Size: 288KB - Virtual size: 1.7MB

.rsrc Size: 1024B - Virtual size: 1024B

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 377KB - Virtual size: 377KB

.rdata
Size: 195KB - Virtual size: 195KB

.data
Size: 288KB - Virtual size: 1.7MB

.rsrc
Size: 1024B - Virtual size: 1024B

.reloc
Size: 1024B - Virtual size: 1024B