7e7a513d9395107d2734862c02d0be7f

Sharing

Copy URL Twitter E-mail

General

Target

7e7a513d9395107d2734862c02d0be7f
Size

130KB
MD5

7e7a513d9395107d2734862c02d0be7f
SHA1

15c3bad23b2b6a3c46f05ddb2977a7b76fd82ed4
SHA256

74d37ee4ad34b5519b221d865bb8ddc6fecb2030b7e153aeae9e8fa28b472522
SHA512

23dfa62849b6b43220f1f647724999b9061d83d0a2ffcb358ec14154f9828f620be718689567aba8b39f8886b166e00d9605d1defd181e50037a2c074108f988
SSDEEP

3072:39eP/ahuH/82ke46LPIxJBtXCrTUlKHXj7KkDNU0SKUBqvax/5S:3pEfIMIx3tXCQaj9D+0Sjcyu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7e7a513d9395107d2734862c02d0be7f

Files

7e7a513d9395107d2734862c02d0be7f
.exe windows:4 windows x86 arch:x86

5ab66ad23549a00f9b08bbcc320c41fb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

towupper
_read
printf
__set_app_type
_pctype
longjmp
exit
fputc
_getpid
_setmode
_adjust_fdiv
__setusermatherr
_except_handler3
__CxxFrameHandler
__p__fmode
_acmdln
strrchr
fopen
bsearch
_XcptFilter
_initterm
_beginthreadex
log10
__p__commode
_controlfp
__getmainargs

kernel32

DeviceIoControl
FileTimeToSystemTime
IsBadCodePtr
GetModuleHandleA
SetCurrentDirectoryA
FlushFileBuffers
GetFileAttributesA
GetSystemDefaultLCID
GetStartupInfoA
VirtualProtect
DeleteFileA
MultiByteToWideChar
IsValidCodePage
LCMapStringW

comctl32

ImageList_GetImageCount
PropertySheetW
ImageList_Read
CreatePropertySheetPageA
ImageList_DrawEx
ImageList_SetIconSize
ImageList_DragLeave
PropertySheetA
ImageList_Add

user32

GetKeyState
SetMenu
SetClipboardData
GetClassInfoA
SetFocus
DeleteMenu
IsZoomed
CreateMenu
WaitMessage
FrameRect
InsertMenuItemA

shell32

SHGetFileInfoA
SHGetFolderLocation
SHCreateDirectoryExW
SHFileOperationA
ExtractIconExA
SHGetFolderPathA
DragFinish
SHAppBarMessage

oleaut32

SysStringLen
SafeArrayCreate
CreateErrorInfo
GetErrorInfo
SafeArrayGetUBound
SysFreeString
GetActiveObject
SafeArrayPutElement
VariantInit
SafeArrayUnaccessData

gdi32

GetViewportOrgEx
DeleteDC
BeginPath
CopyMetaFileA
GetDIBColorTable
GetEnhMetaFileDescriptionA
CreateEllipticRgn

advapi32

RegCloseKey
CheckTokenMembership
RegDeleteValueA
InitializeAcl
RegFlushKey
RegCreateKeyExA
RegOpenKeyA
OpenServiceA
OpenThreadToken
RegQueryValueExW
IsValidSid
RegOpenKeyExW

ole32

CoRevokeClassObject
CreateStreamOnHGlobal
IsAccelerator
ReleaseStgMedium
CoFreeUnusedLibraries
OleIsCurrentClipboard

version

VerInstallFileA
VerQueryValueA
VerLanguageNameA
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5ab66ad23549a00f9b08bbcc320c41fb

Headers

File Characteristics

Imports

msvcrt

kernel32

comctl32

user32

shell32

oleaut32

gdi32

advapi32

ole32

version

Sections

.text Size: 19KB - Virtual size: 18KB

.data Size: 16KB - Virtual size: 40KB

.rsrc Size: 93KB - Virtual size: 93KB

.text
Size: 19KB - Virtual size: 18KB

.data
Size: 16KB - Virtual size: 40KB

.rsrc
Size: 93KB - Virtual size: 93KB