7ea6387d0bf62f5a2bf6ce7d370dfccc

Sharing

Copy URL Twitter E-mail

General

Target

7ea6387d0bf62f5a2bf6ce7d370dfccc
Size

199KB
MD5

7ea6387d0bf62f5a2bf6ce7d370dfccc
SHA1

0a05e3bc9a363b3ab7079b0cd5afb9320194aa9f
SHA256

c13a4203657c0c6986432aa241c0bd4a29b7d76d6cc1bdb934a4a371fb7cab9e
SHA512

e16878e72c0ad26b00170118b96f344c4bd9eb17f681633a3228a090595e930ac6bf291f5cc5dc6ae2bc84320e3dc970a6838ac1a97d444f143ce177c5e74c33
SSDEEP

6144:9nlkZQfdSki/Z1MXuZbnMNjgbu2rNfyFcj9aH6G2m+K:/BFnMdbu2rNfMcj0H/2m+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7ea6387d0bf62f5a2bf6ce7d370dfccc

Files

7ea6387d0bf62f5a2bf6ce7d370dfccc
.exe windows:5 windows x86 arch:x86

d7cf7dc37592b54bc1b30a458be6a774

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Q:\nvMjYufu\ynfajspe\Boxy.pdb

Imports

ntdll

_vsnprintf

kernel32

ClearCommError
CreateFileMappingW
OpenFile
GlobalAddAtomW
LocalLock
HeapWalk
OutputDebugStringA
GetTempPathA
OpenMutexA
AreFileApisANSI
MulDiv
DeviceIoControl
LoadLibraryW

gdi32

GetClipBox
SetTextAlign
RoundRect
PathToRegion
EndPage
SetTextColor
GetNearestPaletteIndex
Escape
PatBlt

comctl32

DestroyPropertySheetPage
ImageList_GetImageCount
ImageList_ReplaceIcon
PropertySheetW

user32

UpdateWindow
GetForegroundWindow
FillRect
MapVirtualKeyExW
GetFocus
VkKeyScanW
MapVirtualKeyExA
EnumChildWindows
ShowCaret
GetKeyState
SetCursorPos
RegisterClassExA
GetCaretBlinkTime
EnableScrollBar

shlwapi

PathRemoveArgsW
ChrCmpIW

Exports

Exports

?xejavhtDam@@YGHI@Z
?zfTneHtcCw@@YGMEPA_N@Z
?smuUnmbhloyowrbjTtdEgw@@YGFHPAF@Z
?HDdfiwnODOnik@@YGFPAMN@Z

Sections

.itext
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d7cf7dc37592b54bc1b30a458be6a774

Headers

File Characteristics

PDB Paths

Imports

ntdll

kernel32

gdi32

comctl32

user32

shlwapi

Exports

Exports

Sections

.itext Size: 512B - Virtual size: 512B

.text Size: 36KB - Virtual size: 36KB

.rdata Size: 58KB - Virtual size: 58KB

.data Size: 92KB - Virtual size: 168KB

.rsrc Size: 8KB - Virtual size: 8KB

.reloc Size: 3KB - Virtual size: 3KB

.itext
Size: 512B - Virtual size: 512B

.text
Size: 36KB - Virtual size: 36KB

.rdata
Size: 58KB - Virtual size: 58KB

.data
Size: 92KB - Virtual size: 168KB

.rsrc
Size: 8KB - Virtual size: 8KB

.reloc
Size: 3KB - Virtual size: 3KB