7ef79d02f9ab40159c8ebe99fb60b2de

Sharing

Copy URL

Twitter E-mail

General

Target

7ef79d02f9ab40159c8ebe99fb60b2de
Size

121KB
MD5

7ef79d02f9ab40159c8ebe99fb60b2de
SHA1

46168630801d03e01541371a05702001ebb0c7ed
SHA256

e5ba3098da18173e3608d39eede02072fc4416d421da7bf8688cd84437fb28e4
SHA512

fed36baeba9c3f17e10f1d6e57dd5ff68035c038d6aa8e64bf49e9e501aa2aec48209ef41a134ace50fcbeb1a017f49fa1d91bfd218c359226612b26bc850bbc
SSDEEP

3072:vg5G3CkhiHMc/jBd6gSpkF+OiJct2tZClLt:vgonhiHMycfp9OQvnCz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7ef79d02f9ab40159c8ebe99fb60b2de

Files

7ef79d02f9ab40159c8ebe99fb60b2de
.exe windows:4 windows x86 arch:x86

a6c30b2e7884ec76cf960ed62105f0e5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RaiseException
GetLastError
InitializeCriticalSection
DeleteCriticalSection
SizeofResource
LockResource
LoadResource
FindResourceA
FindResourceExA
lstrcmpiA
lstrlenW
lstrlenA
LocalFree
EnterCriticalSection
LeaveCriticalSection
FreeLibrary
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
GetModuleHandleA
GetModuleFileNameA
LoadLibraryExA
lstrcpynA
IsDBCSLeadByte
GetProcAddress
LoadLibraryA
SetCurrentDirectoryA
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
CreateProcessA
CloseHandle
lstrcatA
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
ExitProcess
GetProcessHeap

user32

LoadStringA
CharNextA

advapi32

RegEnumKeyExA
RegQueryInfoKeyA
RegDeleteValueA
RegCreateKeyExA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegSetValueExA

ole32

CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance

oleaut32

VarUI4FromStr

msvcr71

?terminate@@YAXXZ
__set_app_type
realloc
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_amsg_exit
_acmdln
exit
_cexit
_ismbblead
_XcptFilter
_exit
_c_exit
_onexit
__dllonexit
??1type_info@@UAE@XZ
__security_error_handler
atoi
isdigit
??_U@YAPAXI@Z
??_V@YAXPAX@Z
??2@YAPAXI@Z
memmove
memcpy
strlen
??0exception@@QAE@ABV0@@Z
_ismbcspace
_mbsinc
strcpy
_purecall
__CxxFrameHandler
??0exception@@QAE@XZ
??1exception@@UAE@XZ
??3@YAXPAX@Z
_CxxThrowException
_mbspbrk
_mbsnbcpy
_mbschr
_except_handler3
_resetstkoflw
free
malloc
memset
_controlfp

msvcp71

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?find_last_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hrdata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a6c30b2e7884ec76cf960ed62105f0e5

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

msvcr71

msvcp71

Sections

.text Size: 24KB - Virtual size: 21KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 4KB - Virtual size: 500B

.rsrc Size: 8KB - Virtual size: 5KB

.hrdata Size: 68KB - Virtual size: 68KB

.text
Size: 24KB - Virtual size: 21KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 500B

.rsrc
Size: 8KB - Virtual size: 5KB

.hrdata
Size: 68KB - Virtual size: 68KB