7f1980dbc933aa9d04203be308d95841

Sharing

Copy URL Twitter E-mail

General

Target

7f1980dbc933aa9d04203be308d95841
Size

172KB
MD5

7f1980dbc933aa9d04203be308d95841
SHA1

703ad8f728c33c0e2eab7a7d4f66ab23047a303e
SHA256

b9b07f7d9c2ae1aa6e201676673d10329c582f2ca69944cfe677d1e1f894904f
SHA512

ced7e59ad6a5254a5466c58f6cf8a91c733f0271d4cad5021be9f50f95af63a73add08b19095ce3011cd3738eec4c0a5773f0a0f5b51ac459265d7dee2efcb70
SSDEEP

3072:bss7FZBTgsLVl6WEDlnyAjVxKWf0ym7Ebf8OREZy1Koqrngiv9RViYJzlOFQ:gsHxgsJl6qum78frqc89f7JOF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7f1980dbc933aa9d04203be308d95841

Files

7f1980dbc933aa9d04203be308d95841
.exe windows:4 windows x86 arch:x86

ff576dcd642abd6366a56de8f897c287

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

IsWindowEnabled
EnableWindow
GetParent
GetWindowTextW
GetMenuCheckMarkDimensions
ModifyMenuW
EnableMenuItem
MessageBoxW
GetSysColor
LoadBitmapW
GetDC
CheckMenuItem
ReleaseDC
GetLastActivePopup
GetWindowLongW
GetSystemMetrics
LoadCursorW
GetSysColorBrush

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

ole32

CoCreateInstance
CoUninitialize
CoInitialize

gdi32

ExtTextOutW
PtVisible
ScaleWindowExtEx
SetViewportExtEx
SelectObject
SaveDC
SetBkColor
DeleteObject
SetViewportOrgEx
ScaleViewportExtEx
DeleteDC
GetDeviceCaps
SetMapMode
SetTextColor
RectVisible
CreateBitmap
OffsetViewportOrgEx
TextOutW
Escape
RestoreDC
SetWindowExtEx
GetClipBox
GetStockObject

shlwapi

PathFileExistsW
PathAppendW
PathFindFileNameW
PathFindExtensionW

shell32

SHGetSpecialFolderPathW

kernel32

UnhandledExceptionFilter
IsBadReadPtr
IsBadWritePtr
GetStartupInfoA
HeapDestroy
HeapSize
GetShortPathNameW
GetFileType
GetSystemInfo
WriteFile
GetTickCount
VirtualQuery
IsBadCodePtr
GetModuleFileNameA
SetUnhandledExceptionFilter
GetOEMCP
GetProcessAffinityMask
GetCurrentProcess
RtlUnwind
QueryPerformanceCounter
FlushFileBuffers
GetEnvironmentStrings
EnumResourceTypesW
TerminateProcess
GetStdHandle
SetFilePointer
HeapCreate
GetCommandLineA
SetHandleCount
VirtualProtect
HeapFree
HeapAlloc
GetFileAttributesA
LCMapStringA
GetStringTypeA
SetStdHandle
GetCPInfo
LCMapStringW
GetSystemTimeAsFileTime
HeapReAlloc
FreeEnvironmentStringsW
VirtualFree
GetCurrentProcessId
VirtualAlloc
GetStringTypeW
GetEnvironmentStringsW
ExitProcess

Sections

.text
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ff576dcd642abd6366a56de8f897c287

Headers

File Characteristics

Imports

user32

advapi32

winspool.drv

ole32

gdi32

shlwapi

shell32

kernel32

Sections

.text Size: 101KB - Virtual size: 100KB

.rdata Size: 3KB - Virtual size: 2KB

.bss Size: 66KB - Virtual size: 66KB

.tls Size: 1024B - Virtual size: 252KB

.text
Size: 101KB - Virtual size: 100KB

.rdata
Size: 3KB - Virtual size: 2KB

.bss
Size: 66KB - Virtual size: 66KB

.tls
Size: 1024B - Virtual size: 252KB