7f3bae3ad431749f56b362655d428061

Sharing

Copy URL

Twitter E-mail

General

Target

7f3bae3ad431749f56b362655d428061
Size

140KB
MD5

7f3bae3ad431749f56b362655d428061
SHA1

1d97fab5a02bd228af96630b0fc4abde63ba9e8b
SHA256

c7966ac42d4130e4a0fd5aa9714de58aaae5558a67f178a6d66d94e2962fa961
SHA512

72317ded4c9ae6a124f97e703fb726d5811cb8807e05387a4f0da5ff19ff10b275fecf714cc03e81ce7b904e0c6f839d957fc64e17985e79a717b2eaa8e02d2d
SSDEEP

3072:FuWhfdAafFMcPicf16S+clK84nJbTzxHFmAOJ:wWPrFMqicN6SBqJbTlHFo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7f3bae3ad431749f56b362655d428061

Files

7f3bae3ad431749f56b362655d428061
.exe windows:5 windows x86 arch:x86

09f267b81f7667209926abfd2ceb6a2b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetVersionExW
VirtualProtect
GetSystemTimeAsFileTime
SetFileAttributesA
lstrcmpA
GetEnvironmentStringsW
GetStartupInfoA

msvcrt

log
_controlfp
exit
__setusermatherr
_fileno
setlocale
realloc
_except_handler3
_XcptFilter
strncat
_stricmp
__set_app_type
__p__fmode
_initterm
strspn
_acmdln
__p__commode
__getmainargs
__p__environ
_adjust_fdiv

user32

SendDlgItemMessageA
ShowWindow
MapWindowPoints
GetLastActivePopup
SetWindowLongA
GetWindowTextA
GetCursorPos
LoadCursorA
DrawEdge
GetCapture
SetCapture
CreateMenu
InsertMenuA

comctl32

ImageList_EndDrag
CreatePropertySheetPageW
ImageList_SetBkColor
CreateToolbarEx

advapi32

RegDeleteValueW
RegQueryInfoKeyA
SetSecurityDescriptorDacl
RegQueryValueExA
LookupPrivilegeValueA
CryptGenRandom
CloseServiceHandle
RevertToSelf
CryptDestroyHash
RegSetValueExA

oleaut32

SysStringLen
SafeArrayPtrOfIndex
SysAllocStringByteLen
SysReAllocStringLen
GetActiveObject
LoadTypeLib

version

GetFileVersionInfoW
VerInstallFileA
VerFindFileW
VerQueryValueW
VerLanguageNameA

ole32

StgCreateDocfileOnILockBytes
CreateStreamOnHGlobal
PropVariantClear

shell32

DragQueryFileA
SHGetPathFromIDListW
SHChangeNotify
ShellExecuteA
SHFileOperationA

gdi32

ExtSelectClipRgn
GetTextMetricsA
RoundRect
GetTextExtentPoint32W

Sections

.text
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

09f267b81f7667209926abfd2ceb6a2b

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

comctl32

advapi32

oleaut32

version

ole32

shell32

gdi32

Sections

.text Size: 62KB - Virtual size: 62KB

.data Size: 48KB - Virtual size: 48KB

.rsrc Size: 28KB - Virtual size: 108KB

.text
Size: 62KB - Virtual size: 62KB

.data
Size: 48KB - Virtual size: 48KB

.rsrc
Size: 28KB - Virtual size: 108KB