7f59afabfd4d1365cbc9a674796079b8

Sharing

Copy URL Twitter E-mail

General

Target

7f59afabfd4d1365cbc9a674796079b8
Size

172KB
MD5

7f59afabfd4d1365cbc9a674796079b8
SHA1

64f5c18554c629197249abefd2d1a8526cb716f0
SHA256

42db145c741c8fafb572d2b5bb6dfb5ed96ea03070910f398b20305e03149379
SHA512

e6485374edf990903d943eb5431bd74cc1a39c6f7f035b58de230787e357a1aa5b263de03042f581ceca4a509d2aab66ef04a038e60efc5acf5c4729ef65136b
SSDEEP

3072:UcWLjpI9VuX+nWV6CZwPDBCr9XAT6RJh/uZwrCYIdSPthI3J/oaugm0bI7K969:UcWLjCVuoCscra6vh/aECYIMVh4lNlMT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7f59afabfd4d1365cbc9a674796079b8

Files

7f59afabfd4d1365cbc9a674796079b8
.exe windows:4 windows x86 arch:x86

a37f149a16948308eb89d56966be2260

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetDeviceCaps
GetStockObject
Escape
SetWindowExtEx
SelectObject
ScaleViewportExtEx
GetBkColor
SetViewportOrgEx
GetMapMode
TextOutW
GetTextColor
ExtTextOutW
ExtSelectClipRgn
RectVisible
PtVisible
DeleteDC
OffsetViewportOrgEx
ScaleWindowExtEx
GetRgnBox

oleacc

LresultFromObject
CreateStdAccessibleObject

advapi32

RegEnumKeyExW
RegOpenKeyExW
RegOpenKeyW
RegQueryValueW
RegSetValueExW
RegDeleteKeyW
RegCreateKeyExW
RegEnumKeyW
RegQueryInfoKeyW
RegCloseKey
RegQueryValueExW

user32

RemovePropW
WinHelpW
SendDlgItemMessageA
CharUpperW
GetClassLongW
GetNextDlgTabItem
SetRect
GetClassInfoExW
RegisterWindowMessageW
GetPropW
CreateWindowExW
CopyAcceleratorTableW
SetPropW
InvalidateRgn
GetNextDlgGroupItem
InvalidateRect
CharNextW
IsRectEmpty
MessageBeep
DestroyMenu

ole32

CreateILockBytesOnHGlobal
CoTaskMemFree
OleInitialize
CoFreeUnusedLibraries
CoRetireServer
CoRegisterMessageFilter
CoGetClassObject
CoCreateInstance
StgOpenStorageOnILockBytes
CoRevokeClassObject
StgCreateDocfileOnILockBytes
CoInitialize
CLSIDFromProgID
OleUninitialize
CoTaskMemAlloc
OleFlushClipboard
CoUninitialize
OleIsCurrentClipboard
CLSIDFromString

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

shlwapi

PathFindExtensionW
PathFindFileNameW
PathIsUNCW
PathStripToRootW
PathFileExistsW
PathRemoveFileSpecW
PathAppendW

kernel32

WriteFile
GetCalendarInfoW
DeleteFileW
LoadLibraryW
ConvertDefaultLocale
FindFirstFileW
CreateFileW
MultiByteToWideChar
SystemTimeToFileTime
ReadFile
GetCurrentProcessId
SetFileTime
GetCurrentDirectoryW
lstrcpyW
EnumResourceNamesA
GetModuleFileNameW
SetFilePointer
FindNextFileW
FindClose
WideCharToMultiByte
MoveFileW
LocalFileTimeToFileTime
ExitProcess
GetFileAttributesW
RemoveDirectoryW
InterlockedDecrement
GetLocaleInfoW
GetVersion
EnumResourceLanguagesW
GetSystemDefaultLangID
CreateDirectoryW
GetProcAddress

Sections

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a37f149a16948308eb89d56966be2260

Headers

File Characteristics

Imports

gdi32

oleacc

advapi32

user32

ole32

shell32

shlwapi

kernel32

Sections

.text Size: 100KB - Virtual size: 100KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 66KB - Virtual size: 65KB

.edata Size: 1024B - Virtual size: 92KB

.text
Size: 100KB - Virtual size: 100KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 66KB - Virtual size: 65KB

.edata
Size: 1024B - Virtual size: 92KB