7f9234cd2bc8c115e166cd111f07d962

Sharing

Copy URL Twitter E-mail

General

Target

7f9234cd2bc8c115e166cd111f07d962
Size

818KB
MD5

7f9234cd2bc8c115e166cd111f07d962
SHA1

8184e7750fecb4cd9a36bcc257cd862e76ce5dd1
SHA256

1473266f69014a96bb31bf625613447cf945fe3084d41e0cbcbe0578e16b5f60
SHA512

50487ec4ef6fdf29fc09e34abfc168b6445d48b5f85266fb4d4fff5611cedb53f9359038e51ebb838edcd95602c35b7a5b813209e9c6173fdb1e278e608e2c84
SSDEEP

24576:8ScVnufZ3c2NZbiiexlHvmNiqVpJgXTAe96QnutnsmBTv:8ScVWlNZbBClHvmNiqVCTD6QMnsY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7f9234cd2bc8c115e166cd111f07d962

Files

7f9234cd2bc8c115e166cd111f07d962
.exe windows:5 windows x86 arch:x86

d1775ca1ee29a48cbe5c19c0c653a05e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

crypt32

CertCloseStore
CertOpenStore
CertAddEncodedCertificateToStore

shlwapi

SHGetValueW
SHSetValueW

imagehlp

ImageEnumerateCertificates
ImageGetCertificateData

advapi32

CryptDestroyHash
LookupPrivilegeValueW
CryptHashData
CryptCreateHash
CryptGetHashParam
CryptReleaseContext
CryptAcquireContextA
OpenThreadToken
AdjustTokenPrivileges
GetSecurityInfo
AllocateAndInitializeSid
SetSecurityInfo
SetEntriesInAclW
FreeSid
OpenProcessToken

ws2_32

recvfrom
freeaddrinfo
getaddrinfo
gethostname
WSAIoctl
socket
setsockopt
ntohs
htons
getsockopt
getsockname
getpeername
connect
closesocket
bind
send
recv
WSASetLastError
select
__WSAFDIsSet
WSAGetLastError
WSACleanup
WSAStartup
accept
listen
ioctlsocket
sendto

wldap32

ord301
ord200
ord30
ord79
ord35
ord33
ord32
ord27
ord26
ord22
ord41
ord50
ord60
ord211
ord46
ord143

kernel32

SystemTimeToTzSpecificLocalTime
LoadLibraryW
GetTimeZoneInformation
GetDriveTypeW
FindFirstFileExW
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetModuleFileNameA
GetOEMCP
GetACP
SetEnvironmentVariableA
UnregisterWaitEx
InitializeSListHead
ReleaseSemaphore
FreeLibraryAndExitThread
GetThreadTimes
VirtualProtect
VirtualFree
VirtualAlloc
GetVersionExW
ReadConsoleW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
HeapSize
WriteFile
OutputDebugStringW
ExitProcess
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
CreateSemaphoreW
GetStartupInfoW
CreateEventW
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TlsGetValue
TlsSetValue
TlsFree
IsValidCodePage
UnregisterWait
CreateFileW
CloseHandle
CreateDirectoryW
GetModuleFileNameW
GetLastError
LocalFree
OutputDebugStringA
FreeResource
FindResourceW
LoadResource
CreateProcessW
GetCurrentProcess
WaitForSingleObject
SizeofResource
IsWow64Process
LockResource
GetVersion
Sleep
HeapAlloc
HeapFree
GetCurrentThread
GetProcessHeap
OpenProcess
TerminateProcess
SetLastError
GetProcAddress
Process32FirstW
Process32NextW
GetModuleHandleA
CreateToolhelp32Snapshot
GetCurrentProcessId
GetTickCount
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
VerSetConditionMask
SleepEx
VerifyVersionInfoA
FormatMessageA
GetStdHandle
GetFileType
ReadFile
PeekNamedPipe
FreeLibrary
WaitForMultipleObjects
LoadLibraryA
ExpandEnvironmentStringsA
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
TlsAlloc
GetModuleHandleW
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetThreadPriority
SetThreadPriority
SwitchToThread
SignalObjectAndWait
WaitForSingleObjectEx
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeW
GetSystemTimeAsFileTime
DuplicateHandle
GetCurrentThreadId
EncodePointer
DecodePointer
GetCurrentDirectoryW
DeleteFileW
FindClose
FindFirstFileW
FindNextFileW
GetFileAttributesW
GetFileInformationByHandle
GetFullPathNameW
RemoveDirectoryW
SetEndOfFile
SetFilePointerEx
DeviceIoControl
AreFileApisANSI
GetModuleHandleExW
WriteConsoleW
IsProcessorFeaturePresent
GetCPInfo
GetCommandLineA
HeapReAlloc
CreateThread
ExitThread
LoadLibraryExW
FileTimeToLocalFileTime
FileTimeToSystemTime
IsDebuggerPresent
RaiseException
RtlUnwind
CreateTimerQueue
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
SetEvent
GetLogicalProcessorInformation

shell32

SHGetSpecialFolderPathW
ShellExecuteW

ole32

CoInitialize
CoCreateInstance

oleaut32

SysFreeString
SysAllocString

Sections

.text
Size: 657KB - Virtual size: 657KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d1775ca1ee29a48cbe5c19c0c653a05e

Headers

DLL Characteristics

File Characteristics

Imports

crypt32

shlwapi

imagehlp

advapi32

ws2_32

wldap32

kernel32

shell32

ole32

oleaut32

Sections

.text Size: 657KB - Virtual size: 657KB

.rdata Size: 134KB - Virtual size: 133KB

.data Size: 17KB - Virtual size: 35KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 657KB - Virtual size: 657KB

.rdata
Size: 134KB - Virtual size: 133KB

.data
Size: 17KB - Virtual size: 35KB

.rsrc
Size: 3KB - Virtual size: 2KB