7f8c44649a5aa5d24ba4c665f8191d4a

Sharing

Copy URL Twitter E-mail

General

Target

7f8c44649a5aa5d24ba4c665f8191d4a
Size

485KB
MD5

7f8c44649a5aa5d24ba4c665f8191d4a
SHA1

95fe96a354a60f6bcea3ea1cdc33fa38c1422b63
SHA256

4139333e3def3dc9f357e2499ca8fb6c0dc76f5a98eb178ef3a99d35ed14bf2f
SHA512

e01934858f224648a5c2d5217d7eda53a1df8b3948de60d191edcc68b20ccc2e16dd1e4a9a16eacbcb6c825478bf3c8857822b6e31831c722cc13dff41d65586
SSDEEP

12288:ZcXUspVNNBWF2Y/jPH4jZXzuwEUphVyHBinMDL3obvq:yXppVNXWFBjPYjcwEYVeknkL6q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7f8c44649a5aa5d24ba4c665f8191d4a

Files

7f8c44649a5aa5d24ba4c665f8191d4a
.exe windows:4 windows x86 arch:x86

2a9b9c298d3e25a1ce82891f257b7e2a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\j

Imports

user32

RegisterClassA
ShowScrollBar
DdeCmpStringHandles
RegisterClassExA
EndPaint

comctl32

InitCommonControlsEx

kernel32

SetConsoleCtrlHandler
SetStdHandle
VirtualFree
GetProcessHeap
RtlUnwind
GetEnvironmentStringsW
GetOEMCP
GetModuleFileNameA
LeaveCriticalSection
GetStringTypeW
Sleep
UnhandledExceptionFilter
SetFilePointer
IsDebuggerPresent
CreateFileA
TlsSetValue
InterlockedExchange
WritePrivateProfileStructA
GetConsoleMode
GetThreadTimes
CreateMutexA
GetCommandLineA
TlsAlloc
GetEnvironmentStrings
ReadConsoleW
GetStringTypeA
CreateEventA
SetHandleCount
WriteProfileSectionA
LCMapStringA
GetCurrentProcess
IsValidCodePage
GetCurrentThreadId
QueryPerformanceCounter
SetLastError
HeapFree
DeleteCriticalSection
GetLocaleInfoW
HeapSize
ConnectNamedPipe
FoldStringW
ExitProcess
SetUnhandledExceptionFilter
TerminateProcess
CloseHandle
lstrcmpiW
GetModuleFileNameW
GetModuleHandleA
WaitForMultipleObjectsEx
EnterCriticalSection
GetSystemTimeAsFileTime
GetUserDefaultLCID
MultiByteToWideChar
FreeEnvironmentStringsA
WriteFile
GetConsoleOutputCP
LoadLibraryA
VirtualAlloc
SetEnvironmentVariableA
HeapCreate
GetModuleHandleW
LCMapStringW
GetACP
ReadConsoleInputA
GetConsoleCP
InterlockedIncrement
FreeLibrary
HeapReAlloc
GetVersionExA
GetStartupInfoW
GetStartupInfoA
GetCommandLineW
CompareStringA
GetTimeZoneInformation
GetTickCount
TlsFree
GetCPInfo
WriteConsoleA
WriteConsoleW
GetCurrentThread
CreateThread
FreeEnvironmentStringsW
GetTimeFormatA
InitializeCriticalSection
InterlockedDecrement
GetCurrentProcessId
TransmitCommChar
WideCharToMultiByte
GetStdHandle
IsValidLocale
EnumSystemLocalesA
GetProcAddress
HeapAlloc
GetLocaleInfoA
SetWaitableTimer
OpenMutexA
ReadFile
FindFirstFileA
TlsGetValue
GetLastError
CompareStringW
GetDateFormatA
GetFileType
HeapDestroy
VirtualQuery
GlobalGetAtomNameA
GetPrivateProfileSectionW
FlushFileBuffers

Sections

.text
Size: 313KB - Virtual size: 312KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 55KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2a9b9c298d3e25a1ce82891f257b7e2a

Headers

File Characteristics

PDB Paths

Imports

user32

comctl32

kernel32

Sections

.text Size: 313KB - Virtual size: 312KB

.rdata Size: 55KB - Virtual size: 84KB

.data Size: 104KB - Virtual size: 103KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 313KB - Virtual size: 312KB

.rdata
Size: 55KB - Virtual size: 84KB

.data
Size: 104KB - Virtual size: 103KB

.rsrc
Size: 11KB - Virtual size: 11KB