7fb904f78245ad695800ba99520cb71d

Sharing

Copy URL Twitter E-mail

General

Target

7fb904f78245ad695800ba99520cb71d
Size

100KB
MD5

7fb904f78245ad695800ba99520cb71d
SHA1

94b5ff2a0eff8ff091efd10420d13ac4ac722960
SHA256

7064c04f8798a1a649466e3e34b4deb07b1724b6ebd9e238fbe6101f82c731e3
SHA512

a0d3f279fcc034a479266f7c450c55678db7494f402325e48966b401a87691da40de649940218419fc08a7b9e54615ca34d37b46ff3812476223e39b27f8f204
SSDEEP

3072:bv/ZdIQZdFMhuMMK0aJno+muZTacTaM40x/3j43S2k:pU1BJVuqTRxb43Sr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7fb904f78245ad695800ba99520cb71d

Files

7fb904f78245ad695800ba99520cb71d
.dll windows:4 windows x86 arch:x86

e8fa67d9e6c4e4c94bf24d2f70ff228b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetSystemTime
SetThreadPriority
GetThreadPriority
GetCurrentProcess
SystemTimeToFileTime
GetSystemTimeAdjustment
WaitForSingleObject
CreateThread
GetSystemTimeAsFileTime
GetTickCount
FreeLibrary
WaitForMultipleObjects
CreateEventW
SetConsoleCtrlHandler
GetProcAddress
LoadLibraryA
SetSystemTimeAdjustment
GetSystemTime
InitializeCriticalSectionAndSpinCount
LocalAlloc
LocalFree
SetEvent
InterlockedDecrement
GetCurrentThread
Sleep
VirtualProtect
DisableThreadLibraryCalls
GetCommandLineA
CloseHandle
GetStringTypeA
LCMapStringW
RtlUnwind
GetVersion
ExitProcess
TerminateProcess
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
HeapAlloc
VirtualAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
MultiByteToWideChar
LCMapStringA
GetStringTypeW

advapi32

RegSetValueExA
RegQueryValueExA
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegisterServiceCtrlHandlerW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
SetServiceStatus
RegCloseKey
I_ScSetServiceBitsW

rpcrt4

NdrDllUnregisterProxy

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e8fa67d9e6c4e4c94bf24d2f70ff228b

Headers

File Characteristics

Imports

kernel32

advapi32

rpcrt4

Sections

.text Size: 40KB - Virtual size: 37KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 44KB - Virtual size: 78KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 40KB - Virtual size: 37KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 44KB - Virtual size: 78KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 3KB