7fd3d9f1aa72e2a1fe0d7a788100db6b

Sharing

Copy URL Twitter E-mail

General

Target

7fd3d9f1aa72e2a1fe0d7a788100db6b
Size

175KB
MD5

7fd3d9f1aa72e2a1fe0d7a788100db6b
SHA1

528dd57a171b860e69d5bd039e46cd143df5de83
SHA256

e8bdfdfae9820086aac1203f008098c018a56517544e9cf0bfbdab35dedb0d66
SHA512

930bbdad06974259591d9e21371a07c24d2287d3d640fd81f4b64d8afa3e60e7fb83ef8ee461c4f8fa76c65a0e0ea91597073d967f420490ce5410e5f465ba87
SSDEEP

3072:47ZiEUG0fzyYtIggfoDUBWtE2dOFVwoPBVjo43Fkwl2kY+Fb2xY86SZTZZk:L1xtIggfUtndOFeopVjo492IyY8vfZk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7fd3d9f1aa72e2a1fe0d7a788100db6b

Files

7fd3d9f1aa72e2a1fe0d7a788100db6b
.exe windows:4 windows x86 arch:x86

36a390feec4ff25f58d8ca8231348eea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReplaceFileW
EnterCriticalSection
InterlockedIncrement
CreateThread
FindFirstChangeNotificationW
GetFullPathNameW
GetThreadLocale
GetVersionExW
GetDriveTypeW
lstrcpynW
InitializeCriticalSection
GetProcessId
WideCharToMultiByte
FindNextChangeNotification
GlobalLock
MultiByteToWideChar
QueryPerformanceCounter
Sleep
GetTickCount
WaitForSingleObject
MulDiv
DisableThreadLibraryCalls
GetACP
EnumResourceTypesA
InterlockedDecrement
lstrlenW
DeleteCriticalSection
InterlockedExchange
LeaveCriticalSection
ResetEvent
SetEvent
GetLocaleInfoA
ExitProcess
GlobalUnlock
FreeLibrary
GetProcAddress
FileTimeToLocalFileTime
GlobalAlloc
GlobalReAlloc
lstrlenA
GetCurrentProcessId
FindClose
FindCloseChangeNotification
CloseHandle
GetModuleHandleW
GetModuleFileNameA
CreateEventW
FileTimeToSystemTime
GetLastError
FindFirstFileW
GetSystemTimeAsFileTime
GetCurrentThreadId
GetVersionExA

user32

GetSysColorBrush
BringWindowToTop
PostMessageW
SendMessageW
GetCursorPos
FindWindowExW
SetForegroundWindow
LoadImageW
GetActiveWindow
PtInRect
IsRectEmpty
ClientToScreen
ScreenToClient
EnableWindow
DrawTextW
DefWindowProcW
SetRect
GetWindowRect
DrawFocusRect
UpdateWindow
KillTimer
SetWindowLongW
ReleaseDC
IsWindowVisible
TrackPopupMenuEx
IsWindow
GetSystemMetrics
SetRectEmpty
DestroyMenu
GetClientRect
CopyRect
CreatePopupMenu
FrameRect
ReleaseCapture
GetSysColor
GetDesktopWindow
UnionRect
SetCapture
ShowScrollBar
GetWindowLongW
SetCursor
LoadCursorW
IntersectRect
FillRect
OffsetRect
EqualRect
SetFocus
InflateRect
GetParent
GetDC
wsprintfW
SetTimer
InvalidateRect

advapi32

RegEnumKeyExW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyW
RegSetValueW
RegCloseKey
RegDeleteKeyW

shell32

SHGetPathFromIDListW
SHGetMalloc
SHGetDesktopFolder
DragQueryFileW
SHGetSpecialFolderLocation
SHGetFileInfoW

ole32

CoFreeUnusedLibraries
OleInitialize
CoCreateInstance
CoUninitialize
StringFromGUID2
OleUninitialize
CoInitialize

avifil32

AVISaveOptions
AVIMakeCompressedStream

Sections

.text
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

36a390feec4ff25f58d8ca8231348eea

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

avifil32

Sections

.text Size: 101KB - Virtual size: 100KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 69KB - Virtual size: 68KB

.tls Size: 1024B - Virtual size: 376KB

.text
Size: 101KB - Virtual size: 100KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 69KB - Virtual size: 68KB

.tls
Size: 1024B - Virtual size: 376KB