7ffbd444297d095908ae5e12867a66c2

Sharing

Copy URL Twitter E-mail

General

Target

7ffbd444297d095908ae5e12867a66c2
Size

83KB
MD5

7ffbd444297d095908ae5e12867a66c2
SHA1

47d5ce22a9913efe68d0a52eff9a1ee3d8bc804e
SHA256

13869c85d3bb778c0d8fc44cade8e747fde1d84c4733ff37268ded2842bdea48
SHA512

bd8218f74317fb9cf684e94a25e7caaa2c372271ef56afd1daa080311733e10eef4e2663354b49b1d071cb129eba9665d804e5da90c643cc02fce55705d48161
SSDEEP

1536:411v1nydcV6Gk492CHUB9FiGPssL21xM55UZCJe5xwhG9qAhxSP:411JgP9FiGPsxM55U4eHwhG9qyu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7ffbd444297d095908ae5e12867a66c2

Files

7ffbd444297d095908ae5e12867a66c2
.exe windows:4 windows x86 arch:x86

42a952f1f82a16177311e735923af269

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetSysColor
SetWindowTextA
EnableMenuItem
GetSysColorBrush
GetScrollPos
EqualRect
FrameRect
GetMessageA
EnumWindows
PostQuitMessage
SetWindowPos
GetSubMenu
UnhookWindowsHookEx

kernel32

GetFileAttributesA
GetTempPathA
SetUnhandledExceptionFilter
GetCurrentProcessId
QueryPerformanceCounter
GetTimeZoneInformation
VirtualAllocEx
ExitProcess
InterlockedExchange
GetOEMCP
GetThreadLocale
GetStartupInfoA
FileTimeToSystemTime
RtlUnwind
GetSystemTime
GetTickCount

gdi32

DPtoLP
FillRgn
CopyEnhMetaFileA
CreateCompatibleBitmap
GetMapMode
CreateICW
SetViewportExtEx
ExcludeClipRect
SelectClipPath

ole32

CoInitializeSecurity
StringFromGUID2
StgOpenStorage
CoRevokeClassObject
CoInitialize
CoTaskMemRealloc
DoDragDrop
CoCreateInstance
OleRun

advapi32

QueryServiceStatus
RegQueryValueExW
GetSecurityDescriptorDacl
GetUserNameA
RegCreateKeyExW
CryptHashData
AdjustTokenPrivileges
FreeSid
RegCreateKeyA
CheckTokenMembership

msvcrt

__setusermatherr
_lock
iswspace
raise
strlen
strcspn
fprintf
puts
__initenv
_strdup
_fdopen
fflush
_CIpow
_mbscmp
signal
_flsbuf
strncpy
__getmainargs

comctl32

ImageList_LoadImageA
CreatePropertySheetPageA
ImageList_GetIcon
ImageList_Destroy
ImageList_GetBkColor
ImageList_DrawEx
ImageList_Write
ImageList_LoadImageW
ImageList_ReplaceIcon
ImageList_DragEnter
ImageList_GetIconSize
ImageList_SetIconSize
InitCommonControls

shell32

ExtractIconExW
DragAcceptFiles
ShellExecuteW
DragQueryFileA
SHBrowseForFolderA
DoEnvironmentSubstW
CommandLineToArgvW
DragQueryFileW
ExtractIconW
SHGetPathFromIDList
ShellExecuteEx

oleaut32

SysReAllocStringLen
VariantCopy
SafeArrayGetUBound
SafeArrayCreate
SafeArrayUnaccessData
SafeArrayRedim
SafeArrayPtrOfIndex
SafeArrayPutElement

Sections

.text
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

42a952f1f82a16177311e735923af269

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 34KB - Virtual size: 34KB

.data Size: 41KB - Virtual size: 41KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 34KB - Virtual size: 34KB

.data
Size: 41KB - Virtual size: 41KB

.rsrc
Size: 6KB - Virtual size: 5KB