8f7906221826fa0e1732527a8bfd342b

Sharing

Copy URL Twitter E-mail

General

Target

8f7906221826fa0e1732527a8bfd342b
Size

192KB
MD5

8f7906221826fa0e1732527a8bfd342b
SHA1

608094c3125ed63769b60544fe1b75d8b59e1f2d
SHA256

8643e6137de575abf64c67946803669d79501e552f89ab2107bb7645b5523c39
SHA512

14cac7121ede1e5dc53c2ee55b5295445be1c7701288f3c01ddf846430a7ead44bcc98874f4cb178d03cdb493e33696434b78c853413f98794f2cd6bbaf0658c
SSDEEP

3072:Ir9WrpiydGHQARnJPeMKLTxE3nhVY+xAkoC2BKXP2Tgp9aQ6DivbkIVJi:Ir9WrpifRNJPeTNmhZToChf2TK9a/ZG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8f7906221826fa0e1732527a8bfd342b

Files

8f7906221826fa0e1732527a8bfd342b
.exe windows:4 windows x86 arch:x86

039816780fea389302c3c47a9e8d43e1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA

msimg32

AlphaBlend

ole32

CoRegisterMessageFilter
CoTaskMemFree
OleFlushClipboard
CLSIDFromProgID
OleInitialize
CoFreeUnusedLibraries
CoRetireServer
CoRevokeClassObject
CoCreateInstance
OleIsCurrentClipboard
OleUninitialize
CoTaskMemAlloc
CoGetClassObject
CoInitialize
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoUninitialize
CLSIDFromString

shlwapi

PathRemoveFileSpecA
PathAppendA

user32

SetActiveWindow
LoadCursorA
EnumDisplayMonitors
GetMonitorInfoA
GetClientRect
MonitorFromPoint
GetWindowRect
DefWindowProcA
MonitorFromWindow
ReleaseDC
SetWindowPos
GetDesktopWindow
RegisterClassA
GetActiveWindow
OffsetRect
CreateWindowExA
LoadIconA
GetDC
CharNextW
ScrollWindowEx
DestroyWindow
WindowFromDC
GetSystemMetrics
UnregisterClassA

gdi32

OffsetRgn
GetRegionData
GetRgnBox
GetDeviceCaps
DeleteObject
StartPage
BitBlt
StartDocW
GetViewportOrgEx
MoveToEx
GetGraphicsMode
CreatePalette
CreateRectRgn
CreateDCW
DeleteDC
AbortDoc
GetWorldTransform
CreateBitmap
SetPolyFillMode
SetBrushOrgEx
EqualRgn
CreateCompatibleBitmap
SelectObject
EndPage
SelectClipRgn
Escape
CreatePatternBrush
Rectangle
ExtEscape
ResetDCW
RealizePalette
SelectClipPath
StretchDIBits
PolylineTo
CreatePolyPolygonRgn
SetDIBits
SetGraphicsMode
CreateDIBSection
SetWorldTransform
StretchBlt
CloseFigure
GetStockObject
BeginPath
PatBlt
ExtCreatePen
FillPath
SetStretchBltMode
SetMiterLimit
CreateICW
EndPath
GetClipBox
SelectPalette
CombineRgn
StrokePath
EndDoc
PolyBezierTo
ModifyWorldTransform
LineTo
CreateBrushIndirect
GetObjectA
GetCurrentObject
CreateCompatibleDC
SetROP2
SaveDC
IntersectClipRect
GetDIBColorTable
RestoreDC
ExtSelectClipRgn
PolyDraw

kernel32

GlobalFree
GetUserDefaultLangID
SetUnhandledExceptionFilter
GetFileSize
GetVersionExA
InterlockedExchange
IsDebuggerPresent
ExitProcess
GetProcAddress
GetACP
GetSystemInfo
InterlockedIncrement
GlobalAlloc
GetCalendarInfoW
GetCurrentThreadId
GetSystemTimeAsFileTime
GetFileTime
DeleteCriticalSection
Sleep
GetTimeFormatW
CreateMutexA
GetCurrentProcess
GetTimeFormatA
FindNextFileA
CloseHandle
GetSystemDirectoryA
GetTickCount
GetWindowsDirectoryA
lstrlenW
TlsFree
GetTempPathW
GetLastError
lstrcmpW
TlsGetValue
WaitForSingleObject
FindFirstFileA
EnterCriticalSection
ReleaseSemaphore
ReadFile
CreateFileA
GetCurrentDirectoryA
DeleteFileW
GetModuleFileNameA
EnumResourceNamesA
InterlockedCompareExchange
SetCurrentDirectoryA
GetLocalTime
GetLocaleInfoA
CreateSemaphoreA
FreeLibrary
GetThreadPriority
GetThreadLocale
GetCurrentThread
InitializeCriticalSection
LoadLibraryA
GlobalLock
GetModuleHandleA
QueryPerformanceCounter
TlsSetValue
ReleaseMutex
MultiByteToWideChar
TerminateProcess
FindClose
LeaveCriticalSection
IsProcessorFeaturePresent
GlobalUnlock
UnhandledExceptionFilter
GlobalSize
GetDateFormatW
LocalAlloc
GetProfileStringW
GetSystemDefaultLCID
GetEnvironmentVariableW
WideCharToMultiByte
GetDateFormatA
SetThreadPriority
GetCurrentProcessId
RaiseException

Sections

.text
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

039816780fea389302c3c47a9e8d43e1

Headers

File Characteristics

Imports

advapi32

msimg32

ole32

shlwapi

user32

gdi32

kernel32

Sections

.text Size: 106KB - Virtual size: 105KB

.rdata Size: 5KB - Virtual size: 5KB

.bss Size: 79KB - Virtual size: 78KB

.edata Size: 1024B - Virtual size: 112KB

.text
Size: 106KB - Virtual size: 105KB

.rdata
Size: 5KB - Virtual size: 5KB

.bss
Size: 79KB - Virtual size: 78KB

.edata
Size: 1024B - Virtual size: 112KB