ab7e1307a2da3b60e9bd1db3a7e01cbe

Sharing

Copy URL Twitter E-mail

General

Target

ab7e1307a2da3b60e9bd1db3a7e01cbe
Size

120KB
MD5

ab7e1307a2da3b60e9bd1db3a7e01cbe
SHA1

4ab84d65675e4427c5afa7b8a4be1a69256df054
SHA256

7b9e1bc425e04a893f11f492b545664ffc8c0220d65ea6e1d3556b37117352d1
SHA512

1c2e2b297fef3d33ce0bacdbceca850a84fa7f4a25ee8f59b5f6a3833f9917f3b465c0fc0f5d4bbeb465f0edebeaf8f035a9af54ef757912e00c90919381ab08
SSDEEP

3072:7b13odofvnWlOhv9uP21+gmpuoqUfGC9LEj7WQIy1:f138OvnWgR9ue1+gmJfGygj7Wl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab7e1307a2da3b60e9bd1db3a7e01cbe

Files

ab7e1307a2da3b60e9bd1db3a7e01cbe
.exe windows:4 windows x86 arch:x86

137487b0f2b66507e3aabc43e7553d33

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
OutputDebugStringA
VirtualAlloc
Beep
VirtualProtect
ExitThread
GetProcAddress
_lclose
GetWindowsDirectoryA
GetModuleHandleA
FreeLibrary
lstrlenA
GetLastError
WriteConsoleW
GetModuleHandleW
VirtualFree
FindFirstFileW
HeapAlloc
BeginUpdateResourceA
LoadLibraryW
GetStringTypeW

msvcrt

wcscpy
__p__fmode
_wcmdln
_vsnprintf
memcpy
isalpha
_snwprintf
_purecall
_adjust_fdiv
_controlfp
_iob
strncpy
__winitenv
__dllonexit
_wtol
_ftol
swscanf
__p__commode
_c_exit
wcscat
_exit
wcslen
__CxxFrameHandler
is_wctype
memset
wcschr
_except_handler3
wcscmp
free
swprintf
_cexit
__initenv
malloc

opengl32

glColor4f
glColor4i
glTexCoord2d
glFogfv
glColor4d
glTexCoord2dv
glColor3ui
wglShareLists
glStencilMask
GlmfBeginGlsBlock

shell32

ShellExecuteW
SHGetFolderPathW
SHGetPathFromIDListW
SHGetFileInfoW

user32

ScreenToClient
LoadCursorA
DialogBoxParamA
GetMenuItemCount
SetScrollPos
CheckDlgButton
LoadImageW
ReleaseDC
ReleaseCapture
SetCapture
BeginPaint
LoadCursorW
wsprintfW
GetProcessWindowStation
GetParent
MapWindowPoints
DispatchMessageW
ClientToScreen
CopyRect
LoadMenuW
GetCursorPos
UnregisterClassW
IsWindow
SendMessageW
UpdateLayeredWindow
SendMessageA
DestroyWindow
RegisterClassA

Exports

Exports

KmmbTobyhhTytqsGf
BxsUoytkpPsl
TanudMqnek

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 118B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 162B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

137487b0f2b66507e3aabc43e7553d33

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

opengl32

shell32

user32

Exports

Exports

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 2KB - Virtual size: 2KB

.edata Size: 512B - Virtual size: 118B

.data Size: 99KB - Virtual size: 98KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 512B - Virtual size: 162B

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 2KB - Virtual size: 2KB

.edata
Size: 512B - Virtual size: 118B

.data
Size: 99KB - Virtual size: 98KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 162B