7df5fa473d633e8919964fd229dd216beef9a6c80442058204c7e072193a77a3

Sharing

Copy URL

Twitter E-mail

General

Target

7df5fa473d633e8919964fd229dd216beef9a6c80442058204c7e072193a77a3
Size

2.7MB
MD5

de20e223e5bb93b1b0ea2f0b4097bf04
SHA1

30c5deba145d3f3fc58336c01ce84011de654c07
SHA256

7df5fa473d633e8919964fd229dd216beef9a6c80442058204c7e072193a77a3
SHA512

749a2a83d3fe31e4c608d2fdebd7c6f232ca37fff253446ecb71cb907338653797a389e6800eb06c8a63b150f73269a45026f83667b4278dc3843fb7025e011f
SSDEEP

49152:LXfB3627Rn2WkyNiYGhH/nu8dGWUlJulpKmGGCvNXvPpsQp4F8vssVn:rZ362t2WkyNBgnu8QzUpK8CvNJp080un

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7df5fa473d633e8919964fd229dd216beef9a6c80442058204c7e072193a77a3

Files

7df5fa473d633e8919964fd229dd216beef9a6c80442058204c7e072193a77a3
.exe windows:4 windows x86 arch:x86

3bb8ce2d6d03b8b98aca2cd798355f8c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateThread
Sleep
GetTickCount
GetACP
GetOEMCP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetLastError
GetSystemDefaultLCID
GetVersion
TerminateThread
GetExitCodeThread
WaitForSingleObject
Sleep
CloseHandle
GetSystemTimeAsFileTime
IsBadReadPtr
GetCurrentThreadId
GetCurrentProcessId
EnterCriticalSection
InitializeCriticalSection
HeapFree
GetProcessHeap
HeapAlloc
DeviceIoControl
LocalFree
CreateFileA
LocalAlloc
InterlockedDecrement
InterlockedCompareExchange
CreateMutexA
ReleaseMutex
FormatMessageA
GetLastError
GetVolumeInformationA
GetEnvironmentVariableA
CreateThread
GetProcAddress
LoadLibraryA
TlsSetValue
TlsGetValue
TlsAlloc
SystemTimeToFileTime
GetSystemTime
FileTimeToSystemTime
GetCurrentProcess
TlsFree
GetModuleHandleA
ReadFile
WriteFile
GetFileSize
FindClose
GetLocalTime
SetErrorMode
FindFirstFileA
FindNextFileA
GetModuleFileNameA
InterlockedIncrement
HeapReAlloc
SearchPathA
CreateSemaphoreA
OpenSemaphoreA
ReleaseSemaphore
LeaveCriticalSection
DeleteCriticalSection
FreeLibrary
GetVersion
GetModuleHandleA
GetProcAddress
CreateFileW

msvcrt

strncmp

setupapi

SetupDiEnumDeviceInfo

advapi32

GetUserNameA
RegEnumKeyW

comctl32

InitCommonControlsEx
InitCommonControlsEx

user32

IsWindow
ShowWindow
GetClassNameA
GetWindowThreadProcessId
GetWindow
SetWindowPos
GetDlgItem
UpdateWindow
SetWindowTextW
GetWindowTextW
GetClientRect
GetWindowRect
SendMessageA
EnumWindows
GetDesktopWindow
MessageBoxW
GetWindowLongA
SetWindowLongA
DefWindowProcA
MessageBoxA
IsRectEmpty

hasp_windows_107479

ord3

gdi32

OffsetViewportOrgEx

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW

shell32

ShellExecuteW

shlwapi

PathFindFileNameW

oledlg

OleUIBusyW

ole32

CLSIDFromString

oleaut32

VariantInit

Sections

.text
Size: 208KB - Virtual size: 205KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 384KB - Virtual size: 382KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.protect
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3bb8ce2d6d03b8b98aca2cd798355f8c

Headers

File Characteristics

Imports

kernel32

msvcrt

setupapi

advapi32

comctl32

user32

hasp_windows_107479

gdi32

comdlg32

winspool.drv

shell32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 208KB - Virtual size: 205KB

.rdata Size: 56KB - Virtual size: 52KB

.data Size: 12KB - Virtual size: 27KB

.rsrc Size: 384KB - Virtual size: 382KB

.protect Size: 2.1MB - Virtual size: 2.1MB

.text
Size: 208KB - Virtual size: 205KB

.rdata
Size: 56KB - Virtual size: 52KB

.data
Size: 12KB - Virtual size: 27KB

.rsrc
Size: 384KB - Virtual size: 382KB

.protect
Size: 2.1MB - Virtual size: 2.1MB