b71d77b77a1096484eee81b242597b88

Sharing

Copy URL

Twitter E-mail

General

Target

b71d77b77a1096484eee81b242597b88
Size

139KB
MD5

b71d77b77a1096484eee81b242597b88
SHA1

2e00666dfd93ce64c2a6fcc569a2ac51661a99ff
SHA256

802643ebf8d95cd73237974ec93fa921f43bde41700243fe13c7eba782b0ff14
SHA512

119d6a3aaf77fa2c37a4287121a1657a238ebb96574a1763a2a45f134f2492712fd818874a5742f5ea269afa01c9d69a263f1b4d9e925db396cf1a2f0848582c
SSDEEP

3072:VlX2JTJkdcPpWlZpP3E/rykzBKRnEHPGK/7tvAi4P:V20WOETNBTxzi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b71d77b77a1096484eee81b242597b88

Files

b71d77b77a1096484eee81b242597b88
.exe windows:5 windows x86 arch:x86

7cf843f5302eeaa103474f51985421e8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpynA
GetModuleHandleA
GetWindowsDirectoryA
UnmapViewOfFile
Sleep
QueryPerformanceFrequency
VirtualProtect
GetFileAttributesA
GetCurrentProcess
FlushFileBuffers
GetComputerNameA
WaitForMultipleObjects
FindClose
GetThreadLocale
VirtualQueryEx
SizeofResource
DeleteCriticalSection
ReadFile
MapViewOfFileEx
SetLastError
GetFileAttributesW
VirtualFree
WriteFile
CloseHandle
GlobalAlloc
lstrlenW
GetACP
SetThreadAffinityMask
CreateFileMappingA
GlobalMemoryStatus
CreateDirectoryA
GetVersion
GetExitCodeThread
LocalFree
TerminateProcess

kbdhddlg

_LDenorm
_Tolower
_Getcvt
_Eps
_FRteps
_FEps
_Wcrtomb

gdi32

GetPaletteEntries
CreateCompatibleDC
SetTextColor
ExtCreatePen
FrameRgn
RectVisible
GetWinMetaFileBits
OffsetRgn
CreateCompatibleBitmap
SetTextAlign
FillRgn
GetCurrentObject
LPtoDP
LineTo
EnumFontsA
SelectPalette

version

GetFileVersionInfoSizeA

user32

ToAscii
SetWindowPos
CharLowerBuffA
DefMDIChildProcA
UnhookWindowsHookEx
GetSubMenu
DestroyMenu
RedrawWindow
SetWindowsHookExA
PostThreadMessageA
DrawIconEx
EmptyClipboard
GetWindow
CreatePopupMenu
TrackPopupMenu
CallWindowProcA
CreateIcon
SetMenuItemInfoW
IntersectRect
InvalidateRect
BeginDeferWindowPos
CharLowerA
GetClipboardFormatNameA
EqualRect
ScrollWindow
HideCaret
IsWindowVisible
SystemParametersInfoA
CallNextHookEx
SubtractRect
SetWindowsHookExW
GetClassNameW
ShowScrollBar

wininet

HttpOpenRequestA
InternetOpenA
InternetCloseHandle
InternetCombineUrlA

comdlg32

ChooseFontA

comctl32

ImageList_DragEnter
ImageList_Replace
ImageList_GetDragImage
ImageList_EndDrag
ImageList_SetIconSize
ImageList_DragLeave

ole32

CoTaskMemFree
RevokeDragDrop
CoCreateGuid
OleUninitialize

advapi32

InitializeSecurityDescriptor
RegCreateKeyExA
SetSecurityDescriptorDacl

oleaut32

SysAllocStringLen
SafeArrayUnaccessData
GetErrorInfo

shell32

DragAcceptFiles

Sections

.text
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7cf843f5302eeaa103474f51985421e8

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

kbdhddlg

gdi32

version

user32

wininet

comdlg32

comctl32

ole32

advapi32

oleaut32

shell32

Sections

.text Size: 112KB - Virtual size: 112KB

.rdata Size: 3KB - Virtual size: 4KB

.data Size: 21KB - Virtual size: 24KB

.rsrc Size: 2KB - Virtual size: 4KB

.text
Size: 112KB - Virtual size: 112KB

.rdata
Size: 3KB - Virtual size: 4KB

.data
Size: 21KB - Virtual size: 24KB

.rsrc
Size: 2KB - Virtual size: 4KB