b7217bc940f1261c26b685e7e6b2774f

Sharing

Copy URL

Twitter E-mail

General

Target

b7217bc940f1261c26b685e7e6b2774f
Size

488KB
MD5

b7217bc940f1261c26b685e7e6b2774f
SHA1

0fc2b97b1d2272253b8b11f64360a9781d3d5f29
SHA256

6683d98ead862c9abfe1e0327cd38a01fde84e7cc9b8a9eca3f18bc0ece86903
SHA512

c72b49da588fee91303c23df285aed5bb53275d81533c2a34f2063dd3bbb487e68bd0ba865bba605497b0d96001632decdaadb47089cab0841ee5c6b4ed6e918
SSDEEP

12288:cgyPPjgtC2FwifSVxRvWwNCal6KO1+LJcF2cJP+6:cnPP0tCYmxZvO1WJcF/G6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b7217bc940f1261c26b685e7e6b2774f

Files

b7217bc940f1261c26b685e7e6b2774f
.exe windows:4 windows x86 arch:x86

cce0ad5d0cd770c3f21c5f60f62af828

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

wininet

InternetUnlockRequestFile
GopherGetAttributeW
FtpPutFileEx
InternetQueryOptionA
HttpQueryInfoW
InternetSetOptionExA
InternetSecurityProtocolToStringA
FtpRemoveDirectoryA
CreateUrlCacheContainerW

gdi32

RemoveFontResourceA
SaveDC
SetLayout
ExtFloodFill
GetTextExtentPointW
EnumICMProfilesW
GetPaletteEntries
GetCharWidthFloatW
Chord
Polygon
CreateRectRgn
FrameRgn
GetBkMode
PlgBlt
FixBrushOrgEx
ExtSelectClipRgn
GetBrushOrgEx
EnumEnhMetaFile

shell32

ShellExecuteA
SHInvokePrinterCommandW

kernel32

WritePrivateProfileSectionW
GetStringTypeW
ExitProcess
InterlockedIncrement
TlsGetValue
VirtualQuery
ReadFile
CloseHandle
GetModuleFileNameW
QueryPerformanceCounter
FindResourceExA
RtlUnwind
HeapFree
OpenMutexA
lstrcat
GetEnvironmentStringsW
EnumDateFormatsW
HeapReAlloc
HeapCreate
FindClose
LCMapStringA
GetTickCount
IsBadWritePtr
InterlockedExchange
LockResource
GetCommandLineA
WritePrivateProfileSectionA
GetLocalTime
CreateMutexA
CompareStringW
GetCurrentProcess
TlsAlloc
SetConsoleWindowInfo
WriteFile
LeaveCriticalSection
GetProcAddress
WriteConsoleInputW
TlsFree
CreateMailslotW
VirtualAlloc
AddAtomA
GetStringTypeA
OpenWaitableTimerA
SetConsoleMode
FreeEnvironmentStringsA
MultiByteToWideChar
WideCharToMultiByte
WritePrivateProfileStructW
GetTimeZoneInformation
SetHandleCount
HeapDestroy
CompareStringA
LCMapStringW
GetStdHandle
LoadLibraryA
SetEnvironmentVariableA
GetCPInfo
InterlockedDecrement
DeleteCriticalSection
UnhandledExceptionFilter
GetLastError
GetDiskFreeSpaceW
FreeEnvironmentStringsW
ExpandEnvironmentStringsA
FindAtomW
GetStartupInfoA
GetEnvironmentStrings
FindAtomA
GetCurrentThreadId
HeapAlloc
GetSystemTimeAsFileTime
WritePrivateProfileStructA
SetStdHandle
GetFileType
SetConsoleTitleW
GetExitCodeProcess
GetCurrentThread
DeleteFiber
InitializeCriticalSection
VirtualFree
GetCurrentProcessId
TerminateProcess
GetSystemTime
FlushFileBuffers
GetModuleFileNameA
SetFilePointer
GlobalFix
GetCommandLineW
TlsSetValue
EnterCriticalSection
GetVersion
GetModuleHandleA
SetLastError
GetStartupInfoW

user32

RegisterClassExA
WaitMessage
DefMDIChildProcA
GetDCEx
GetScrollRange
SetRect
DestroyCursor
RegisterClassA
InternalGetWindowText
DispatchMessageW
ImpersonateDdeClientWindow
DdeDisconnectList
IsWindowEnabled
GetClassLongW
GetWindowModuleFileNameA
IsMenu
ShowWindowAsync
AdjustWindowRect
DdeGetData
ToAscii
LoadImageW

comdlg32

PageSetupDlgW

Sections

.text
Size: 158KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 314KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cce0ad5d0cd770c3f21c5f60f62af828

Headers

File Characteristics

Imports

comctl32

wininet

gdi32

shell32

kernel32

user32

comdlg32

Sections

.text Size: 158KB - Virtual size: 157KB

.rdata Size: 5KB - Virtual size: 34KB

.data Size: 314KB - Virtual size: 314KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: 158KB - Virtual size: 157KB

.rdata
Size: 5KB - Virtual size: 34KB

.data
Size: 314KB - Virtual size: 314KB

.rsrc
Size: 9KB - Virtual size: 8KB