b7471f9c441323c313befc1597214ee4

Sharing

Copy URL Twitter E-mail

General

Target

b7471f9c441323c313befc1597214ee4
Size

406KB
MD5

b7471f9c441323c313befc1597214ee4
SHA1

0c53f6f2f879d1fadf39c7d9bd05fb131da47872
SHA256

9548e0ad99d05f3d38853d6b9cefcbc5512c671d121aefb9070cccfe6dde1af4
SHA512

4d272259bfca77eed236f8689f7ecc1e04396f2057290bd4294cb902f38674f2535f5f9fa580ac49801d3837af99686b2790fd595313dd575bfed693c375100d
SSDEEP

6144:VF+1vXWD+6kP/ZWvJ4x5g9+dpwdI0ApipZ6firdJhDfOkJjmDIqvP6:YOfkMvJ44MNpQZ6fqJnJjyHP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b7471f9c441323c313befc1597214ee4

Files

b7471f9c441323c313befc1597214ee4
.exe windows:4 windows x86 arch:x86

01a3838fb750be8f4e3ae5a56f4f34f7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExA

gdi32

SetICMProfileW

shell32

ShellExecuteW
DragFinish
SHChangeNotify
SHUpdateRecycleBinIcon
RealShellExecuteExA
SHInvokePrinterCommandA
SheGetDirA
CommandLineToArgvW
SHFileOperationW
ShellAboutW
InternalExtractIconListW
SHEmptyRecycleBinA

comdlg32

ReplaceTextA
FindTextW
PrintDlgW
PageSetupDlgA
ChooseFontA
PageSetupDlgW
GetFileTitleW
GetOpenFileNameW
FindTextA
ReplaceTextW
LoadAlterBitmap
ChooseColorA

kernel32

SetUnhandledExceptionFilter
UnhandledExceptionFilter
LoadLibraryExA
lstrlenA
LoadLibraryA
SystemTimeToFileTime
InterlockedIncrement
GetFileType
GetStringTypeA
GetStdHandle
GetLocaleInfoW
HeapFree
QueryPerformanceCounter
ConnectNamedPipe
VirtualFree
FreeEnvironmentStringsA
GetCommandLineA
IsDebuggerPresent
InterlockedDecrement
GetStartupInfoA
CreateDirectoryA
SetConsoleCP
HeapSize
HeapAlloc
GetProcessHeap
CreateThread
TerminateProcess
LocalCompact
LCMapStringW
SystemTimeToTzSpecificLocalTime
GetTimeZoneInformation
CompareStringW
InitializeCriticalSection
FreeEnvironmentStringsW
CreateMailslotW
VirtualQuery
HeapCreate
FindResourceExA
SetHandleCount
CompareStringA
TlsGetValue
SetConsoleCtrlHandler
IsValidLocale
GetTickCount
GetCPInfo
IsValidCodePage
EnumSystemLocalesA
GetStringTypeW
GetLocaleInfoA
FreeLibrary
ReadConsoleOutputW
GetCurrentProcessId
Sleep
GetCurrentThread
GetCurrentProcess
FindFirstFileExW
TlsAlloc
ReleaseMutex
InterlockedExchange
GetLastError
ResetEvent
EnterCriticalSection
GetTimeFormatA
SetEndOfFile
TlsFree
GetUserDefaultLCID
HeapReAlloc
GetEnvironmentStrings
SetLastError
GetModuleHandleA
GetOEMCP
CreateToolhelp32Snapshot
GetCurrentThreadId
GetACP
GetProcAddress
VirtualAlloc
GetDateFormatA
WideCharToMultiByte
LeaveCriticalSection
GetVersionExA
GetModuleFileNameA
RtlUnwind
WriteFile
GetSystemTimeAsFileTime
LCMapStringA
EnumResourceTypesA
MultiByteToWideChar
TlsSetValue
ExitProcess
HeapDestroy
GetEnvironmentStringsW
SetEnvironmentVariableA
DeleteCriticalSection

user32

DdeConnect
CreateIconFromResourceEx
DdeCreateStringHandleA
LoadIconW
CloseDesktop
ChildWindowFromPointEx
AdjustWindowRect
DlgDirSelectComboBoxExW
ToUnicodeEx
IsCharUpperA
IsRectEmpty
DefMDIChildProcA
GetCursorInfo
GetClassInfoExA
PostThreadMessageA
SetScrollPos
DefDlgProcW
OffsetRect
CountClipboardFormats
LoadCursorFromFileA

Sections

.text
Size: 123KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 274KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

01a3838fb750be8f4e3ae5a56f4f34f7

Headers

File Characteristics

Imports

advapi32

gdi32

shell32

comdlg32

kernel32

user32

Sections

.text Size: 123KB - Virtual size: 122KB

.data Size: 274KB - Virtual size: 290KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 123KB - Virtual size: 122KB

.data
Size: 274KB - Virtual size: 290KB

.rsrc
Size: 8KB - Virtual size: 7KB