b7a44a14782e1b2157e877044d621d3a

Sharing

Copy URL

Twitter E-mail

General

Target

b7a44a14782e1b2157e877044d621d3a
Size

400KB
MD5

b7a44a14782e1b2157e877044d621d3a
SHA1

2c4f08c0a13bf947e67bb8032b06a5b84d0e33f2
SHA256

34a6639399230caffa6ff5021de5e36aec0a4cb8fabc929f816603227c6d8fa6
SHA512

1ac96068e430deddd9fc740a8e99347649b99d2eba5a3f001a836195b79a7c0aa0b6e9bbf6168e412ed19bc56643ef739c53014af2c71b4eba8759e90ee62284
SSDEEP

12288:ndvYxZBAmjE7TbUj16EzFSbALHnNtebCgLWyL:ndvYHBDo7TMNzlbNI79

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b7a44a14782e1b2157e877044d621d3a

Files

b7a44a14782e1b2157e877044d621d3a
.exe windows:4 windows x86 arch:x86

2176cb36f5fef5a19dc167409e2b393b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

StretchDIBits
GetCharABCWidthsFloatA
SetICMProfileA
SetSystemPaletteUse
RemoveFontResourceW
EnumMetaFile
SelectPalette
SetTextCharacterExtra
GetRegionData
SetWindowExtEx
CreateDCA
PlayEnhMetaFile
SetColorSpace
GetCharABCWidthsFloatW
EnumICMProfilesW

wininet

InternetConfirmZoneCrossing
FtpGetFileA
InternetSetOptionExA
DetectAutoProxyUrl
FtpOpenFileW
GetUrlCacheGroupAttributeA
FtpRemoveDirectoryA
FtpCommandW
InternetCrackUrlA
InternetOpenUrlA
FreeUrlCacheSpaceA
RetrieveUrlCacheEntryFileA
InternetSetDialStateW
GopherCreateLocatorW
FtpGetFileW
SetUrlCacheEntryGroupW

advapi32

CryptDuplicateKey
RegCreateKeyA
LookupPrivilegeValueA
LookupPrivilegeNameA
CryptDeriveKey
CryptDecrypt
ReportEventW
RegQueryValueA
RegSetValueExA
CryptReleaseContext
CryptCreateHash
RegOpenKeyExW
RegLoadKeyW
CryptGetHashParam
RegEnumKeyExA
LookupSecurityDescriptorPartsA
CryptEnumProviderTypesW

shell32

SHChangeNotify
ShellExecuteEx
SHFileOperationA
DragQueryFile
SheGetDirA
SHEmptyRecycleBinA
SHBrowseForFolderA
SHGetFileInfo
FreeIconList
ShellAboutA
ExtractAssociatedIconExA
FindExecutableW
ExtractIconExA
SheSetCurDrive
CheckEscapesW
SHAddToRecentDocs
ShellExecuteExW
DoEnvironmentSubstW
SHGetDataFromIDListA
SHFileOperationW
SHGetSpecialFolderPathW
SHBrowseForFolderW
SHQueryRecycleBinW
RealShellExecuteExW

kernel32

GetNamedPipeHandleStateA
HeapFree
LoadLibraryA
VirtualQuery
InterlockedExchange
OpenSemaphoreA
GetProcAddress
GetModuleHandleA
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
VirtualAlloc
QueryPerformanceCounter
GetCurrentProcess
GetCurrentThreadId
GetModuleFileNameA
GetTickCount
RtlUnwind
HeapReAlloc
ExitProcess
HeapAlloc

user32

SetWindowsHookExW
DialogBoxIndirectParamW
SetSysColors
CreateIconFromResource
EndPaint
CloseWindowStation
MapVirtualKeyW
DdeGetLastError
SwapMouseButton
MsgWaitForMultipleObjectsEx
LoadBitmapW
PostThreadMessageW
GetClassLongA
GetThreadDesktop
UnhookWinEvent
SendMessageA
GetMessagePos
ToAsciiEx

Sections

.text
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 263KB - Virtual size: 263KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2176cb36f5fef5a19dc167409e2b393b

Headers

File Characteristics

Imports

gdi32

wininet

advapi32

shell32

kernel32

user32

Sections

.text Size: 124KB - Virtual size: 123KB

.data Size: 263KB - Virtual size: 263KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 124KB - Virtual size: 123KB

.data
Size: 263KB - Virtual size: 263KB

.rsrc
Size: 11KB - Virtual size: 11KB