b7d2ef3b6ef3bd07844563af162385f8

Sharing

Copy URL Twitter E-mail

General

Target

b7d2ef3b6ef3bd07844563af162385f8
Size

174KB
MD5

b7d2ef3b6ef3bd07844563af162385f8
SHA1

603c861641eac8098b70b0720f7c13d72473c5be
SHA256

08a42b65fdb8aecc399b248d4e69c79a2cf4394bbe06b382587259c26b5b004a
SHA512

3f3ae39fd9e85929e08dfac56e22e63aa20cf2bbcd000801b28ed2658cde7595ba82b2c73b4ac3683bda80ecae7c46317eda29332bb3d0166385d5a263340f43
SSDEEP

1536:PtMcRchAdBP1qo4IDKgKR/hZPO+kwfzSjviHnp7Y80Cp42Qdw:tcGeCDK7BQ6GjviHnp7Y80CpRQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b7d2ef3b6ef3bd07844563af162385f8

Files

b7d2ef3b6ef3bd07844563af162385f8
.exe windows:1 windows x86 arch:x86

2ab579534fb87f6aba40504683ea36f2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteValueW
FreeSid
GetTokenInformation
AdjustTokenPrivileges
RegCreateKeyExA
RegOpenKeyExW
RegQueryValueExW
SetSecurityDescriptorDacl
AdjustTokenPrivileges
OpenProcessToken
RegCloseKey
RegQueryValueExA
AddAccessAllowedAce
RegCreateKeyExW
AddAccessAllowedAce
AddAccessAllowedAce
RegCreateKeyExA
RegSetValueExW
RegOpenKeyW
GetLengthSid
AddAccessAllowedAce
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumValueW
CloseServiceHandle
RegCloseKey
RegCreateKeyExA
InitializeAcl
CloseServiceHandle
InitializeSecurityDescriptor
RegSetValueExW
RegEnumKeyExW
RegDeleteValueW
RegCloseKey
AddAccessAllowedAce
RegEnumValueW
AddAccessAllowedAce
RegEnumKeyExW
RegSetValueExA
RegEnumKeyExW
RegCreateKeyExA
InitializeAcl
RegCreateKeyExW
FreeSid
RegQueryValueExW
AllocateAndInitializeSid
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA
RegSetValueExA
RegDeleteKeyW
InitializeSecurityDescriptor
RegQueryInfoKeyW
RegSetValueExA
RegEnumKeyExW
RegQueryValueExW
InitializeSecurityDescriptor
RegSetValueExA
RegQueryInfoKeyW
GetTokenInformation
GetLengthSid
InitializeSecurityDescriptor
RegOpenKeyW
RegSetValueExA
OpenProcessToken
RegDeleteKeyW
RegQueryValueExW
RegCreateKeyExW
RegOpenKeyW
RegOpenKeyW
GetLengthSid
AllocateAndInitializeSid
RegDeleteValueW
RegOpenKeyExA
RegQueryValueExA

user32

IsIconic
InvalidateRect
GetCursorPos
GetMenu
ScreenToClient
LoadMenuW
DefWindowProcW
LoadAcceleratorsW
SetTimer
SendDlgItemMessageW
DispatchMessageA
IsWindowVisible
LoadMenuW
SystemParametersInfoW
GetMessageW
KillTimer
GetDesktopWindow
EndDialog
GetDesktopWindow
DestroyWindow
GetWindowLongW
LoadIconW
TranslateMessage
FillRect
EndDialog
MessageBoxA
SendMessageW
SystemParametersInfoW
GetClientRect
ReleaseCapture
IsDlgButtonChecked
PeekMessageW
CheckDlgButton
GetFocus
DispatchMessageW
LoadIconW

kernel32

GetLastError
GetCurrentProcessId
CloseHandle
UnhandledExceptionFilter
LoadLibraryW
LoadLibraryA
DeleteCriticalSection
VirtualFree
SetEvent
InitializeCriticalSection

Sections

Size: 148KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�vmp0
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

�reloc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2ab579534fb87f6aba40504683ea36f2

Headers

File Characteristics

Imports

advapi32

user32

kernel32

Sections

Size: 148KB - Virtual size: 160KB

Size: 3KB - Virtual size: 4KB

Size: 2KB - Virtual size: 4KB

�vmp0 Size: 5KB - Virtual size: 5KB

.rsrc Size: 1024B - Virtual size: 4KB

�reloc Size: 3KB - Virtual size: 4KB

�reloc Size: 3KB - Virtual size: 4KB

�reloc Size: 1024B - Virtual size: 4KB

�reloc Size: 2KB - Virtual size: 4KB

�reloc Size: 4KB - Virtual size: 4KB

�vmp0
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 1024B - Virtual size: 4KB

�reloc
Size: 3KB - Virtual size: 4KB

�reloc
Size: 3KB - Virtual size: 4KB

�reloc
Size: 1024B - Virtual size: 4KB

�reloc
Size: 2KB - Virtual size: 4KB

�reloc
Size: 4KB - Virtual size: 4KB