b7fa8f9ac72861190cc157d89522a8b7

Sharing

Copy URL Twitter E-mail

General

Target

b7fa8f9ac72861190cc157d89522a8b7
Size

297KB
MD5

b7fa8f9ac72861190cc157d89522a8b7
SHA1

60decc43eca0e1d2ce0f125d3371fa23c220e10b
SHA256

34b01cea9693d4d39434c1dce5160ae21d45316a68c9c89235f15070edc3325e
SHA512

11d386e13dc988d7c1b4c1f5f28628a4df86ffff21d339ec84805e34bf7311808f278fe83b69c48d20f6ed3b6e564c9ed04597c2fef1c4fd4f84fc584e5fd9f7
SSDEEP

6144:Ialn3UP4qdIwvbDYaUOWx86NLM5yer87UTYLfTB4zmPyKar:bln3UP4qdFY/rfNL4z87UMfOzmKKar

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b7fa8f9ac72861190cc157d89522a8b7

Files

b7fa8f9ac72861190cc157d89522a8b7
.dll windows:4 windows x86 arch:x86

82385c6fb3b2699ea6dd614d238b4db7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wsock32

recv
send

mfc42

ord2859
ord1640
ord2405
ord755
ord2971
ord470
ord2379
ord1146
ord1168
ord3402
ord3711
ord6128
ord4299
ord2112
ord5148
ord3752
ord4694
ord2864
ord5440
ord6383
ord5450
ord6394
ord783
ord540
ord800
ord939
ord926
ord4129
ord2764
ord941
ord537
ord858
ord924
ord860
ord2086
ord6199
ord2818
ord1253
ord342
ord1182
ord5265
ord4376
ord4853
ord4998
ord2514
ord6052
ord1775
ord5280
ord4425
ord3597
ord2411
ord2023
ord4218
ord2578
ord4398
ord3582
ord2575
ord4396
ord3574
ord3719
ord793
ord609
ord616
ord656
ord2363
ord2301
ord2302
ord6334
ord4224
ord2642
ord3317
ord665
ord1979
ord6385
ord5186
ord354
ord798
ord1997
ord6648
ord2763
ord5465
ord5194
ord533
ord3610
ord2370
ord2582
ord4402
ord3370
ord3640
ord693
ord3996
ord6907
ord3286
ord6007
ord3998
ord5953
ord6663
ord692
ord6880
ord3092
ord922
ord5710
ord5572
ord2915
ord4202
ord5442
ord3318
ord6779
ord535
ord3097
ord5773
ord2289
ord6407
ord3803
ord3095
ord6646
ord2982
ord6111
ord5981
ord3874
ord2362
ord1771
ord6366
ord2413
ord2024
ord4219
ord2581
ord1641
ord3639
ord5951
ord4278
ord6874
ord3089
ord472
ord4133
ord4297
ord5788
ord2754
ord2567
ord2450
ord5875
ord1270
ord641
ord2513
ord293
ord3693
ord394
ord696
ord400
ord702
ord4191
ord915
ord5634
ord5628
ord3435
ord3441
ord4185
ord909
ord1949
ord3619
ord773
ord501
ord5600
ord3573
ord283
ord5789
ord2860
ord2776
ord5277
ord2452
ord1156
ord1126
ord826
ord4397
ord3352
ord4644
ord4217
ord2576
ord3577
ord4225
ord5263
ord4060
ord4123
ord3028
ord764
ord3797
ord824
ord324
ord4234
ord4710
ord6453
ord4204
ord2919
ord3754
ord3753
ord6403
ord3870
ord809
ord556
ord1088
ord2122
ord4160
ord6197
ord2714
ord5787
ord6358
ord3807
ord1176
ord4284
ord5053
ord1815
ord5759
ord6192
ord5756
ord6186
ord4330
ord6189
ord6172
ord5873
ord5794
ord5678
ord5736
ord5579
ord5571
ord6061
ord5864
ord6021
ord2124
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5290
ord4353
ord6374
ord5163
ord2385
ord5241
ord823
ord5785
ord2753
ord6215
ord4275
ord2414
ord825
ord567
ord323
ord818
ord640
ord3742
ord4424
ord4627
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord4401
ord3147
ord4407
ord1776
ord4078
ord6055
ord3663
ord3571
ord3626
ord2299
ord4774

msvcrt

_adjust_fdiv
malloc
_initterm
free
?terminate@@YAXXZ
_except_handler3
_onexit
__dllonexit
sprintf
isspace
isdigit
__CxxFrameHandler
_ultoa

kernel32

MulDiv
lstrcpyA
lstrcmpiA
GetCurrentThreadId
lstrcmpA
CreateDirectoryA
CreateFileA
_lcreat
Sleep
EnterCriticalSection
LeaveCriticalSection
GetTickCount
GetPrivateProfileStringA
DeleteCriticalSection
VirtualProtect
GetModuleHandleA
GetModuleFileNameA
InitializeCriticalSection
DeleteFileA
SetFilePointer
CloseHandle
OpenFile
ReadFile
GetVersion

user32

SetTimer
IsWindow
GetDlgItem
UpdateWindow
GetWindowRect
GetSysColor
CreateCursor
GetSystemMetrics
DestroyCursor
InflateRect
InvalidateRect
ScreenToClient
ClientToScreen
DefWindowProcA
ReleaseCapture
PtInRect
ReleaseDC
GetWindowDC
WindowFromPoint
OffsetRect
EndPaint
DrawFocusRect
SetRect
BeginPaint
FillRect
ShowWindow
CreateWindowExA
SetCapture
RegisterClassA
UnregisterClassA
DestroyWindow
SetWindowTextA
GetWindowLongA
GetClassNameA
GetWindow
GetTopWindow
GetCursorPos
GetCapture
WindowFromDC
SetWindowLongA
CallWindowProcA
IsWindowEnabled
GetScrollInfo
SetRectEmpty
DrawIconEx
LoadBitmapA
DrawFrameControl
IsZoomed
EndDeferWindowPos
DeferWindowPos
EqualRect
BeginDeferWindowPos
SetParent
RedrawWindow
IntersectRect
IsRectEmpty
EnableScrollBar
TabbedTextOutA
DrawTextA
GrayStringA
KillTimer
PostMessageA
GetActiveWindow
GetFocus
IsChild
GetWindowTextA
FindWindowExA
FindWindowA
SetFocus
GetForegroundWindow
CallNextHookEx
IsWindowVisible
SetWindowPos
SetWindowsHookExA
UnhookWindowsHookEx
wsprintfA
EnableWindow
GetParent
SendMessageA
CopyRect
ShowScrollBar
CloseWindow
LoadCursorA
SetCursor
GetClientRect
GetDC

gdi32

SetBitmapBits
SetTextColor
GetObjectA
Polygon
CreateSolidBrush
GetMapMode
PtVisible
RectVisible
Escape
GetCurrentObject
CreatePen
SetPixel
GetDeviceCaps
CreateFontIndirectA
DeleteObject
SelectObject
MoveToEx
LineTo
GetStockObject
Rectangle
SetBkColor
ExtTextOutA
GetPixel
SetBkMode
TextOutA
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
GetTextExtentPoint32A

Exports

Exports

SetHook

Sections

.text
Size: 201KB - Virtual size: 201KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

82385c6fb3b2699ea6dd614d238b4db7

Headers

File Characteristics

Imports

wsock32

mfc42

msvcrt

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 201KB - Virtual size: 201KB

.rdata Size: 32KB - Virtual size: 32KB

.data Size: 27KB - Virtual size: 50KB

.rsrc Size: 13KB - Virtual size: 12KB

.reloc Size: 22KB - Virtual size: 21KB

.text
Size: 201KB - Virtual size: 201KB

.rdata
Size: 32KB - Virtual size: 32KB

.data
Size: 27KB - Virtual size: 50KB

.rsrc
Size: 13KB - Virtual size: 12KB

.reloc
Size: 22KB - Virtual size: 21KB