b7e59b34ca0ee61e90298dfb1f8e4ac9

Sharing

Copy URL Twitter E-mail

General

Target

b7e59b34ca0ee61e90298dfb1f8e4ac9
Size

552KB
MD5

b7e59b34ca0ee61e90298dfb1f8e4ac9
SHA1

2887d971465b5eef63f69317acf2aabf7a5bad13
SHA256

55e8a336e655a1d514375e4bb222bedf1d741261f8a77f2d3c05c868f36d7a66
SHA512

c92e366c9a9aab27034448020695337665b7221da23afd77942478dec6235b85ea79aa896ce3f3005b394298cf728b73577580989b574f3bde78e0ccd8deaa70
SSDEEP

12288:SEqm0EfRGbzcb03XLJFKERIXjao7wfdEh5SHomBh0zD94w:RRf0MbWNiwFE/G7Bh0d1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b7e59b34ca0ee61e90298dfb1f8e4ac9

Files

b7e59b34ca0ee61e90298dfb1f8e4ac9
.exe windows:4 windows x86 arch:x86

b719d986c01bb42403a541783b4d82ee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

kernel32

HeapCreate
GetCurrentProcess
SetLastError
TlsGetValue
DeleteCriticalSection
EnumSystemCodePagesW
VirtualQuery
SetHandleCount
FlushFileBuffers
GetStartupInfoA
HeapReAlloc
HeapSize
EnumSystemCodePagesA
GetSystemTimeAsFileTime
GetLocaleInfoW
GetTimeFormatA
UnhandledExceptionFilter
WideCharToMultiByte
SetStdHandle
FreeEnvironmentStringsA
HeapFree
LeaveCriticalSection
ExitProcess
CompareStringW
CreatePipe
GetCurrentProcessId
GetCurrentThread
FreeEnvironmentStringsW
GetDateFormatA
VirtualProtect
GetEnvironmentStringsW
GetTimeZoneInformation
GetOEMCP
GetStringTypeW
EnterCriticalSection
ReadFile
GetLocaleInfoA
LCMapStringW
WriteFile
SetEnvironmentVariableA
GetCommandLineW
TlsFree
GetVersionExA
CompareStringA
CloseHandle
InitializeCriticalSection
GetStdHandle
SetFilePointer
IsValidLocale
GetFileType
GetStringTypeExW
GetTickCount
GetEnvironmentStrings
LoadLibraryA
TerminateProcess
GetLastError
GetStringTypeA
LCMapStringA
OpenMutexA
GetUserDefaultLCID
InterlockedExchange
GetCPInfo
GetModuleFileNameW
RtlUnwind
GetStartupInfoW
GetModuleHandleA
OpenProcess
TlsSetValue
GetSystemInfo
GetCurrentThreadId
MultiByteToWideChar
GetCommandLineA
TlsAlloc
SystemTimeToFileTime
VirtualAlloc
IsValidCodePage
IsBadWritePtr
GetModuleFileNameA
HeapAlloc
EnumSystemLocalesA
GetNamedPipeInfo
VirtualFree
HeapDestroy
GetACP
GetProcAddress
CreateMutexA
SetConsoleTextAttribute
QueryPerformanceCounter

user32

DefDlgProcW
DeleteMenu
MenuItemFromPoint
IsCharLowerA
GetDialogBaseUnits
DrawMenuBar
ChildWindowFromPoint
AdjustWindowRectEx
RegisterClassA
RegisterClassExA
SetMenuDefaultItem
DdeNameService

Sections

.text
Size: 221KB - Virtual size: 221KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 317KB - Virtual size: 317KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b719d986c01bb42403a541783b4d82ee

Headers

File Characteristics

Imports

comctl32

kernel32

user32

Sections

.text Size: 221KB - Virtual size: 221KB

.rdata Size: 7KB - Virtual size: 22KB

.data Size: 317KB - Virtual size: 317KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 221KB - Virtual size: 221KB

.rdata
Size: 7KB - Virtual size: 22KB

.data
Size: 317KB - Virtual size: 317KB

.rsrc
Size: 5KB - Virtual size: 4KB