b7ef1006796a489760631c9e1841109a

General

Target

b7ef1006796a489760631c9e1841109a
Size

21KB
MD5

b7ef1006796a489760631c9e1841109a
SHA1

f70fe669cee5b1f5bb0f30049838fd82fe6d8b89
SHA256

c26c16ca10c6516f58f84d3124a54b28ce56f8d72e2558431909ad376ac0a266
SHA512

f33c0de072a3f0b93244eb83774eef43f84fcb4bf09470f89bcaa51d08f030d2044c762c89ca16c44d884eaa3a671aaab3e43bb55441955b261772dd01dc1cc5
SSDEEP

384:oxmyNooO7fZUhzwjeSLsUKTSRD4v4cuqXBnazTs1Yqs:am3oO8zmevm4vj3xaHsE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b7ef1006796a489760631c9e1841109a

Files

b7ef1006796a489760631c9e1841109a
.dll windows:4 windows x86 arch:x86

d3d0623eb307df8a048683d08f5aaff2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
OutputDebugStringA
Sleep
GetCurrentProcess
GetModuleHandleA
HeapAlloc
WideCharToMultiByte
GetPrivateProfileStringA
TerminateProcess
OpenProcess
GetFileAttributesW
ReadProcessMemory
VirtualQueryEx
DeleteFileA
GetTempPathA
LoadLibraryA
GetProcAddress
CreateFileA
SetFilePointer
ReadFile
CloseHandle
GetFileSize
GetModuleFileNameA
CreateThread

user32

wsprintfA
GetDC
GetWindowRect
GetWindow
GetClassNameW

wininet

InternetCloseHandle

msvcrt

_strupr
_strcmpi
free
strcpy
memset
malloc
strncpy
memcpy
_except_handler3
strrchr
strlen
strcat
_local_unwind2
strstr
_stricmp
fopen
strcmp
_vsnprintf
sprintf
??3@YAXPAX@Z
wcscmp
??2@YAPAXI@Z
ftell
fseek
mbstowcs
wcslen
wcsncat
wcscpy
wcsstr
exit
printf
rand

gdiplus

GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipSaveImageToFile
GdipDisposeImage
GdipGetImageEncodersSize
GdipGetImageEncoders

gdi32

DeleteObject
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d3d0623eb307df8a048683d08f5aaff2

Headers

File Characteristics

Imports

kernel32

user32

wininet

msvcrt

gdiplus

gdi32

Sections

.text Size: 15KB - Virtual size: 15KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 3KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 15KB - Virtual size: 15KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 3KB

.reloc
Size: 1KB - Virtual size: 1KB