7b1d50073e6d3631267f2bbb986fb1faffddc5fc72d6bc23e10b5920a6f365b4

Sharing

Copy URL Twitter E-mail

General

Target

7b1d50073e6d3631267f2bbb986fb1faffddc5fc72d6bc23e10b5920a6f365b4
Size

1.3MB
MD5

f36aed816d9027cee4ce53e22f027616
SHA1

355cc355b00e3946bdc318af2f844e8e5fceef05
SHA256

7b1d50073e6d3631267f2bbb986fb1faffddc5fc72d6bc23e10b5920a6f365b4
SHA512

bba87352556dc4cdd9ec0b64892b77b6444f8a83f8cf93ac31346882be1d82d40a7465cb5d1de9c2f19b7d2c0aa5830f991448eb8a656fc53cde9f227f293ee2
SSDEEP

24576:eQVYwbydnCL4SzKTGZkMFvpjoyAGn0VtSOCMwfIVSbIMNf1G9Q/k//Ioz3q:phL4SKVQBobGn0u15ICb1Ga+76

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7b1d50073e6d3631267f2bbb986fb1faffddc5fc72d6bc23e10b5920a6f365b4

Files

7b1d50073e6d3631267f2bbb986fb1faffddc5fc72d6bc23e10b5920a6f365b4
.exe windows:5 windows x86 arch:x86

06a3db3c1809b75972f282077013401d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoInitialize
CoCreateInstance

user32

LoadIconW
TranslateMessage
MessageBoxW
SetWindowTextW
EnableWindow
GetDlgItemTextW
SetDlgItemTextW
GetDlgItem
IsDialogMessageW
DispatchMessageW
PeekMessageW
ExitWindowsEx
SendMessageW
DestroyWindow
ShowWindow
CreateDialogParamW
GetMessageW

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenProcessToken
RegSetValueExW

shell32

SHGetPathFromIDListW
SHGetFolderPathW
SHBrowseForFolderW

kernel32

RtlUnwind
TerminateProcess
GetStartupInfoW
Sleep
UnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
ExitProcess
FreeLibrary
GetModuleHandleExW
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
LoadLibraryExW
GetModuleHandleW
GetVersion
IsProcessorFeaturePresent
GetCommandLineW
CreateDirectoryW
DeleteFileW
GetFileAttributesW
SetFileAttributesW
SetFileTime
GetLastError
GetCurrentProcess
GetSystemDirectoryW
GetModuleFileNameW
GetProcAddress
LoadLibraryW
LocalFree
FormatMessageW
lstrcpyW
lstrcatW
lstrlenW
MoveFileExW
CreateFileW
ReadFile
SetFilePointer
WriteFile
CloseHandle

msvcrt

_initterm
__p__commode
_errno
_XcptFilter
__set_app_type
__getmainargs
_ismbblead
malloc
free
?_set_new_mode@@YAHH@Z
_msize
_control87
?terminate@@YAXXZ
realloc
_amsg_exit
memset
memcpy
memmove
memcmp
__CxxFrameHandler
_fmode
_acmdln

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 331KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

06a3db3c1809b75972f282077013401d

Headers

DLL Characteristics

File Characteristics

Imports

ole32

user32

advapi32

shell32

kernel32

msvcrt

Sections

.text Size: 35KB - Virtual size: 34KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 331KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 35KB - Virtual size: 34KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 331KB

.rsrc
Size: 4KB - Virtual size: 3KB