c7190eebdcf5e2c6b2205ad257cfeebb

Sharing

Copy URL Twitter E-mail

General

Target

c7190eebdcf5e2c6b2205ad257cfeebb
Size

360KB
MD5

c7190eebdcf5e2c6b2205ad257cfeebb
SHA1

339766fbb6693562d9dcb292cc4ef35ad7c3d1d3
SHA256

22e1c9a4d7f939761aa9c171e4828e5e015909dc0527d41eec720da23f3be3f7
SHA512

bd73a799d5c6042e6f4659cb90100052168b25c5c8cc909296bfa6a674da68aa3e0682fc286dd1ffb281b126bf3d512d7d46ca895322ad215cc2a33bb654af72
SSDEEP

6144:NpfYW3Lyshob/0G5QrgjUXF2JH0a2OAa8M5naq:gRsWbMeQ+uFNZOA+P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c7190eebdcf5e2c6b2205ad257cfeebb

Files

c7190eebdcf5e2c6b2205ad257cfeebb
.exe windows:4 windows x86 arch:x86

b09e5552a858bdfaff55169b2c77ad5c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
GetEnvironmentStrings
SetConsoleCtrlHandler
GetCurrentThreadId
GetConsoleOutputCP
ExitProcess
GetProcessHeap
HeapFree
TlsGetValue
LeaveCriticalSection
GetTimeFormatA
WideCharToMultiByte
GetCurrentThread
WaitNamedPipeA
GetConsoleMode
CompareStringA
SetEnvironmentVariableA
SetHandleCount
GetTimeZoneInformation
LCMapStringA
HeapCreate
ReadFile
SetStdHandle
LCMapStringW
GetStdHandle
OpenMutexA
VirtualQuery
CompareStringW
GetModuleHandleA
GetMailslotInfo
TlsAlloc
CloseHandle
GetVersionExA
TlsSetValue
CreateMutexA
WriteConsoleW
VirtualFree
IsValidLocale
FreeEnvironmentStringsA
IsDebuggerPresent
GetLocaleInfoW
EnumSystemLocalesA
IsValidCodePage
GetFileType
EnterCriticalSection
SetUnhandledExceptionFilter
GetOEMCP
GetCPInfo
SetLastError
FreeEnvironmentStringsW
VirtualAlloc
RtlUnwind
WriteFile
Sleep
WriteConsoleA
InterlockedExchange
GetStartupInfoA
GetModuleFileNameA
TlsFree
UnhandledExceptionFilter
GetTickCount
GetCurrentProcess
InitializeCriticalSection
MultiByteToWideChar
GetStringTypeW
HeapSize
CreateFileA
GetEnvironmentStringsW
HeapAlloc
GetCommandLineA
SetFilePointer
HeapReAlloc
InterlockedIncrement
DeleteCriticalSection
FlushFileBuffers
SetConsoleTextAttribute
GetUserDefaultLCID
InterlockedDecrement
QueryPerformanceCounter
GetLocaleInfoA
GetStringTypeA
HeapDestroy
GetConsoleCP
GetProcAddress
GetSystemTimeAsFileTime
TerminateProcess
FreeLibrary
GetCurrentProcessId
LoadLibraryA
GetLastError
GetDateFormatA

comctl32

InitCommonControlsEx

shell32

DoEnvironmentSubstW
RealShellExecuteW

wininet

InternetGetConnectedStateEx

advapi32

CryptSetProviderExW
LookupAccountSidA
LookupPrivilegeValueA
RegOpenKeyExW
RegQueryValueExA
RegEnumValueA
RegCloseKey
CryptSetProviderA
RegDeleteKeyA
CryptEnumProviderTypesA
LookupAccountSidW
CryptDecrypt
RegDeleteKeyW

user32

ValidateRgn
CharLowerBuffW
PackDDElParam
CreateCursor
DlgDirSelectComboBoxExA
GetCursorInfo
EnumDesktopsW
MessageBoxIndirectA
GetInputState
MsgWaitForMultipleObjects
ExitWindowsEx
EnumChildWindows
OpenIcon
SetClassLongA
RegisterClassExA
GetKeyNameTextA
GetDC
SetWindowRgn
RegisterClassA
GetComboBoxInfo
LoadBitmapW
GetProcessWindowStation
CountClipboardFormats
IsDlgButtonChecked
GetKeyNameTextW
EnumDisplaySettingsExW

comdlg32

GetOpenFileNameW

Sections

.text
Size: 190KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 150KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b09e5552a858bdfaff55169b2c77ad5c

Headers

File Characteristics

Imports

kernel32

comctl32

shell32

wininet

advapi32

user32

comdlg32

Sections

.text Size: 190KB - Virtual size: 190KB

.rdata Size: 10KB - Virtual size: 35KB

.data Size: 150KB - Virtual size: 149KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: 190KB - Virtual size: 190KB

.rdata
Size: 10KB - Virtual size: 35KB

.data
Size: 150KB - Virtual size: 149KB

.rsrc
Size: 9KB - Virtual size: 8KB