c7373b7a62c88abcd51a1ff7aa0ad597

Sharing

Copy URL Twitter E-mail

General

Target

c7373b7a62c88abcd51a1ff7aa0ad597
Size

174KB
MD5

c7373b7a62c88abcd51a1ff7aa0ad597
SHA1

157cfd8464f85abe1fe915a595a326378e7cc06f
SHA256

14561f8b83904e7693e3eaefff4b1a4bbbc90312749c24dedaba1fc217912ec1
SHA512

2ccf94a22a18f40ef39f95a9083b2dd5343d229a9728fbb8bb3a191c0090a8776aababfd2c89a99b8ed04abcb7d37c116e665595a0835382bb997c854d86ea0d
SSDEEP

3072:W3eQbKB5Q0s+4996YdcjayHb8rfDh9NxHxAWWgujogm2uuCzJk7Qnr7ymv:W33bUQ0sX6KeHb8ldigHB9BOQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c7373b7a62c88abcd51a1ff7aa0ad597

Files

c7373b7a62c88abcd51a1ff7aa0ad597
.exe windows:4 windows x86 arch:x86

28bbb41b5ccbc50c0eea7d428dd6b1df

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA

kernel32

GlobalAlloc
GetShortPathNameW
WideCharToMultiByte
CreateFileMappingA
GetTickCount
GetProcessAffinityMask
WriteFile
SetFilePointer
Sleep
UnmapViewOfFile
LocalFree
GetFileSize
DisableThreadLibraryCalls
EnumResourceTypesW
ReadFile
GlobalFree
GetFileAttributesA
GlobalSize
LocalAlloc
CreateFileW
CreateFileA
MapViewOfFile
CloseHandle

version

GetFileVersionInfoSizeW
GetFileVersionInfoA
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeA
VerQueryValueA

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

winmm

timeGetTime
timeSetEvent

gdi32

GetDeviceCaps
DeleteObject
SelectPalette
SetStretchBltMode
DeleteDC
CreateFontA
CreateDIBitmap
GetDIBits
StretchDIBits
BitBlt
GetStockObject
CreateSolidBrush
CreateCompatibleBitmap
SelectObject
GetObjectA
RealizePalette
ExtEscape
CreateDIBSection
CreateCompatibleDC
SetBkMode

ole32

CoTaskMemAlloc
CoSetProxyBlanket
CreateItemMoniker
CreateBindCtx
StgOpenStorage
StgCreateDocfile
GetRunningObjectTable
CoUninitialize
StringFromGUID2
CoTaskMemRealloc
CoGetClassObject
CreateStreamOnHGlobal
CoCreateInstance
OleInitialize
OleLockRunning
CoInitialize
CoTaskMemFree
CLSIDFromProgID
StgIsStorageFile
CoInitializeSecurity
OleUninitialize
BindMoniker
CLSIDFromString

shlwapi

PathFileExistsW
PathCombineW

user32

IsChild
GetParent
CharNextA
wvsprintfA
LoadCursorA
GetDesktopWindow
GetDlgItem
RegisterClassExA
DestroyAcceleratorTable
InvalidateRgn
ShowWindow
CreateDialogParamA
wsprintfA
SendMessageTimeoutA
GetDC
KillTimer
CreateAcceleratorTableA
CreateWindowExA
IsWindow
ReleaseCapture
FindWindowA
BeginPaint
FillRect
GetWindowTextA
DestroyWindow
UnregisterClassA
DispatchMessageA
SendMessageA
GetFocus
PostMessageA
EqualRect
PostThreadMessageA
SetParent
EndPaint
RedrawWindow
GetWindowRect
GetSysColor
SetWindowLongA
SetWindowTextA
CallWindowProcA
GetClassNameA
GetQueueStatus
GetWindow
GetClientRect
DefWindowProcA
GetActiveWindow
GetWindowLongA
SetCapture
GetClassInfoExA
InvalidateRect
MoveWindow
DrawTextA
RegisterWindowMessageA
SetRect
GetWindowTextLengthA
CopyRect
SetTimer
SetFocus
MsgWaitForMultipleObjects
ReleaseDC
EnumDisplayDevicesA
PeekMessageA
SendNotifyMessageA
SetWindowPos

wininet

InternetReadFile
InternetOpenA
InternetOpenUrlA
InternetCloseHandle

gdiplus

GdipCreateBitmapFromFileICM
GdipAlloc
GdipDisposeImage
GdipFree
GdipGetImagePixelFormat
GdipCreateBitmapFromFile
GdipCloneImage

advapi32

RegQueryInfoKeyA
CryptEncrypt
RegSetValueExA
CryptReleaseContext
RegEnumKeyExA
RegDeleteValueA
RegQueryValueExA
RegOpenKeyExA
RegEnumValueA
CryptAcquireContextA
RegCloseKey
CryptDestroyKey
CryptGetHashParam
CryptHashData
CryptDestroyHash
RegCreateKeyExA
CryptCreateHash
CryptImportKey
RegDeleteKeyA

Sections

.text
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

28bbb41b5ccbc50c0eea7d428dd6b1df

Headers

File Characteristics

Imports

setupapi

kernel32

version

shell32

winmm

gdi32

ole32

shlwapi

user32

wininet

gdiplus

advapi32

Sections

.text Size: 103KB - Virtual size: 102KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 64KB - Virtual size: 64KB

.tls Size: 1024B - Virtual size: 244KB

.text
Size: 103KB - Virtual size: 102KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 64KB - Virtual size: 64KB

.tls
Size: 1024B - Virtual size: 244KB