c7480406ad531eec2da657bf414b755a

Sharing

Copy URL

Twitter E-mail

General

Target

c7480406ad531eec2da657bf414b755a
Size

128KB
MD5

c7480406ad531eec2da657bf414b755a
SHA1

363bda38029ec5143845922d3f244172b31173f8
SHA256

4f90dc3c438cd7cb3293aa0641c23906fb3e2b64fd92b9be2ec48a5f546858a8
SHA512

eedefa66695a414b50de82ac24e927db1eeea49c39d3e608444b3d91b4de58280578c9e1462329d9f0add38ff70d9d14ef4f359739f9c447bb13b51f45c66542
SSDEEP

3072:0aAtU91U1Z8Abx0Jew2ymXHbnnrwbngPZbTD05nG2xn0doo+0bU:tAtE1U1LbxUmXHbrwbn95GIC7I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c7480406ad531eec2da657bf414b755a

Files

c7480406ad531eec2da657bf414b755a
.exe windows:5 windows x86 arch:x86

1c3a3a9a46bce33c9cab43b8eeb55d68

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msdart

?IsWin98@CMdVersionInfo@@SAHXZ
?IsEmpty@CDoubleList@@QBE_NXZ
?CreateHolder@@YGJPAUIGPDispenser@@HIPAPAUIGPHolder@@@Z
??0CSingleList@@QAE@XZ
?ReleaseVersionInfo@CMdVersionInfo@@SAXXZ
?ReadUnlock@CLKRLinearHashTable@@QBEXXZ
?SetDefaultSpinCount@CReaderWriterLock@@SGXG@Z
?SetBucketLockSpinCount@CLKRHashTable@@QAEXG@Z
??0CFakeLock@@QAE@XZ
?GetDefaultSpinCount@CFakeLock@@SGGXZ
UMSEnterCSWraper
?Unlock@CLockedDoubleList@@QAEXXZ
?TryWriteLock@CCritSec@@QAE_NXZ
??1CReaderWriterLock2@@QAE@XZ
?_CurrentThreadId@CSpinLock@@CGJXZ
?MaxSize@CLKRLinearHashTable@@QBEKXZ
?TryWriteLock@CReaderWriterLock@@QAE_NXZ
?WriteLock@CSmallSpinLock@@QAEXXZ
?sm_llGlobalList@CLKRHashTable@@0VCLockedDoubleList@@A
??1CLKRHashTable@@QAE@XZ
?SetSpinCount@CCritSec@@SGKPAPAVCCriticalSection@@K@Z
?SetDefaultSpinCount@CReaderWriterLock3@@SGXG@Z
mpRealloc
?WriteUnlock@CCritSec@@QAEXXZ
?SetDefaultSpinAdjustmentFactor@CReaderWriterLock3@@SGXN@Z
?RemoveTail@CDoubleList@@QAEQAVCListEntry@@XZ
?SetSpinCount@CReaderWriterLock3@@QAE_NG@Z

msvfw32

ICSeqCompressFrame
DrawDibBegin
GetOpenFileNamePreviewW
DrawDibClose
DrawDibProfileDisplay
ICGetInfo
ICSeqCompressFrameStart
DrawDibOpen
ICImageDecompress
GetSaveFileNamePreviewA
DrawDibRealize
DrawDibTime
ICDecompress
VideoForWindowsVersion
ICOpen
StretchDIB
GetSaveFileNamePreviewW
ICCompressorChoose
ICGetDisplayFormat
GetOpenFileNamePreviewA
DrawDibStop
DrawDibDraw
ICMThunk32
ICInstall
DrawDibChangePalette
GetOpenFileNamePreview
ICRemove
MCIWndCreate
MCIWndRegisterClass
DrawDibEnd
ICSendMessage
ICOpenFunction
ICSeqCompressFrameEnd
ICLocate
ICImageCompress

user32

BroadcastSystemMessage
GetMenuItemRect
SetSystemCursor
DialogBoxIndirectParamW
LockSetForegroundWindow
InsertMenuA
IMPSetIMEW
CharUpperA
IsDlgButtonChecked
CharNextW
UnionRect
MonitorFromRect
GetSysColor
GetMenuContextHelpId
CreateDialogIndirectParamA
MessageBoxIndirectW
EnumDisplaySettingsExW
CreateCaret
GetKeyboardLayoutNameW
CharLowerA
SetRectEmpty
VkKeyScanExW
EnumPropsW
ShowCaret
UpdateLayeredWindow
UnregisterMessagePumpHook
GetWindowTextA
RegisterWindowMessageW
GetWindowLongA
GrayStringW
GetWindowTextLengthW
DdeUninitialize
GetWindow
SetActiveWindow
SetDebugErrorLevel
OemToCharW
SetWindowsHookExW
TileChildWindows
GetSystemMenu
InsertMenuItemW
BlockInput
DlgDirSelectComboBoxExW
EmptyClipboard
SendDlgItemMessageW
GetSubMenu
DeferWindowPos
PeekMessageW
DispatchMessageW
SetWindowsHookW
GetCursor
SetSystemMenu
CharToOemBuffA
GetLastInputInfo
IsDialogMessage
SetMenuDefaultItem
GetMenuItemCount
InvertRect
SetUserObjectInformationW
GetWindowModuleFileNameW
DialogBoxIndirectParamAorW
DdeDisconnect
GetAncestor

mswsock

WSPStartup
EnumProtocolsA
NPLoadNameSpaces
s_perror
GetTypeByNameW
GetServiceW
WSARecvEx
SetServiceA
MigrateWinsockConfiguration
GetNameByTypeW
NSPStartup
EnumProtocolsW
GetNameByTypeA
GetAddressByNameA
StopWsdpService
GetServiceA
StartWsdpService
SetServiceW
AcceptEx
TransmitFile
GetAcceptExSockaddrs
GetTypeByNameA
GetAddressByNameW
dn_expand

kernel32

GetProcessIoCounters
OutputDebugStringA
Heap32ListNext
TransactNamedPipe
DeleteVolumeMountPointW
GetSystemDefaultLangID
RegisterConsoleOS2
AreFileApisANSI
OpenSemaphoreW
GetTickCount
GetConsoleAliasExesW
SetLastError
GetCommandLineW
SetMessageWaitingIndicator
CloseProfileUserMapping
ReplaceFile
ClearCommBreak
WaitCommEvent
SetInformationJobObject
UTUnRegister
GetVersionExA
Module32NextW
GetEnvironmentStrings
GetAtomNameA
ReadFileEx
WriteFileEx
GetVolumePathNameW
LoadLibraryA
SetConsoleTitleW
IsBadWritePtr
VirtualAlloc
GetLocaleInfoW
GetPriorityClass
GetConsoleNlsMode
LocalAlloc
GetNumaAvailableMemoryNode

Sections

.text
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1c3a3a9a46bce33c9cab43b8eeb55d68

Headers

DLL Characteristics

File Characteristics

Imports

msdart

msvfw32

user32

mswsock

kernel32

Sections

.text Size: 66KB - Virtual size: 66KB

.rdata Size: 43KB - Virtual size: 43KB

.data Size: 15KB - Virtual size: 68KB

.rsrc Size: 1024B - Virtual size: 1024B

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 66KB - Virtual size: 66KB

.rdata
Size: 43KB - Virtual size: 43KB

.data
Size: 15KB - Virtual size: 68KB

.rsrc
Size: 1024B - Virtual size: 1024B

.reloc
Size: 1024B - Virtual size: 1024B