c7ad961418b4405bc2555a22b1fc757b

Sharing

Copy URL Twitter E-mail

General

Target

c7ad961418b4405bc2555a22b1fc757b
Size

63KB
MD5

c7ad961418b4405bc2555a22b1fc757b
SHA1

dcf7570ebbb83de80633147e79cdd5da67324885
SHA256

b6198239ca3527ceb30e5d535f3d14039fbfccb3467fa2e50b7991dc7381f2ee
SHA512

0feb32d1ac9f96735312a4f0032190fa3558f77377ce26d14fa4ac7e2420bb55b553f6aa9b46f4df5b2ea8f12f83af5e67448d9da82504b6f6f78684f750b114
SSDEEP

1536:Mu/m+emByjkxAxLcAOhzNdwfGi9+w/FUYS1gE:M80Eyjk4jOp/wT/Z4g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c7ad961418b4405bc2555a22b1fc757b

Files

c7ad961418b4405bc2555a22b1fc757b
.dll windows:5 windows x86 arch:x86

a907efd001f75b3c35729be90d76cc6e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TerminateProcess
WaitForMultipleObjects
lstrlenW
CreatePipe
UnmapViewOfFile
GlobalUnlock
lstrcatA
SetEndOfFile
ReadFile
GlobalAlloc
SetFileAttributesA
CreateFileMappingA
GetCurrentProcessId
GetModuleHandleA
FindNextFileA
VirtualProtectEx
GetCurrentThread
MapViewOfFile
WaitForSingleObject
GetCurrentProcess
FindFirstFileA
VirtualQuery
GlobalLock
GetFileSize
CreateProcessA
FindClose
VirtualAlloc
VirtualUnlock
WritePrivateProfileStructA
GetProcAddress
CreateFileA
GetCurrentDirectoryA
CloseHandle
MulDiv
IsProcessorFeaturePresent
lstrcpynA
SetPriorityClass
LoadLibraryA
lstrcpyA
GetPriorityClass
SetFilePointer
VirtualQueryEx
SetThreadPriority
VirtualLock
WriteFile
DeleteFileA
WritePrivateProfileStringA
VirtualFree

user32

LoadBitmapA
DestroyCursor
SetMenuItemInfoA
GetClassInfoA
SetWindowLongA
EmptyClipboard
IsZoomed
GetCursorPos
LoadIconA
IsIconic
DestroyMenu
SetWindowPos
TrackPopupMenu
CheckMenuRadioItem
GetWindowTextA
KillTimer
GetActiveWindow
EnumClipboardFormats
GetClipboardData
InvalidateRect
IsWindowEnabled
wsprintfA
GetAsyncKeyState
LoadCursorA
CheckDlgButton
OpenClipboard
CallWindowProcA
CheckRadioButton
CloseClipboard
MoveWindow
EnableMenuItem
SetTimer
SetClipboardData
ShowWindow
CreatePopupMenu

fldrwcfg

_FExp
_Dscale
_Inf
_Tolower
_FDtest
_Snan
_Eps
_FDnorm
_LNan
_FRteps
_LExp
_Stod
_FXbig
_FCosh
_Sinh
_LDenorm
_FInf
_LDtest
_Stold
_FSnan
_Dtest
_Poly
_LSnan
_Hugeval
_Rteps
_LInf
_Denorm

gdi32

SetTextColor
DeleteObject
GetDeviceCaps

msvcrt

strchr
free
realloc
strncmp
malloc
div
toupper
strstr
gmtime

comctl32

ImageList_Remove
ImageList_ReplaceIcon

shell32

DragAcceptFiles
SHGetFileInfoA

advapi32

LookupPrivilegeValueA
RegCreateKeyExA
RegCloseKey
AdjustTokenPrivileges
OpenProcessToken

comdlg32

GetOpenFileNameA

imagehlp

BindImageEx

Exports

Exports

CreateProcessNotify
eudchost

Sections

.text
Size: 53KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a907efd001f75b3c35729be90d76cc6e

Headers

File Characteristics

Imports

kernel32

user32

fldrwcfg

gdi32

msvcrt

comctl32

shell32

advapi32

comdlg32

imagehlp

Exports

Exports

Sections

.text Size: 53KB - Virtual size: 56KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 3KB - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 53KB - Virtual size: 56KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB