c7f0c64a91a0a23a80515dca7062565b

Sharing

Copy URL Twitter E-mail

General

Target

c7f0c64a91a0a23a80515dca7062565b
Size

247KB
MD5

c7f0c64a91a0a23a80515dca7062565b
SHA1

d5adba6bc18d843bf54e30805f9e9f285fe04544
SHA256

6a5f47744a9883df8149fef307f5c93635940dee6c0de93d5c8f3dfd4558fa3c
SHA512

ee5e614c67c3703f7d78710850e3742b07a8b27a5c23fcadb40e5b1312a760cebac0c0e1e419184b1197bf045b5eecf96db927bc2e5189a6abd4cc12bbdf8ed0
SSDEEP

3072:/0VC2gLy9ML+WhzIU4tNe157PwqLqn3Wi8mUUt+COaLH1DsG0SKW3WVJA7cw3/7m:JjErtNe/ss+GPmd+Na/Yy9v74R3bB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c7f0c64a91a0a23a80515dca7062565b

Files

c7f0c64a91a0a23a80515dca7062565b
.exe windows:4 windows x86 arch:x86

1fcd465dcde3a4b23d671101cf8d583f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetSystemMetrics
EnumWindows
PostMessageW
GetDesktopWindow
GetWindowThreadProcessId

rpcrt4

UuidToStringW
RpcStringFreeW
UuidCreate

oleaut32

VariantInit
SysStringLen
VarBstrCat
VariantClear
SysAllocStringLen
SysAllocString
SysStringByteLen
SysAllocStringByteLen
SysFreeString

psapi

GetModuleBaseNameW

ole32

StringFromGUID2
CoCreateInstance

kernel32

GetCurrentThreadId
HeapSize
FindResourceExW
WaitForSingleObject
CreateProcessW
LeaveCriticalSection
GetSystemTime
FileTimeToSystemTime
CreateIoCompletionPort
UnhandledExceptionFilter
FindResourceW
GlobalFree
IsDebuggerPresent
lstrlenA
HeapDestroy
WaitForMultipleObjects
LocalAlloc
WideCharToMultiByte
FormatMessageW
HeapFree
SetUnhandledExceptionFilter
EnterCriticalSection
RaiseException
SizeofResource
SystemTimeToFileTime
LoadLibraryExW
CloseHandle
GetQueuedCompletionStatus
WTSGetActiveConsoleSessionId
FreeLibrary
HeapReAlloc
GetComputerNameExW
CompareFileTime
LocalFree
LockResource
ExpandEnvironmentStringsW
HeapAlloc
GetSystemTimeAsFileTime
OpenProcess
lstrlenW
PostQueuedCompletionStatus
GetProcessHeap
DeleteCriticalSection
CreateFileW
LoadResource
VirtualAllocEx

esent

JetFreeBuffer
JetIntersectIndexes
JetDelete
JetEscrowUpdate
JetGrowDatabase
JetGetLogInfoInstance
JetGetInstanceInfo
JetGetCursorInfo
JetAttachDatabaseWithStreaming
JetSnapshotStart
JetGetLogInfoInstance2
JetMove

qedit

DllCanUnloadNow
DllRegisterServer

Sections

.XmgFYrO
Size: 2KB - Virtual size: 37KB

IMAGE_SCN_MEM_READ

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.uMxUx
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.BBAMT
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xJLvY
Size: 1024B - Virtual size: 826B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CouTKB
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 237KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.OSQZEz
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 208KB - Virtual size: 207KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.WAkML
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tXAQwW
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tNBKN
Size: 1024B - Virtual size: 514B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.FJjdss
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1fcd465dcde3a4b23d671101cf8d583f

Headers

DLL Characteristics

File Characteristics

Imports

user32

rpcrt4

oleaut32

psapi

ole32

kernel32

esent

qedit

Sections

.XmgFYrO Size: 2KB - Virtual size: 37KB

.text Size: 18KB - Virtual size: 18KB

.uMxUx Size: 1KB - Virtual size: 1KB

.BBAMT Size: 2KB - Virtual size: 2KB

.xJLvY Size: 1024B - Virtual size: 826B

.CouTKB Size: 3KB - Virtual size: 2KB

.data Size: 6KB - Virtual size: 237KB

.OSQZEz Size: 2KB - Virtual size: 1KB

.rdata Size: 208KB - Virtual size: 207KB

.WAkML Size: 2KB - Virtual size: 2KB

.tXAQwW Size: 2KB - Virtual size: 2KB

.tNBKN Size: 1024B - Virtual size: 514B

.rsrc Size: 1KB - Virtual size: 1KB

.FJjdss Size: 1KB - Virtual size: 1KB

.XmgFYrO
Size: 2KB - Virtual size: 37KB

.text
Size: 18KB - Virtual size: 18KB

.uMxUx
Size: 1KB - Virtual size: 1KB

.BBAMT
Size: 2KB - Virtual size: 2KB

.xJLvY
Size: 1024B - Virtual size: 826B

.CouTKB
Size: 3KB - Virtual size: 2KB

.data
Size: 6KB - Virtual size: 237KB

.OSQZEz
Size: 2KB - Virtual size: 1KB

.rdata
Size: 208KB - Virtual size: 207KB

.WAkML
Size: 2KB - Virtual size: 2KB

.tXAQwW
Size: 2KB - Virtual size: 2KB

.tNBKN
Size: 1024B - Virtual size: 514B

.rsrc
Size: 1KB - Virtual size: 1KB

.FJjdss
Size: 1KB - Virtual size: 1KB