7eb1dc1719f0918828cc8349ee56ca5e6bbde7cada3bc67a11d7ff7f420c7871

Sharing

Copy URL

Twitter E-mail

General

Target

7eb1dc1719f0918828cc8349ee56ca5e6bbde7cada3bc67a11d7ff7f420c7871
Size

664KB
MD5

22cb7775c867ac98f7c4b1266e3534b4
SHA1

55b6a0512a9da7f7e854cb5155708e3f7fc34d7a
SHA256

7eb1dc1719f0918828cc8349ee56ca5e6bbde7cada3bc67a11d7ff7f420c7871
SHA512

ecff3ad385aecf6bf3ac1d3db27f1b139d1e42f10cde032f5d4ebb631982a6a925714c1d4853345c80c945ba34025910e406d9928d414f44a7a5e9e51aae7ca7
SSDEEP

12288:idd2uQY/YhcRH43kWgqd/3vlnyhm4b90kUr6eSAV5Lpn6L4ZV:irX+hcN9qd//s99UTtV556L4ZV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
7eb1dc1719f0918828cc8349ee56ca5e6bbde7cada3bc67a11d7ff7f420c7871

Files

7eb1dc1719f0918828cc8349ee56ca5e6bbde7cada3bc67a11d7ff7f420c7871
.exe windows:5 windows x86 arch:x86

330a62607dc728cb3596dbc4235ea785

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
SystemTimeToTzSpecificLocalTime
InterlockedIncrement
GetConsoleAliasA
GetModuleHandleExW
ConnectNamedPipe
GetTickCount
SetFileTime
TerminateThread
GetLocaleInfoW
SetSystemTimeAdjustment
GetFileAttributesA
GetTimeFormatW
SetTimeZoneInformation
GetAtomNameW
FindResourceW
RaiseException
SetLastError
GetProcAddress
OpenWaitableTimerA
LocalAlloc
SetConsoleOutputCP
GlobalFindAtomW
SetConsoleCursorInfo
GetModuleHandleA
LoadLibraryExA
FindAtomW
FileTimeToLocalFileTime
GetCurrentProcessId
CompareStringW
CompareStringA
lstrcatA
MapViewOfFile
GetModuleHandleW
Sleep
ExitProcess
GetStartupInfoW
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
GetLastError
HeapFree
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
InterlockedDecrement
GetCurrentThread
WriteFile
GetStdHandle
GetModuleFileNameA
DeleteCriticalSection
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
SetConsoleCtrlHandler
InterlockedExchange
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
VirtualAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
GetLocaleInfoA
WideCharToMultiByte
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetTimeZoneInformation
SetEnvironmentVariableA

user32

GetDesktopWindow

advapi32

RegCreateKeyW

Sections

.text
Size: 611KB - Virtual size: 610KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.demeca
Size: 512B - Virtual size: 377B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.new
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

330a62607dc728cb3596dbc4235ea785

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 611KB - Virtual size: 610KB

.data Size: 19KB - Virtual size: 176KB

.demeca Size: 512B - Virtual size: 377B

.tls Size: 512B - Virtual size: 9B

.new Size: 16KB - Virtual size: 16KB

.rsrc Size: 7KB - Virtual size: 71KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 611KB - Virtual size: 610KB

.data
Size: 19KB - Virtual size: 176KB

.demeca
Size: 512B - Virtual size: 377B

.tls
Size: 512B - Virtual size: 9B

.new
Size: 16KB - Virtual size: 16KB

.rsrc
Size: 7KB - Virtual size: 71KB

.reloc
Size: 8KB - Virtual size: 7KB