7903cf0e209b7de832b8a42420b8067b7a4b43623ba2a1ac9e9bf4f98e4eb07f

Sharing

Copy URL Twitter E-mail

General

Target

7903cf0e209b7de832b8a42420b8067b7a4b43623ba2a1ac9e9bf4f98e4eb07f
Size

1.7MB
MD5

c19e4b9ae505518db0cac983a9624640
SHA1

a71f1a650fd8c62a58d0e87fc2e08674263bd0b8
SHA256

7903cf0e209b7de832b8a42420b8067b7a4b43623ba2a1ac9e9bf4f98e4eb07f
SHA512

07a36e7cdd12acf2b4a79f6b2606a65294539719411763d9c60033fb7850e6140bc5f2c9d5b30b14db808d46addfc2ce33c434310b99d6a13b313162410b3d98
SSDEEP

49152:/xrC7ZA4LenhJeW0K0IAWWWWWWWWWWWWWWWWWWWWWWWWJWWWWWWWWWBNcIbCOazd:c1UnhJeW0mAWWWWWWWWWWWWWWWWWWWWZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7903cf0e209b7de832b8a42420b8067b7a4b43623ba2a1ac9e9bf4f98e4eb07f

Files

7903cf0e209b7de832b8a42420b8067b7a4b43623ba2a1ac9e9bf4f98e4eb07f
.exe windows:5 windows x86 arch:x86

e7f78dce59d439046787927463eeff03

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempPathA
GetDiskFreeSpaceA
GetFileAttributesA
OutputDebugStringW
FlushViewOfFile
CreateFileA
LoadLibraryA
WaitForSingleObjectEx
GetVersionExA
DeleteFileA
HeapCompact
UnlockFile
CreateFileMappingA
LockFileEx
SystemTimeToFileTime
GetSystemTimeAsFileTime
GetSystemTime
FormatMessageA
CreateFileMappingW
MapViewOfFile
QueryPerformanceCounter
FlushFileBuffers
GetLocalTime
AllocConsole
GetStdHandle
GetCommandLineW
CreateEventA
ReleaseSemaphore
SetThreadPriority
GetFullPathNameA
SetFilePointer
InitializeCriticalSection
LockFile
OutputDebugStringA
GetDiskFreeSpaceW
InterlockedCompareExchange
GetFullPathNameW
HeapCreate
TryEnterCriticalSection
AreFileApisANSI
CreateMutexW
ReleaseMutex
SetUnhandledExceptionFilter
SetLastError
LeaveCriticalSection
EnterCriticalSection
FormatMessageW
GetCurrentThreadId
GetSystemInfo
GetVersionExW
HeapSize
HeapReAlloc
HeapDestroy
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
DecodePointer
RaiseException
WideCharToMultiByte
MultiByteToWideChar
GetSystemDirectoryW
GetTickCount
Sleep
TerminateProcess
GetModuleHandleW
HeapFree
GetProcessHeap
HeapAlloc
LocalFree
GlobalFree
GlobalAlloc
GetLastError
OpenProcess
GetExitCodeProcess
WaitForSingleObject
CreateDirectoryW
GetCurrentProcessId
GetModuleFileNameW
HeapValidate
GetFileAttributesExW
ReadFile
GetFileSize
CloseHandle
WriteFile
CreateFileW
GetTempPathW
MoveFileExW
SetFilePointerEx
ReadConsoleW
SetStdHandle
DeleteFileW
GetFileAttributesW
FindClose
FindNextFileW
GetCurrentProcess
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExW
CreateProcessA
WriteConsoleW
GetTimeZoneInformation
GetConsoleMode
GetConsoleCP
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
LoadLibraryExW
RtlUnwind
InitializeSListHead
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
UnhandledExceptionFilter
ResetEvent
SetEvent
GetCPInfo
GetStringTypeW
LCMapStringW
CompareStringW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
CreateEventW
EncodePointer
DosDateTimeToFileTime
DuplicateHandle
GetFileType
GlobalUnlock
GlobalLock
InterlockedDecrement
CreateSemaphoreA
InterlockedIncrement
MulDiv
FindResourceW
SizeofResource
LoadResource
ExitProcess
LockResource
FreeResource
GetACP
VerifyVersionInfoW
VerSetConditionMask
DeviceIoControl
SetFileTime
GetFileTime
GetCurrentDirectoryW
GetProcAddress
LoadLibraryW
UnmapViewOfFile
UnlockFileEx
SetEndOfFile
FreeLibrary

user32

KillTimer
MessageBoxW
SetTimer
GetMonitorInfoW
MonitorFromWindow
WindowFromPoint
PostQuitMessage
FindWindowW
SendMessageW
GetWindowTextW
IntersectRect
CharNextW
wsprintfW
GetKeyState
LoadIconW
InvalidateRgn
CreateAcceleratorTableW
MoveWindow
GetWindowTextLengthW
SetWindowTextW
GetSysColor
ClientToScreen
GetCaretPos
SetCaretPos
ShowCaret
HideCaret
CreateCaret
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
GetDesktopWindow
SetRect
FillRect
DrawTextW
PostMessageW
SetWindowPos
SetWindowLongW
GetWindowLongW
SetForegroundWindow
GetForegroundWindow
GetWindowRgn
GetCursorPos
MapWindowPoints
GetMessageW
TranslateMessage
DispatchMessageW
CreateWindowExW
IsWindow
DestroyWindow
UpdateLayeredWindow
IsZoomed
SetFocus
GetFocus
SetCapture
ReleaseCapture
GetDC
ReleaseDC
BeginPaint
EndPaint
GetUpdateRect
InvalidateRect
GetClientRect
GetWindowRect
ScreenToClient
SetWindowRgn
UnionRect
IsRectEmpty
PtInRect
GetParent
GetWindow
PeekMessageW
DefWindowProcW
CallWindowProcW
RegisterClassW
RegisterClassExW
GetClassInfoExW
ShowWindow
MsgWaitForMultipleObjects
EnableWindow
SetPropW
GetPropW
LoadCursorW
SetCursor
InflateRect
OffsetRect
IsIconic
CharPrevW

comdlg32

GetSaveFileNameW

advapi32

OpenSCManagerW
ControlService
DeleteService
OpenProcessToken
GetTokenInformation
RegOpenKeyExW
RegCloseKey
RegQueryValueExW
RegSetValueExW
OpenServiceW
CloseServiceHandle
QueryServiceStatusEx
CreateServiceW
StartServiceW

shell32

CommandLineToArgvW
Shell_NotifyIconW
ShellExecuteExW

ole32

CLSIDFromProgID
CLSIDFromString
CreateStreamOnHGlobal
RevokeDragDrop
RegisterDragDrop
CoCreateInstance
OleLockRunning

psapi

EnumProcesses
GetModuleFileNameExW
GetProcessImageFileNameW

shlwapi

PathFileExistsW
SHGetValueW
PathRemoveFileSpecW
SHDeleteValueW
SHSetValueW
ord219

gdiplus

GdipDeleteGraphics
GdipDrawImageRectI
GdiplusStartup
GdiplusShutdown
GdipCloneBrush
GdipDeleteBrush
GdipCreateFromHDC
GdipSetTextRenderingHint
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipDeleteFont
GdipDrawString
GdipCreateStringFormat
GdipCreateLineBrushI
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipDisposeImage
GdipCloneImage
GdipDeleteStringFormat
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipCreatePath
GdipFree
GdipAddPathLineI
GdipAddPathArcI
GdipCreateSolidFill
GdipCreatePen1
GdipDeletePen
GdipSetPenMode
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipSetCompositingMode
GdipSetCompositingQuality
GdipSetSmoothingMode
GdipSetPixelOffsetMode
GdipSetInterpolationMode
GdipDrawRectangleI
GdipDrawPath
GdipFillRectangleI
GdipDrawImageRectRect
GdipDeleteFontFamily
GdipGetGenericFontFamilySansSerif
GdipCreateFont
GdipMeasureString
GdipStringFormatGetGenericTypographic
GdipCloneStringFormat
GdipSetStringFormatFlags
GdipSetStringFormatTrimming
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipImageGetFrameDimensionsCount
GdipDeletePath
GdipAlloc
GdipDrawArcI
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipCreateFontFamilyFromName

imm32

ImmReleaseContext
ImmGetContext
ImmSetCompositionWindow

winmm

timeEndPeriod
timeKillEvent
timeSetEvent

comctl32

_TrackMouseEvent
ord17

gdi32

DeleteObject
DeleteDC
CreatePen
GetStockObject
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
Rectangle
RestoreDC
SaveDC
SelectObject
GetTextMetricsW
CreateDIBSection
SetWindowOrgEx
GetObjectW
CreateFontIndirectW
CreateRoundRectRgn
CreateDCW
GetDIBits
GetObjectA
GetDeviceCaps
CreateRectRgn
PtInRegion
CombineRgn
CreatePenIndirect
CreateRectRgnIndirect
CreateSolidBrush
GetCharABCWidthsW
GetClipBox
GetTextExtentPoint32W
LineTo
SelectClipRgn
ExtSelectClipRgn
SetBkColor
SetBkMode
StretchBlt
SetStretchBltMode
SetTextColor
MoveToEx
TextOutW

oleaut32

SysAllocString
VariantClear
VariantInit
SysFreeString

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 183KB - Virtual size: 183KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 376B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 239KB - Virtual size: 238KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 123KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e7f78dce59d439046787927463eeff03

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

shell32

ole32

psapi

shlwapi

gdiplus

imm32

winmm

comctl32

gdi32

oleaut32

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 183KB - Virtual size: 183KB

.data Size: 12KB - Virtual size: 22KB

.gfids Size: 512B - Virtual size: 376B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 239KB - Virtual size: 238KB

.reloc Size: 123KB - Virtual size: 124KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 183KB - Virtual size: 183KB

.data
Size: 12KB - Virtual size: 22KB

.gfids
Size: 512B - Virtual size: 376B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 239KB - Virtual size: 238KB

.reloc
Size: 123KB - Virtual size: 124KB