7bb043f6deb7c8b176a83949043693ad8947846291ae6fc6a241e9595f461c38

Sharing

Copy URL

Twitter E-mail

General

Target

7bb043f6deb7c8b176a83949043693ad8947846291ae6fc6a241e9595f461c38
Size

1.3MB
MD5

4560506b90df2b630c213338d87987fa
SHA1

e2d5df7cac043138a4dd179939d8fdc35b691a03
SHA256

7bb043f6deb7c8b176a83949043693ad8947846291ae6fc6a241e9595f461c38
SHA512

db54332caafafb66b2dd9e2a5a9f9a56beda24631ff2f92d997a344b3fad72539788bd3b48727853a3e3b3b4560ae38446a2655bba8ceae6ce905f44ab4f55bc
SSDEEP

24576:GVja/P33jVBoe7/SM4hg1aea2grzBMXXuC1:GVja/JBhSMz1bmqH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7bb043f6deb7c8b176a83949043693ad8947846291ae6fc6a241e9595f461c38

Files

7bb043f6deb7c8b176a83949043693ad8947846291ae6fc6a241e9595f461c38
.exe windows:4 windows x86 arch:x86

8babb062ef768cebb24e3fa4ef76afcc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointer
ReadFile
CreateFileA
GetFileSize
GetLastError
WriteFile
MoveFileA
DeleteFileA
FlushFileBuffers
FindClose
FindNextFileA
GetProcessHeap
HeapFree
FindFirstFileA
VirtualAlloc
VirtualFree
GlobalMemoryStatus
TerminateThread
SetThreadPriority
LeaveCriticalSection
EnterCriticalSection
GetCurrentProcess
CreateThread
ResumeThread
SuspendThread
QueryPerformanceCounter
QueryPerformanceFrequency
InitializeCriticalSection
GetVolumeInformationA
GetCommandLineA
Sleep
WaitForMultipleObjects
ReleaseSemaphore
CreateSemaphoreA
GetVersionExA
GetSystemInfo
CreateEventA
WaitForSingleObject
ResetEvent
CloseHandle
DeleteCriticalSection
DuplicateHandle
GetCurrentThread
HeapAlloc
CompareStringW
SetStdHandle
CompareStringA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
SetEvent
UnhandledExceptionFilter
RtlUnwind
HeapSize
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
GetFileType
GetStdHandle
SetHandleCount
IsBadWritePtr
SetConsoleCtrlHandler
RaiseException
SetEndOfFile
GetStartupInfoA
GetModuleHandleA
HeapCreate
HeapDestroy
LoadLibraryA
SetEnvironmentVariableA
GetVersion
GetEnvironmentVariableA
GetOEMCP
GetACP
HeapReAlloc
GetModuleFileNameA
TerminateProcess
GetCPInfo
ExitProcess
GetProcAddress
WideCharToMultiByte

user32

ShowWindow
SetCursor
PostQuitMessage
CreateWindowExA
GetSystemMetrics
RegisterClassA
LoadCursorA
LoadIconA
UpdateWindow
PostMessageA
DispatchMessageA
TranslateMessage
GetMessageA
SendMessageA
DefMDIChildProcA
SetScrollPos
GetWindowRect
SetWindowWord
SetWindowPos
GetDC
ReleaseDC
SetScrollInfo
ShowScrollBar
EndPaint
DefWindowProcA
MessageBoxA
BeginPaint
GetWindowWord

gdi32

GetStockObject
SelectObject
TextOutA
GetTextMetricsA

winmm

timeKillEvent
timeGetTime
timeBeginPeriod
timeSetEvent
timeEndPeriod

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

ole32

StringFromGUID2

ddraw

DirectDrawCreateEx
DirectDrawEnumerateExA
DirectDrawCreate

dinput

DirectInputCreateA

dsound

ord1
ord2

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8babb062ef768cebb24e3fa4ef76afcc

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winmm

advapi32

ole32

ddraw

dinput

dsound

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 112KB - Virtual size: 1.1MB

.idata Size: 8KB - Virtual size: 4KB

.reloc Size: 68KB - Virtual size: 64KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 112KB - Virtual size: 1.1MB

.idata
Size: 8KB - Virtual size: 4KB

.reloc
Size: 68KB - Virtual size: 64KB