7f64245912edb9f6df02eff089bc12e608339777f1cb3ecb8ed5d699d9c5c3c6

Sharing

Copy URL

Twitter E-mail

General

Target

7f64245912edb9f6df02eff089bc12e608339777f1cb3ecb8ed5d699d9c5c3c6
Size

525KB
MD5

a267bbcc6f0cd0e2070888507f9e38e6
SHA1

a55a4d63a1c5633b07b14da7dc103f938ea1a9c3
SHA256

7f64245912edb9f6df02eff089bc12e608339777f1cb3ecb8ed5d699d9c5c3c6
SHA512

1ebf23a481d443fc768e5c461a367db5ac6f9a45706fe33de556d0c6e94ad2b0039661e25dd71cbbee7359c4204729b762ce8ed3a476bdb6a42249ddb1541b14
SSDEEP

12288:BAsOGbZD0m3GH7RTdOEVMW9/SCdLPwu0Nt4tYaY+WPwcw/:B1O4OHyuMI0NmK4qw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7f64245912edb9f6df02eff089bc12e608339777f1cb3ecb8ed5d699d9c5c3c6

Files

7f64245912edb9f6df02eff089bc12e608339777f1cb3ecb8ed5d699d9c5c3c6
.exe windows:4 windows x86 arch:x86

65db028b7ef9f42e0812222b66a87c0f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

cncs32

ord4
ord69
ord150
ord70
ord159
ord16
ord46
ord47
ord58
ord77
ord6
ord78
ord42
ord64
ord24
ord158
ord81
ord23
ord43
ord120
ord3
ord2
ord33
ord179
ord178
ord30
ord146
ord167
ord176
ord140
ord151
ord104
ord147
ord36
ord89
ord165
ord90
ord141
ord136
ord109
ord163
ord166
ord92
ord94
ord93
ord91
ord52
ord168
ord138
ord56
ord162
ord108
ord19
ord50
ord76
ord68
ord32
ord181
ord180
ord206
ord57
ord35
ord148
ord73
ord83
ord55
ord29
ord137
ord118
ord119
ord117
ord86
ord98
ord61
ord125
ord60
ord132
ord131
ord34
ord80
ord54
ord48
ord133
ord129
ord75
ord143
ord177
ord115
ord149
ord169
ord116
ord66
ord185
ord106
ord171
ord107
ord173
ord172
ord112
ord113
ord114
ord88
ord96
ord160
ord111
ord95
ord161
ord71
ord101
ord18
ord65
ord12

winmm

joyGetPos
timeGetTime

kernel32

GlobalUnlock
GlobalFree
GlobalLock
GlobalSize
GetProcAddress
GlobalReAlloc
FreeLibrary
SetErrorMode
LoadLibraryA
GetVersion
GlobalAddAtomA
GlobalDeleteAtom
CreateProcessA
GetExitCodeProcess
LocalFree
GetPrivateProfileIntA
GlobalAlloc
lstrcpy
lstrcmp
lstrcat
lstrlen
GetModuleFileNameA
_hread
FindResourceA
SizeofResource
LoadResource
LockResource
FreeResource
GetTickCount
_llseek
_lread
_lcreat
_lopen
_lclose
LocalAlloc
GetTempPathA
GetTempFileNameA
_lwrite
lstrcpyA
lstrlenA
SetHandleCount
GetEnvironmentStringsW
GetFileType
GetEnvironmentStrings
FreeEnvironmentStringsA
FreeEnvironmentStringsW
RtlUnwind
VirtualAlloc
UnhandledExceptionFilter
HeapCreate
HeapDestroy
VirtualFree
WideCharToMultiByte
LCMapStringA
LCMapStringW
GetCurrentProcess
TerminateProcess
MultiByteToWideChar
GetOEMCP
GetACP
ExitProcess
GetCommandLineA
GetStartupInfoA
GetCPInfo
HeapFree
HeapAlloc
GetModuleHandleA
SetCurrentDirectoryA
GetCurrentDirectoryA
HeapReAlloc
DeleteFileA
GetLastError
SetEnvironmentVariableA
WriteFile
GetStringTypeA
GetStdHandle
GetStringTypeW

user32

RegisterClassA
RegisterClassExA
LoadImageA
PostQuitMessage
LoadIconA
GetClassNameA
GetTopWindow
SetCapture
GetCursorPos
SetCursorPos
ReleaseCapture
ShowCursor
GetFocus
GetPropA
SetPropA
CallWindowProcA
RemovePropA
GetSystemMetrics
IntersectRect
RedrawWindow
GetDesktopWindow
GetUpdateRect
CheckRadioButton
GetActiveWindow
IsWindowVisible
GetWindowRect
IsZoomed
SetWindowPos
GetClientRect
GetWindowLongA
SetWindowLongA
UpdateWindow
LoadMenuIndirectA
LoadMenuA
GetSubMenu
InvalidateRect
ShowWindow
DestroyMenu
GetMenu
wsprintfA
SetWindowTextA
GetMenuItemCount
GetMenuState
DeleteMenu
IsDlgButtonChecked
IsIconic
FillRect
SetMenu
PostMessageA
CheckMenuItem
EnableMenuItem
GetWindow
GetKeyState
SendMessageA
BeginPaint
SetForegroundWindow
WinHelpA
PtInRect
EndPaint
ClientToScreen
ReleaseDC
GetDC
ScreenToClient
SetTimer
GetDlgItem
MapVirtualKeyA
SendDlgItemMessageA
SetDlgItemTextA
KillTimer
LoadStringA
GetDlgItemTextA
EndDialog
OffsetRect
MessageBoxA
CopyRect
SetFocus
GetInputState
PeekMessageA
EnumThreadWindows
GetDlgCtrlID
GetAsyncKeyState

gdi32

GetStockObject
DeleteObject
CreateSolidBrush
CreatePalette
SelectObject
LineTo
MoveToEx
Rectangle
CreateHatchBrush
CreatePen
StretchDIBits
SelectPalette
RealizePalette
CreateFontIndirectA
GetObjectA
GetTextExtentPointA
GetSystemPaletteEntries
GetDeviceCaps

advapi32

RegQueryValueA
RegOpenKeyA
RegCloseKey

Sections

.text
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

TEXT_1
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 915B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

65db028b7ef9f42e0812222b66a87c0f

Headers

File Characteristics

Imports

cncs32

winmm

kernel32

user32

gdi32

advapi32

Sections

.text Size: 91KB - Virtual size: 91KB

TEXT_1 Size: 42KB - Virtual size: 41KB

.rdata Size: 1024B - Virtual size: 915B

.data Size: 13KB - Virtual size: 18KB

.idata Size: 5KB - Virtual size: 5KB

.rsrc Size: 56KB - Virtual size: 55KB

.reloc Size: 13KB - Virtual size: 13KB

.text
Size: 91KB - Virtual size: 91KB

TEXT_1
Size: 42KB - Virtual size: 41KB

.rdata
Size: 1024B - Virtual size: 915B

.data
Size: 13KB - Virtual size: 18KB

.idata
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 56KB - Virtual size: 55KB

.reloc
Size: 13KB - Virtual size: 13KB