7610594981fe0f66543dc211f740d84449e2982d67d2657ba045732a89ee4101

Sharing

Copy URL Twitter E-mail

General

Target

7610594981fe0f66543dc211f740d84449e2982d67d2657ba045732a89ee4101
Size

500KB
MD5

38ed8dfa5a7ed8290295835984c7dc4d
SHA1

d5418050fbb344005cf1ff23e3d765c23b3e244a
SHA256

7610594981fe0f66543dc211f740d84449e2982d67d2657ba045732a89ee4101
SHA512

46a2ae6fedf310a5e7ca18ef0d604dcbcae2f5b9e9037ee56438c4502aa136b8d2289c82cfa0fbd1299413ea9d805348dae5845e1ec3e22187ea7b5d203d6d08
SSDEEP

12288:3sGGQchJN0UcV8Zfawc1Qz17vjAKXuDPKN6:3sGV2P0VV87cc17vjA7PK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7610594981fe0f66543dc211f740d84449e2982d67d2657ba045732a89ee4101

Files

7610594981fe0f66543dc211f740d84449e2982d67d2657ba045732a89ee4101
.exe windows:4 windows x86 arch:x86

7dac5212c7bebdb78b98011d98f065b6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
lstrcmpiA
ReleaseMutex
WritePrivateProfileStructA
GetPrivateProfileStructA
WritePrivateProfileStringA
GetModuleFileNameA
GetCurrentThreadId
GetLocalTime
GetPrivateProfileStringA
GetPrivateProfileIntA
FindClose
GetUserDefaultLCID
QueryPerformanceFrequency
CreateFileA
GetFileInformationByHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
CreateMutexA
GetLastError
FindNextFileA
GetEnvironmentVariableA
SetEndOfFile
IsBadCodePtr
IsBadReadPtr
FlushFileBuffers
SetStdHandle
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
WriteFile
LCMapStringW
LCMapStringA
MultiByteToWideChar
WideCharToMultiByte
SetUnhandledExceptionFilter
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
GetOEMCP
GetACP
GetCPInfo
SetFilePointer
GetFileType
GetStdHandle
SetHandleCount
ReadFile
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
CloseHandle
HeapSize
HeapReAlloc
GetCurrentProcess
TerminateProcess
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
InterlockedIncrement
InterlockedDecrement
GetSystemTime
GetTimeZoneInformation
RaiseException
RtlUnwind
HeapFree
HeapAlloc
LeaveCriticalSection
DeleteCriticalSection
InterlockedExchange
InitializeCriticalSection
EnterCriticalSection
GetTempPathA
GetProcAddress
LoadLibraryA
FreeLibrary
CreateDirectoryA
CompareStringA
CompareStringW
SetEnvironmentVariableA
OutputDebugStringA
Sleep
SetThreadPriority
WaitForSingleObject
DeleteFileA
CreateThread
SetEvent
ResetEvent
FindFirstFileA
CreateEventA

user32

LoadStringA
EndDialog
LoadIconA
CreateDialogParamA
SendDlgItemMessageA
DestroyWindow
wsprintfA
DestroyMenu
GetWindowRect
IsDlgButtonChecked
SendMessageA
GetDlgItem
InsertMenuA
SetWindowPlacement
RedrawWindow
GetAsyncKeyState
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
SetDlgItemTextA
DialogBoxParamA
GetWindowPlacement
EnableMenuItem
GetSubMenu
LoadMenuA
EnableWindow
GetSystemMetrics
GetClientRect
CheckDlgButton
SetWindowPos
PostMessageA
ShowWindow
TrackPopupMenu
ScreenToClient
GetDlgItemTextA
DefWindowProcA
SetTimer
KillTimer
GetParent
SetWindowLongA
GetWindowLongA
GetWindowTextA
IsDialogMessageA
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA
DeleteMenu
InvalidateRect
CheckRadioButton
InvertRect
FillRect
GetScrollInfo
SetScrollInfo
SetWindowTextA
CheckMenuItem
GetMenuStringA
ModifyMenuA
LoadCursorA
RegisterClassExA
IsWindowVisible
SetForegroundWindow
SetCursor
GetDlgItemInt
BeginPaint
EndPaint
GetMenuItemCount
GetMenuItemID
DrawMenuBar
PostQuitMessage
SetMenu
ClientToScreen
GetCursorPos
CreateWindowExA
ReleaseDC
SetDlgItemInt
MoveWindow
GetDC
SetRect
MessageBoxA
IsWindow
FindWindowA

gdi32

StretchDIBits
SetBkMode
SelectObject
ExtTextOutA
SetBkColor
CreatePalette
GetSystemPaletteEntries
DeleteObject
RealizePalette
SelectPalette
AnimatePalette
CreateFontIndirectA
GetStockObject
TextOutA

comdlg32

GetSaveFileNameA
GetOpenFileNameA

advapi32

RegCloseKey
RegEnumValueA
RegOpenKeyExA
RegQueryValueExA
RegEnumKeyExA

shell32

SHBrowseForFolderA
DragFinish
SHGetPathFromIDListA
SHGetMalloc
DragQueryFileA
DragAcceptFiles
ShellExecuteA

ole32

CoCreateInstance
CoUninitialize
CoInitialize

winmm

timeGetTime
timeEndPeriod
timeBeginPeriod

comctl32

ord6
ImageList_LoadImageA
ImageList_Destroy
ord17

imm32

ImmAssociateContext

shlwapi

PathFindExtensionA
StrCmpNIA

wsock32

WSAAsyncSelect
accept
recv
send
socket
htonl
htons
bind
closesocket
connect
listen
ioctlsocket
setsockopt
inet_ntoa
WSAGetLastError
WSAStartup
WSACleanup

Sections

.text
Size: 412KB - Virtual size: 410KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 790KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7dac5212c7bebdb78b98011d98f065b6

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

winmm

comctl32

imm32

shlwapi

wsock32

Sections

.text Size: 412KB - Virtual size: 410KB

.rdata Size: 28KB - Virtual size: 26KB

.data Size: 52KB - Virtual size: 790KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 412KB - Virtual size: 410KB

.rdata
Size: 28KB - Virtual size: 26KB

.data
Size: 52KB - Virtual size: 790KB

.rsrc
Size: 4KB - Virtual size: 3KB