7d9d40727eac4b8d83dedddbfd4a11977805d05c6e698cc05af9a4a2ab38b6f9

Sharing

Copy URL

Twitter E-mail

General

Target

7d9d40727eac4b8d83dedddbfd4a11977805d05c6e698cc05af9a4a2ab38b6f9
Size

2.3MB
MD5

dc958b63007cf0834f72176b70cfde59
SHA1

6c03adc88090958adfcecb4aa199796e0d49e498
SHA256

7d9d40727eac4b8d83dedddbfd4a11977805d05c6e698cc05af9a4a2ab38b6f9
SHA512

7b0e53bce9ff766d67c73601246fdce1760e11273d05cf76f4443c05c17cf7617fa59dc27b93a3ced47991bc5294e3411cedb406722d4f85d811b808631e0043
SSDEEP

49152:0Gg8HZ8n9cwUBRI8CCSXMXkHilomRU33QyWs0bNRI5SIfo7YDS1BMBd:FtHZ8n97GmqUHiXUw9NaZfo7Y27Mf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7d9d40727eac4b8d83dedddbfd4a11977805d05c6e698cc05af9a4a2ab38b6f9

Files

7d9d40727eac4b8d83dedddbfd4a11977805d05c6e698cc05af9a4a2ab38b6f9
.exe windows:4 windows x86 arch:x86

3f95dbc9a241b1555fd52c7ea1d915e7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedDecrement
SetCurrentDirectoryA
GetCurrentDirectoryA
CreateDirectoryA
GetFileAttributesA
DeleteFileA
RemoveDirectoryA
FindClose
FindNextFileA
FindFirstFileA
GetTempPathA
GetStdHandle
GetTimeZoneInformation
RtlUnwind
RaiseException
CloseHandle
GetFileType
GetLastError
CreateFileA
WriteFile
ReadFile
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapAlloc
HeapFree
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
SetUnhandledExceptionFilter
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapSize
GetModuleFileNameA
InterlockedIncrement
SetStdHandle
SetEndOfFile
SetFilePointer
SetHandleCount
LCMapStringA
MultiByteToWideChar
GetSystemTime
GetLocalTime
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
IsBadReadPtr
IsBadCodePtr
FlushFileBuffers
CompareStringW
SetEnvironmentVariableA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
CompareStringA

user32

MessageBoxA

Sections

.text
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 20KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3f95dbc9a241b1555fd52c7ea1d915e7

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 52KB - Virtual size: 49KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 20KB - Virtual size: 22KB

.rsrc Size: 72KB - Virtual size: 72KB

.text
Size: 52KB - Virtual size: 49KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 20KB - Virtual size: 22KB

.rsrc
Size: 72KB - Virtual size: 72KB