7378d600b4a38ba74320731b72148120N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

7378d600b4a38ba74320731b72148120N.exe
Size

5.2MB
MD5

7378d600b4a38ba74320731b72148120
SHA1

ff1c0f4231c0b60ab9f050e056683c76976f2525
SHA256

8cc6a70aa7e17ff254b5edecbeb64708c25a7e919ea9859bd03d7ec3700b83f2
SHA512

a87b6132e0537bfa3b379125383c72288bfe7e39eb3a523c6e849588d14419d42d7e25a1976869458281f87c53ed632a42e44e7d18131c23ca02730ef38b0b89
SSDEEP

98304:LkvQrgdsRDWEBBki2BrZtbr/vYNNuDp4dVQ0JUP98AGUh+oWE8ygCoqv2yp1AHwU:LkvQrgdsRDWEBBki2BrZtbr/vONuFctS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7378d600b4a38ba74320731b72148120N.exe

Files

7378d600b4a38ba74320731b72148120N.exe
.exe windows:4 windows x86 arch:x86

19ce098d354694007f6f5efa042c6952

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmGetIMEFileNameA
ImmGetDefaultIMEWnd
ImmGetCompositionStringA
ImmGetCompositionWindow
ImmGetDescriptionA
ImmGetContext
ImmGetOpenStatus
ImmSetOpenStatus
ImmGetConversionStatus
ImmSetConversionStatus
ImmReleaseContext
ImmSetCompositionWindow

dsound

ord1
ord2

opengl32

glColor4f
glDisable
glEnd
glVertex2f
glTexCoord2f
glColor4ub
glBegin
glColor3f
glTexImage2D
glBindTexture
glFlush
glClear
glPopMatrix
glAlphaFunc
glDepthFunc
glTranslatef
glRotatef
glLoadIdentity
glPushMatrix
glMatrixMode
glVertex3f
glNormal3f
glVertex3fv
glColor3fv
glDeleteTextures
glTexParameteri
glGenTextures
glTexEnvf
glDepthMask
glPolygonMode
glFrontFace
glStencilFunc
glColorMask
glStencilOp
glScalef
glGetFloatv
glReadPixels
glBlendFunc
glViewport
glFogfv
glFogf
glFogi
wglDeleteContext
wglMakeCurrent
glGetString
wglCreateContext
glClearColor
glTexEnvi
glGetIntegerv
glColor3ub
glEnable

glu32

gluPerspective
gluOrtho2D

winmm

timeSetEvent
timeGetTime
mmioClose
mmioAscend
mmioRead
mmioDescend
mmioOpenA
mmioWrite
timeBeginPeriod
timeGetDevCaps
timeEndPeriod
timeKillEvent

kernel32

TlsAlloc
GetSystemTimeAsFileTime
ExitThread
TlsGetValue
TlsSetValue
CreateThread
HeapAlloc
GetVersion
GetStartupInfoA
TlsFree
HeapReAlloc
HeapSize
InitializeCriticalSection
DeleteCriticalSection
FatalAppExitA
GetCPInfo
GetACP
GetOEMCP
MultiByteToWideChar
LCMapStringA
LCMapStringW
SetHandleCount
GetFileType
GetTickCount
IsBadReadPtr
lstrlenA
GlobalUnlock
GlobalLock
OutputDebugStringA
GetCurrentThreadId
Sleep
Process32Next
Process32First
CreateToolhelp32Snapshot
MoveFileA
GetFileAttributesA
CreateFileA
GetCommandLineA
CloseHandle
ReadFile
GetFileSize
GetLastError
GetPrivateProfileStringA
GetCurrentDirectoryA
DeleteFileA
CopyFileA
SetFileAttributesA
TerminateProcess
OpenProcess
WinExec
FindClose
FindFirstFileA
GetLocalTime
GetModuleFileNameA
SetFilePointer
WriteFile
GetEnvironmentVariableA
lstrcmpiA
GetVersionExA
QueryPerformanceCounter
SetProcessAffinityMask
SetThreadPriority
SetPriorityClass
GetProcessAffinityMask
GetThreadPriority
GetPriorityClass
GetCurrentThread
GetCurrentProcess
QueryPerformanceFrequency
FreeLibrary
GetProcAddress
LoadLibraryA
GlobalMemoryStatus
ExitProcess
SetConsoleMode
GetStdHandle
AllocConsole
FreeConsole
SetConsoleTitleA
GetConsoleTitleA
SetLastError
SetConsoleCursorPosition
FillConsoleOutputAttribute
FillConsoleOutputCharacterA
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
ReadConsoleOutputA
GetCurrentProcessId
GetModuleHandleA
LeaveCriticalSection
EnterCriticalSection
GetSystemTime
GetTimeZoneInformation
WideCharToMultiByte
HeapFree
RaiseException
InterlockedIncrement
InterlockedDecrement
RtlUnwind
CreateFileMappingA
UnmapViewOfFile
MapViewOfFile
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFullPathNameA
FindNextFileA
RemoveDirectoryA
GetThreadContext
lstrcpynA
Module32First
Module32Next
SetUnhandledExceptionFilter
WaitForSingleObject
CreateDirectoryA
ResetEvent
GetExitCodeProcess
WaitForMultipleObjects
CreateProcessA
CreateEventA
OpenEventA
ResumeThread
OpenMutexA
MoveFileExA
lstrcatA
TerminateThread
ReleaseMutex
GetComputerNameA
lstrcmpA
GetModuleFileNameW
VirtualProtect
OpenFileMappingA
VirtualQuery
LoadLibraryExA
GetTempFileNameA
GetTempPathA
GetProcessHeap
GetFileInformationByHandle
DuplicateHandle
CreatePipe
PeekNamedPipe
lstrcpyA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
FlushFileBuffers
IsBadCodePtr
SetStdHandle
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetEndOfFile
SetConsoleCtrlHandler
GetLocaleInfoW
SetEvent
CreateMutexA
GetSystemDirectoryA

user32

GetDC
SetWindowPos
SetWindowTextA
GetWindowTextA
GetCaretPos
GetWindowLongA
GetAsyncKeyState
SendMessageA
CallWindowProcA
OpenClipboard
SetFocus
CloseClipboard
SetWindowLongA
DestroyWindow
SetRect
GetActiveWindow
GetCursorPos
ScreenToClient
GetDoubleClickTime
PtInRect
OffsetRect
MessageBoxA
PostMessageA
GetFocus
IsWindowVisible
GetScrollPos
SetScrollPos
ShowWindow
wsprintfA
GetDesktopWindow
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
GetWindowRect
RegisterHotKey
UnregisterHotKey
SetCursorPos
FindWindowA
ShowCursor
ChangeDisplaySettingsA
ReleaseDC
SystemParametersInfoA
ReleaseCapture
SetCapture
DefWindowProcA
PostQuitMessage
EndPaint
BeginPaint
RegisterClassA
LoadCursorA
LoadIconA
SetForegroundWindow
GetSystemMetrics
AdjustWindowRect
IsIconic
SetTimer
CreateWindowExA
DispatchMessageA
TranslateMessage
GetMessageA
PeekMessageA
UpdateWindow
EnumDisplaySettingsA
KillTimer
GetKeyboardLayoutNameA
GetKeyboardLayout
wvsprintfA
EnumChildWindows
RemoveMenu
DrawMenuBar
GetSystemMenu
GetClassNameA
GetWindowThreadProcessId
GetClipboardData
IntersectRect

gdi32

GetStockObject
SetPixelFormat
ChoosePixelFormat
SetTextColor
SwapBuffers
GetTextExtentPoint32A
CreateFontA
DeleteObject
GetTextExtentPointA
SelectObject
TextOutA
DeleteDC
SetBkColor
CreateDIBSection
CreateCompatibleDC

advapi32

InitializeSecurityDescriptor
CryptGetHashParam
CryptDeriveKey
CryptDecrypt
CryptCreateHash
CryptHashData
CryptVerifySignatureA
CryptDestroyHash
RegEnumValueA
RegDeleteValueA
GetUserNameA
CryptAcquireContextA
SetSecurityDescriptorDacl
CryptDestroyKey
CryptEncrypt
CryptImportKey
RegOpenKeyExA
RegQueryValueExA
RegDeleteKeyA
RegCreateKeyExA
CryptReleaseContext
RegSetValueExA
RegCloseKey

shell32

ShellExecuteA

ole32

CoUninitialize
CoInitialize
CoCreateInstance

ws2_32

sendto
WSAGetLastError
htons
send
WSACleanup
WSAStartup
closesocket
recv
shutdown
socket
setsockopt
WSAAsyncSelect
connect
gethostbyname
WSASend
inet_addr

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

wzaudio

wzAudioGetStreamOffsetRange
wzAudioStop
wzAudioOption
wzAudioCreate
wzAudioDestroy
wzAudioPlay

urlmon

URLDownloadToFileA

wininet

InternetReadFile
FtpOpenFileA
HttpSendRequestA
HttpQueryInfoA
FtpFindFirstFileA
InternetOpenA
HttpOpenRequestA
InternetQueryDataAvailable
InternetConnectA
InternetCloseHandle

Sections

.text
Size: 4.8MB - Virtual size: 4.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 204KB - Virtual size: 202KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 204KB - Virtual size: 136.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

19ce098d354694007f6f5efa042c6952

Headers

File Characteristics

Imports

imm32

dsound

opengl32

glu32

winmm

kernel32

user32

gdi32

advapi32

shell32

ole32

ws2_32

version

wzaudio

urlmon

wininet

Sections

.text Size: 4.8MB - Virtual size: 4.8MB

.rdata Size: 204KB - Virtual size: 202KB

.data Size: 204KB - Virtual size: 136.9MB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 4.8MB - Virtual size: 4.8MB

.rdata
Size: 204KB - Virtual size: 202KB

.data
Size: 204KB - Virtual size: 136.9MB

.rsrc
Size: 16KB - Virtual size: 15KB