7d280a03897599a07bfa2e4890719dd126bcd3d6cdaa8fa6c5414e24b40b3cb0

Sharing

Copy URL

Twitter E-mail

General

Target

7d280a03897599a07bfa2e4890719dd126bcd3d6cdaa8fa6c5414e24b40b3cb0
Size

5.9MB
MD5

adb398d7a0bc8f4fd3b2db5f81a50cb3
SHA1

50f60e81818bf58e4f8fd1e175a1528c242e15c5
SHA256

7d280a03897599a07bfa2e4890719dd126bcd3d6cdaa8fa6c5414e24b40b3cb0
SHA512

027e2ae9de2dfd0d45296ebc714d2ba903798d110e1676e102cb541dcc68fc2e68eaa93fa0e7adadf9c8c1e19e6f26cf3684e8c502985959bf3b8d6847c7522f
SSDEEP

6144:HZ4thSUHz9HRg1c96R7b3/dyTl8W2p7/j1qBl9scLGUNhN:Hsh3Hz9HeTZzdwl8W2ZR6aU3N

Score

1^/10

Malware Config

Signatures

Files

7d280a03897599a07bfa2e4890719dd126bcd3d6cdaa8fa6c5414e24b40b3cb0
.exe windows:5 windows x86 arch:x86

920aca8fdc4985e3316b3693228113b0

Code Sign

23:5a:1c:76:22:8c:6f:81:4a:36:15:e0:21:d3:a8:a6
Certificate

Issuer

CN=IOCRSIHZPSQUIZFOZQ

Not Before

09-09-2020 13:46

Not After

31-12-2039 23:59

Subject

CN=IOCRSIHZPSQUIZFOZQ

Extended Key Usages

ExtKeyUsageCodeSigning

38:f9:67:e9:f5:fb:8c:ca:b4:d2:d3:79:24:62:fe:0d:89:98:a3:79
Signer

Actual PE Digest

38:f9:67:e9:f5:fb:8c:ca:b4:d2:d3:79:24:62:fe:0d:89:98:a3:79

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
Sleep
VirtualAllocEx
GetModuleHandleW
InterlockedIncrement
InterlockedDecrement
WaitForSingleObject
SetEvent
InitializeCriticalSection
SizeofResource
MultiByteToWideChar
lstrlenW
RaiseException
GetLastError
LoadLibraryExW
lstrcmpiW
DeleteCriticalSection
GetCurrentThreadId
CreateThread
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LoadResource
FreeLibrary
FindResourceW
GetCommandLineW
CloseHandle
GetModuleFileNameW
OutputDebugStringW
CreateEventW
CreateProcessW
GetCurrentProcess
TerminateProcess
GetStartupInfoW
InterlockedCompareExchange
LeaveCriticalSection
EnterCriticalSection
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
DeleteVolumeMountPointW
GetCommTimeouts
GetTapePosition
EnumCalendarInfoA
GetCommModemStatus
GetComputerNameExA
CommConfigDialogA
SetNamedPipeHandleState
LocalSize
GetWriteWatch
GetCPInfoExA
FindVolumeClose
PrepareTape
SetCurrentDirectoryW
DeviceIoControl
SleepEx
FindNextChangeNotification
ReadConsoleA
UnlockFile
BackupSeek
FreeUserPhysicalPages
ExitProcess
GetTempFileNameW
SetThreadPriorityBoost
CancelDeviceWakeupRequest
VirtualProtectEx
GlobalFindAtomW
GetProcessHeap
RtlUnwind
HeapReAlloc
HeapSize
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
HeapAlloc
VirtualAlloc
GetCPInfo
GetOEMCP
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
HeapFree
SetErrorMode
lstrlenA
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
lstrcpyW
SystemTimeToFileTime
PulseEvent
OpenProcess
OpenEventW
LoadLibraryW
GetSystemTime
GetFileTime
FindFirstFileW
FindClose
FileTimeToSystemTime
CreateFileW

user32

LoadCursorA
DispatchMessageW
PostThreadMessageW
CharUpperW
TranslateMessage
CharNextW
UnregisterClassA
GetMessageW
SetDlgItemTextW
DdeGetLastError
GetKeyNameTextW
SwitchDesktop
OpenDesktopA
EnumChildWindows
InternalGetWindowText
SetWinEventHook
CharPrevW
SwapMouseButton
IMPGetIMEW
GetClassInfoExW
GetMessagePos
CharLowerBuffA
RegisterClassExA
DestroyIcon
SetCapture
IsClipboardFormatAvailable
GetDlgCtrlID
GetClassNameW
GetClipboardData
InvertRect
MonitorFromPoint
GetClassInfoA
EnumWindowStationsW
EnumDesktopsA
AppendMenuA
OffsetRect

gdi32

GetStockObject
GetEnhMetaFileBits
ResetDCW
TextOutA
CombineTransform
UnrealizeObject
ResizePalette
GdiStartDocEMF
GdiPlayJournal
GdiSetServerAttr
PolyPatBlt
GetKerningPairsA
NamedEscape
DeleteDC
GetDeviceCaps
ScaleWindowExtEx
DeleteObject
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
TextOutW
RectVisible
PtVisible
CreateBitmap
SetMapMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
ExtTextOutW
GetObjectW

advapi32

RegOpenKeyA
RegQueryValueExA
GetUserNameA
RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegDeleteValueW
RegDeleteKeyW
RegQueryInfoKeyW
RegCreateKeyExW
RegSetValueExW

shell32

ExtractIconA
ExtractAssociatedIconW
SHEmptyRecycleBinW
FindExecutableW
DragQueryFileAorW
FindExecutableA
DoEnvironmentSubstW
SHLoadInProc
SHGetFileInfo
ShellAboutW
SHGetDataFromIDListA
SHFreeNameMappings
SHGetInstanceExplorer
SHGetDiskFreeSpaceExA
SHGetDataFromIDListW
DragAcceptFiles
ShellExecuteA
SHGetSpecialFolderPathW
Shell_NotifyIconW

ole32

CoRevokeClassObject
CoRegisterClassObject
CoTaskMemFree
CoInitialize
StringFromGUID2
CoTaskMemRealloc
CoUninitialize
CoCreateInstance
CoTaskMemAlloc

shlwapi

StrCmpNIW
StrStrW
StrRChrW
StrStrIW
StrChrA
StrCmpNIA

comctl32

InitCommonControlsEx

Sections

.text
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 306B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5.6MB - Virtual size: 5.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 165KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

920aca8fdc4985e3316b3693228113b0

Code Sign

23:5a:1c:76:22:8c:6f:81:4a:36:15:e0:21:d3:a8:a6Certificate

Extended Key Usages

38:f9:67:e9:f5:fb:8c:ca:b4:d2:d3:79:24:62:fe:0d:89:98:a3:79Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

comctl32

Sections

.text Size: 130KB - Virtual size: 130KB

.rdata Size: 512B - Virtual size: 306B

.data Size: 5.6MB - Virtual size: 5.6MB

.rsrc Size: 165KB - Virtual size: 164KB

23:5a:1c:76:22:8c:6f:81:4a:36:15:e0:21:d3:a8:a6
Certificate

38:f9:67:e9:f5:fb:8c:ca:b4:d2:d3:79:24:62:fe:0d:89:98:a3:79
Signer

.text
Size: 130KB - Virtual size: 130KB

.rdata
Size: 512B - Virtual size: 306B

.data
Size: 5.6MB - Virtual size: 5.6MB

.rsrc
Size: 165KB - Virtual size: 164KB