e7b7dcc0d9e8380d337845927e6c23a6d07660db9ebe484c71782815509ab074N

Sharing

Copy URL Twitter E-mail

General

Target

e7b7dcc0d9e8380d337845927e6c23a6d07660db9ebe484c71782815509ab074N
Size

1.0MB
MD5

4245460c58d73e7d3e92ef9cb14c6430
SHA1

803afc771672b6ded7de3dcda7772e6447191fc5
SHA256

e7b7dcc0d9e8380d337845927e6c23a6d07660db9ebe484c71782815509ab074
SHA512

afccfcfcb8286fb7e13aa745238e0aa3d5d5e65c56d4a9e0d1eb1c6d880ea535a491cb0b12b3194507e531cfe83f634f0405998ae863f8e77efa3c1c6659bdb2
SSDEEP

24576:Z6l4TsiklJIuacZSh96RK9H5AdKSDz0Ss5/biNme0C3z:B4ikL5acu6s9H5GKSDzSN2QM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e7b7dcc0d9e8380d337845927e6c23a6d07660db9ebe484c71782815509ab074N

Files

e7b7dcc0d9e8380d337845927e6c23a6d07660db9ebe484c71782815509ab074N
.exe windows:4 windows x86 arch:x86

c414ae99d4fd649f4c58bea5e834328e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\buildsvn\arcadia_dt\workDir\clients2\sc\sda\Release\PGPsda.pdb

Imports

comctl32

ord17

kernel32

HeapFree
SetEndOfFile
GetLocaleInfoA
LCMapStringW
LCMapStringA
CreateFileA
CreateFileW
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
InitializeCriticalSection
Sleep
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStringTypeW
GetStringTypeA
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
RtlUnwind
ExitProcess
GetModuleHandleA
HeapSize
FlushFileBuffers
GetConsoleMode
GetConsoleCP
WriteFile
SetStdHandle
GetFileType
GetStdHandle
IsDBCSLeadByteEx
MulDiv
WideCharToMultiByte
MultiByteToWideChar
GetFileAttributesA
CreateSemaphoreA
WaitForSingleObject
CloseHandle
CreateThread
lstrcpyA
ReleaseSemaphore
GetProcAddress
FreeLibrary
lstrlenA
LoadLibraryA
GetVersionExA
SetHandleCount
VirtualAlloc
GetModuleFileNameA
GetACP
GetModuleFileNameW
lstrcmpiA
DeleteCriticalSection
VirtualFree
HeapCreate
HeapDestroy
GetLastError
SetFilePointer
HeapAlloc
HeapReAlloc
CreateDirectoryW
CreateDirectoryA
DeleteFileW
DeleteFileA
RemoveDirectoryW
RemoveDirectoryA
GetSystemTimeAsFileTime
GetCommandLineA
GetProcessHeap
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
ReadFile
EnterCriticalSection
LeaveCriticalSection

user32

UpdateWindow
ShowWindow
CreateWindowExA
LoadStringA
MessageBoxW
MessageBoxA
LoadStringW
SetWindowPos
GetSystemMetrics
GetWindowRect
SetWindowLongW
GetFocus
GetClientRect
CallWindowProcW
SetCaretPos
DestroyCaret
CreateCaret
ShowCaret
GetNextDlgTabItem
FillRect
GetParent
KillTimer
IsDlgButtonChecked
CheckDlgButton
LoadIconA
SetFocus
GetKeyState
GetKeyboardLayout
DialogBoxParamA
EndDialog
IsWindowEnabled
SetForegroundWindow
SetTimer
GetDlgItem
MapWindowPoints
SetWindowTextA
SendDlgItemMessageA
ActivateKeyboardLayout
SendMessageA
GetDC
ReleaseDC
SetWindowLongA
SystemParametersInfoA
GetWindowTextA
GetWindowLongA
CallWindowProcA
IsWindowVisible
BeginPaint
DrawIcon
GetSysColor
EndPaint
InvalidateRect
RegisterClassA
DefWindowProcA

gdi32

DeleteDC
GetTextMetricsA
CreateCompatibleDC
CreateCompatibleBitmap
GetStockObject
GetObjectA
GetDeviceCaps
GetTextExtentPoint32W
ExtTextOutW
BitBlt
SetBkMode
TextOutW
TranslateCharsetInfo
DeleteObject
CreateSolidBrush
CreatePen
CreateFontIndirectA
SelectObject
SetTextColor
SetBkColor
Rectangle
ExtTextOutA

comdlg32

GetSaveFileNameA
GetSaveFileNameW

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

shell32

SHGetMalloc
SHBrowseForFolderA
SHGetPathFromIDListA

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c414ae99d4fd649f4c58bea5e834328e

Headers

File Characteristics

PDB Paths

Imports

comctl32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

Sections

.text Size: 92KB - Virtual size: 91KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 8KB - Virtual size: 15KB

.rsrc Size: 31KB - Virtual size: 31KB

.text
Size: 92KB - Virtual size: 91KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 8KB - Virtual size: 15KB

.rsrc
Size: 31KB - Virtual size: 31KB