7b2a3a2bf10926418447cf0e3e75814a429523de1abc4121ee67afec56e97787N

Sharing

Copy URL

Twitter E-mail

General

Target

7b2a3a2bf10926418447cf0e3e75814a429523de1abc4121ee67afec56e97787N
Size

101KB
MD5

7eca92369048580be425b093a4992b00
SHA1

9d5f190132dd51a1cfdf7dfeeea7ec730e13dec2
SHA256

7b2a3a2bf10926418447cf0e3e75814a429523de1abc4121ee67afec56e97787
SHA512

9de73e49926a3c907e23c32cd3ae5ae2d7289faf7325c1725f29b14791766d3342afc4743b1f7aa1da9fb6743170a20b7c29d580ea3859b173fcd567fd4dd2bd
SSDEEP

1536:KoDCqQ72susTZUM8Zx1eBumQkAJSo/4X+dMSWG+MaC0GsHmH3unn:KoNS3UMyQA4o/w+qiaCFsHmXunn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
7b2a3a2bf10926418447cf0e3e75814a429523de1abc4121ee67afec56e97787N

Files

7b2a3a2bf10926418447cf0e3e75814a429523de1abc4121ee67afec56e97787N
.exe windows:5 windows x86 arch:x86

45c7073990df4cb57fd28d261834a7ad

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
LocalReAlloc
GetACP
LoadLibraryW
GetSystemDefaultLangID
CreateFileW
IsBadReadPtr
FileTimeToLocalFileTime
InitializeCriticalSection
lstrcpyW
GlobalLock
LocalFree
CloseHandle
DeleteCriticalSection
FormatMessageW
GetDateFormatW
lstrlenW
InterlockedDecrement
SetUnhandledExceptionFilter
QueryPerformanceCounter
GlobalUnlock
GlobalAlloc
RemoveDirectoryA
GetLastError
FileTimeToSystemTime
OutputDebugStringW
OutputDebugStringA
GetSystemTimeAsFileTime
GlobalFree
GetSystemWindowsDirectoryW
GetModuleFileNameW
GetStartupInfoA
GetEnvironmentStringsW
GetModuleHandleA
GetTickCount
lstrcmpiW
GetCurrentProcess
GetComputerNameW
InterlockedIncrement
SetLastError

msvcrt

wcscpy
_wcsupr
wcschr
__RTDynamicCast
wcsstr
??1type_info@@UAE@XZ
??3@YAXPAX@Z
mbstowcs
wcscat
memmove
_wcsicmp
_onexit
wcscmp
free
_initterm
_adjust_fdiv
?terminate@@YAXXZ
malloc
wcsrchr
_except_handler3
vswprintf
wcstoul
wcslen
__dllonexit
_purecall
??2@YAPAXI@Z

user32

SetDlgItemTextW
EnableWindow
GetWindowLongW
GetDlgItem
DialogBoxParamW
LoadBitmapW
SetWindowLongW
SetWindowTextW
EndDialog
LoadCursorW
WinHelpW
LoadIconW
GetDC
SendMessageW
ReleaseDC
InsertMenuItemW
LoadStringW
SystemParametersInfoW
MessageBoxW
SetFocus
LoadImageW
GetDlgItemTextA
RegisterClipboardFormatW
SetCursor
GetParent
wsprintfW
PostMessageW
SendDlgItemMessageW

certcli

CAEnumCertTypes
CAAddCACertificateType
CAGetCertTypeFlags
CASetCertTypeProperty
CAGetCAProperty
CASetCertTypeFlags
CAGetCertTypeProperty
CAUpdateCA
CACloseCA
CAFindCertTypeByName
CASetCertTypeKeySpec
CAGetCertTypeExtensions
CAFreeCertTypeExtensions
CAFindByName
CAGetCertTypeKeySpec
CAEnumNextCertType
CACertTypeGetSecurity
CAGetCertTypePropertyEx
CARemoveCACertificateType
CAEnumCertTypesForCA
CASetCertTypeExtension
CACreateCertType
CACertTypeSetSecurity
CACloseCertType
CAFreeCAProperty
CAUpdateCertType
CAFreeCertTypeProperty

advapi32

RegQueryValueExW
RegCloseKey
RegDeleteKeyW
RegSetValueExW
RegOpenKeyExW
RegDeleteValueW
RegEnumKeyExW
RegCreateKeyExW

comctl32

PropertySheetW
CreatePropertySheetPageW

Sections

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

45c7073990df4cb57fd28d261834a7ad

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

certcli

advapi32

comctl32

Sections

.text Size: 46KB - Virtual size: 46KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 72KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 46KB - Virtual size: 46KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 72KB

.rsrc
Size: 23KB - Virtual size: 23KB