7ba1f4372bddf9b1e280c40b43455e5ed94e62f4952b0eeb0e870650f6209b87

Sharing

Copy URL

Twitter E-mail

General

Target

7ba1f4372bddf9b1e280c40b43455e5ed94e62f4952b0eeb0e870650f6209b87
Size

624KB
MD5

9276c887c1daf8b165631d993ffdbbcc
SHA1

5d8e201720a508b21b0a182d9fc2d3fb8fe67a68
SHA256

7ba1f4372bddf9b1e280c40b43455e5ed94e62f4952b0eeb0e870650f6209b87
SHA512

83d5f081d32bd0dcefeffb24d46f55d2a67a8c00693f21c5403e216022f58230c3ada62338be466229a0350a3c4c7f5d6f28537b53be9857551f50d189a1f560
SSDEEP

6144:dHJ5vy3kkDQg6p28Ca/cspQO9jeUX/V3RbNUXXp3uxYHH8x0HvHg0c:/kN+1/cspQO9jxVUpKY8eHgJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
7ba1f4372bddf9b1e280c40b43455e5ed94e62f4952b0eeb0e870650f6209b87

Files

7ba1f4372bddf9b1e280c40b43455e5ed94e62f4952b0eeb0e870650f6209b87
.exe windows:4 windows x86 arch:x86

feb792160b0ff9b504498e727198c0c5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDateFormatA
GetCommandLineA
GetProcessHeap
GetStartupInfoA
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetACP
LCMapStringA
LCMapStringW
GetTimeZoneInformation
Sleep
VirtualFree
HeapDestroy
HeapCreate
GetStdHandle
FreeEnvironmentStringsA
GetTimeFormatA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
RaiseException
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
HeapReAlloc
HeapFree
HeapAlloc
RtlUnwind
GetTickCount
SetErrorMode
LocalFileTimeToFileTime
CreateFileA
GetShortPathNameA
GetVolumeInformationA
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
DeleteFileA
MoveFileA
GetCurrentDirectoryA
SystemTimeToFileTime
GetThreadLocale
GetOEMCP
GetCPInfo
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
GetFileTime
SetFileTime
GetFileAttributesA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
InterlockedDecrement
GetModuleFileNameW
GetCurrentThread
ConvertDefaultLocale
GetModuleFileNameA
EnumResourceLanguagesA
GetLocaleInfoA
lstrcmpA
GlobalFree
GlobalAlloc
FormatMessageA
LocalFree
MulDiv
GetCurrentThreadId
GlobalFindAtomA
GlobalDeleteAtom
FreeLibrary
lstrcmpW
GetVersionExA
FreeResource
GlobalLock
GlobalUnlock
GetCurrentProcessId
GlobalGetAtomNameA
GlobalAddAtomA
GetLogicalDrives
FindNextFileA
FindClose
GetDriveTypeA
lstrcpyA
FindFirstFileA
CloseHandle
SetLastError
GetModuleHandleA
LoadLibraryA
FileTimeToLocalFileTime
FileTimeToSystemTime
ExitProcess
LoadLibraryExW
GetProcAddress
LoadLibraryExA
GetCurrentProcess
FindResourceA
LoadResource
LockResource
SizeofResource
GetStringTypeExA
lstrlenA
lstrcmpiA
CompareStringW
CompareStringA
GetVersion
GetLastError
WideCharToMultiByte
MultiByteToWideChar
GetEnvironmentStrings
InterlockedExchange

user32

CreateMenu
PostThreadMessageA
GetTabbedTextExtentA
GetDCEx
LockWindowUpdate
RegisterClipboardFormatA
DestroyIcon
WindowFromPoint
KillTimer
SetTimer
SetParent
IsRectEmpty
GetSysColorBrush
LoadCursorA
DestroyCursor
GetMenuItemInfoA
InflateRect
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
SetRect
SetWindowContextHelpId
MapDialogRect
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
PostQuitMessage
GetMenuStringA
InsertMenuA
RemoveMenu
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
GetMenuState
EnableMenuItem
SendDlgItemMessageA
IsChild
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
RemovePropA
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
MessageBoxA
CreateWindowExA
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
ScreenToClient
DeferWindowPos
GetScrollInfo
SetScrollInfo
DefWindowProcA
CallWindowProcA
SystemParametersInfoA
GetWindowPlacement
PtInRect
GetDC
ReleaseDC
GetWindowRect
IsZoomed
GetSystemMetrics
RegisterWindowMessageA
UnpackDDElParam
ReuseDDElParam
LoadMenuA
DestroyMenu
GetClassNameA
GetSysColor
WinHelpA
EnableWindow
SendMessageA
CharUpperA
UpdateWindow
SetWindowPos
SetFocus
GetWindowThreadProcessId
GetActiveWindow
IsWindowEnabled
GetFocus
EqualRect
GetDlgItem
SetWindowLongA
GetKeyState
GetDlgCtrlID
SetCursor
PeekMessageA
GetCapture
ReleaseCapture
SetWindowRgn
DrawIcon
FindWindowA
MessageBeep
GetNextDlgGroupItem
SetCapture
InvalidateRgn
CopyAcceleratorTableA
CharNextA
GetPropA
UnregisterClassA
LoadIconA
GetSystemMenu
DeleteMenu
AppendMenuA
CheckMenuItem
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenu
GetClientRect
TranslateAcceleratorA
IsWindow
GetWindowLongA
ShowWindow
GetWindow
GetDesktopWindow
SetMenu
PostMessageA
BringWindowToTop
GetLastActivePopup
CopyRect
SetRectEmpty
OffsetRect
IntersectRect
GetClassInfoA
CreatePopupMenu
InsertMenuItemA
IsIconic
InvalidateRect
IsWindowVisible
SetActiveWindow
GetParent
LoadAcceleratorsA
ShowOwnedPopups

gdi32

BitBlt
GetPixel
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ExtSelectClipRgn
CreatePatternBrush
GetStockObject
GetWindowExtEx
CreatePen
CreateSolidBrush
GetViewportOrgEx
Rectangle
SetRectRgn
CombineRgn
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
CreateEllipticRgn
LPtoDP
Ellipse
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextAlign
GetTextFaceA
GetWindowOrgEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
SetTextAlign
MoveToEx
LineTo
CreateFontIndirectA
IntersectClipRect
ExcludeClipRect
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
EndDoc
AbortDoc
SetAbortProc
EndPage
StartPage
StartDocA
DPtoLP
CreateDCA
GetDeviceCaps
PatBlt
CreateRectRgnIndirect
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
StretchDIBits
DeleteDC
GetObjectA
CreateFontA
GetCharWidthA
DeleteObject
GetTextExtentPoint32A
GetTextMetricsA
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
GetJobA
ClosePrinter

advapi32

GetFileSecurityA
SetFileSecurityA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA
RegSetValueA
RegCloseKey
RegCreateKeyA

shell32

SHGetFileInfoA
DragFinish
DragQueryFileA
ExtractIconA
ShellAboutA

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CoFreeUnusedLibraries
OleUninitialize
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
OleInitialize

oleaut32

VariantClear
VariantChangeType
VariantInit
SysStringLen
SysFreeString
SysAllocStringByteLen
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
SysAllocString
SysAllocStringLen

Sections

.text
Size: 344KB - Virtual size: 342KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 176KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

feb792160b0ff9b504498e727198c0c5

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 344KB - Virtual size: 342KB

.rdata Size: 88KB - Virtual size: 85KB

.data Size: 12KB - Virtual size: 26KB

.rsrc Size: 176KB - Virtual size: 173KB

.text
Size: 344KB - Virtual size: 342KB

.rdata
Size: 88KB - Virtual size: 85KB

.data
Size: 12KB - Virtual size: 26KB

.rsrc
Size: 176KB - Virtual size: 173KB