87e74ca148f8fcf0d7704c0c81c20fd10d20e36eab2a5dc2ad4ff55e8d5a0e12

Sharing

Copy URL Twitter E-mail

General

Target

87e74ca148f8fcf0d7704c0c81c20fd10d20e36eab2a5dc2ad4ff55e8d5a0e12
Size

80KB
MD5

6ef78e1684192f4dd93207e42d7353c1
SHA1

0a9d2b8e479e213d0114fc99d65547bdfbdc3d2e
SHA256

87e74ca148f8fcf0d7704c0c81c20fd10d20e36eab2a5dc2ad4ff55e8d5a0e12
SHA512

bdd1ac0fcb9927670f584bed4d2938ee75804ee8e03f1d0e390714e42e651467232bb002ed06a56499885a127b77e8e073f1f54654e2e0fab25a8acbd223d4f7
SSDEEP

1536:66ArYrAQTrP4GhR65fZEy4kv1ILK1tot7kGTsFW2myVQTAUs:PwyfvR6rEy4u1HW9sFmyVaJs

Score

N/A

Malware Config

Signatures

Files

87e74ca148f8fcf0d7704c0c81c20fd10d20e36eab2a5dc2ad4ff55e8d5a0e12
.exe windows x86

7e800ea006a06ffff20793226d715050

Code Sign

e2:2d:d9:7e:6c:e9:18:9e:53:20:c5:0e:89:50:78:2f:0d:b0:d5:f8
Signer

Actual PE Digest

e2:2d:d9:7e:6c:e9:18:9e:53:20:c5:0e:89:50:78:2f:0d:b0:d5:f8

Digest Algorithm

sha1

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

NO CERTIFICATE

01/01/0001, 00:00
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalAlloc
CloseHandle
lstrcmpiW
GetProcAddress
LoadLibraryW
GetModuleHandleW
GetStringTypeW
LCMapStringW
WriteConsoleW
CreateProcessW
FreeLibrary
GetCommandLineW
SetStdHandle
FlushFileBuffers
WaitForSingleObject
ReleaseSemaphore
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
VirtualQuery
CreateFileW
SetUnhandledExceptionFilter
RtlCaptureContext
InterlockedDecrement
DeleteCriticalSection
CreateThread
CreateSemaphoreW
InitializeCriticalSection
InterlockedIncrement
WaitNamedPipeW
GetLastError
WaitForMultipleObjects
SetEvent
ResetEvent
WriteFile
TransactNamedPipe
SetNamedPipeHandleState
GetModuleFileNameW
LocalFree
GetTempPathW
RegisterWaitForSingleObject
CreateEventW
UnregisterWaitEx
HeapSetInformation
GetStartupInfoW
UnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
DecodePointer
TerminateProcess
ExitProcess
RaiseException
HeapFree
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
HeapCreate
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
HeapAlloc
InterlockedExchange
Sleep
SetFilePointer
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
MultiByteToWideChar
RtlUnwind
HeapSize
HeapReAlloc
LoadLibraryA

user32

GetMessageW
PostQuitMessage
UnregisterClassW
PostMessageW
EnumWindows
TranslateMessage
RegisterClassExW
GetWindowTextW
GetClassNameW
CreateWindowExW
DefWindowProcW
DispatchMessageW

advapi32

OpenProcessToken
RegCloseKey
RegOpenKeyExW
ConvertSidToStringSidW
GetTokenInformation
RegQueryValueExW
RegNotifyChangeKeyValue

ole32

StringFromGUID2

Sections

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7e800ea006a06ffff20793226d715050

Code Sign

e2:2d:d9:7e:6c:e9:18:9e:53:20:c5:0e:89:50:78:2f:0d:b0:d5:f8Signer

Signature Validations

Verification

01/01/0001, 00:00 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

Sections

.text Size: 46KB - Virtual size: 46KB

.rdata Size: 14KB - Virtual size: 14KB

.data Size: 4KB - Virtual size: 13KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 6KB - Virtual size: 5KB

e2:2d:d9:7e:6c:e9:18:9e:53:20:c5:0e:89:50:78:2f:0d:b0:d5:f8
Signer

01/01/0001, 00:00
Valid: false

.text
Size: 46KB - Virtual size: 46KB

.rdata
Size: 14KB - Virtual size: 14KB

.data
Size: 4KB - Virtual size: 13KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 6KB - Virtual size: 5KB