e4086d29dd39553475fb21d762d11a04017b2bf32f0aa1231a1864df3be6cb9a

Sharing

Copy URL

Twitter E-mail

General

Target

e4086d29dd39553475fb21d762d11a04017b2bf32f0aa1231a1864df3be6cb9a
Size

1.7MB
MD5

851ccec444f2ecbfeabe5b16d98abaa1
SHA1

bfbd2972970248073541027b6745c5f8e185adf6
SHA256

e4086d29dd39553475fb21d762d11a04017b2bf32f0aa1231a1864df3be6cb9a
SHA512

fd8d411f1697e5b87796678abda4614aaed6b93ad346ac4cbc022a2495304cf249856cacf037981e2b9b0236fff0d9045473b1f1d20632c91dbf32870e86d6a6
SSDEEP

49152:nkOGrK7GR+KqaPkGtPn1Q3x2JLM2+TNP8tomlN/:QrKqR+KqaPkGtPn1Yx2J7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e4086d29dd39553475fb21d762d11a04017b2bf32f0aa1231a1864df3be6cb9a

Files

e4086d29dd39553475fb21d762d11a04017b2bf32f0aa1231a1864df3be6cb9a
.exe windows x86

2bfff525d91602b7475e23c5a057fcbe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

kernel32

GetFileTime
OutputDebugStringW
SetEnvironmentVariableA
WriteConsoleW
OpenMutexW
CloseHandle
SetFilePointer
WriteFile
GetModuleFileNameW
CreateFileW
GetLocalTime
GetCurrentThreadId
GetCurrentProcessId
GetEnvironmentVariableW
VirtualQuery
GetLogicalDriveStringsW
QueryDosDeviceW
GetUserDefaultLangID
CreateProcessW
WaitForSingleObject
GetModuleHandleW
GetExitCodeProcess
GetLastError
GetProcAddress
WaitForMultipleObjects
LocalFree
SearchPathW
GetDriveTypeW
FindFirstFileW
GetLongPathNameW
GetFileAttributesExW
GetShortPathNameW
GetCurrentProcess
OpenProcess
WideCharToMultiByte
GetACP
MultiByteToWideChar
CreateMutexW
Sleep
ReleaseMutex
TryEnterCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
ExpandEnvironmentStringsW
GetDiskFreeSpaceW
GetVolumeInformationW
HeapAlloc
HeapFree
GetProcessHeap
GlobalAlloc
GetVersionExW
GlobalFree
FreeLibrary
LoadLibraryW
FindResourceW
LoadResource
LockResource
GetSystemInfo
lstrcmpiW
FindClose
FindNextFileW
GetFullPathNameW
GetTempFileNameW
MoveFileExW
CreateDirectoryW
SetFileTime
GetSystemDirectoryW
CopyFileW
GetFileAttributesW
lstrlenW
GetTempPathW
GetCurrentDirectoryW
MoveFileW
SetCurrentDirectoryW
RemoveDirectoryW
GetWindowsDirectoryW
DeleteFileW
SetFileAttributesW
GetFileSize
SetEndOfFile
ReadFile
SetConsoleCtrlHandler
LoadLibraryExW
FileTimeToDosDateTime
DosDateTimeToFileTime
SystemTimeToFileTime
FileTimeToSystemTime
FileTimeToLocalFileTime
GetSystemTime
LocalFileTimeToFileTime
InterlockedExchangeAdd
SetEvent
GetTickCount
InitializeCriticalSectionAndSpinCount
ResumeThread
ResetEvent
CreateEventW
OpenEventW
DeviceIoControl
InterlockedExchange
SetLastError
GlobalMemoryStatusEx
RaiseException
DecodePointer
LoadLibraryA
lstrcatW
lstrcpyW
GetFileSizeEx
FormatMessageW
EncodePointer
GetStringTypeW
GetCommandLineW
IsDebuggerPresent
IsProcessorFeaturePresent
HeapReAlloc
GetSystemTimeAsFileTime
CreateThread
ExitThread
RtlUnwind
FatalAppExitA
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
CreateSemaphoreW
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetCurrentThread
ExitProcess
GetModuleHandleExW
AreFileApisANSI
GetStdHandle
GetFileType
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
HeapSize
SetFilePointerEx
GetConsoleMode
ReadConsoleW
GetConsoleCP
IsValidCodePage
GetOEMCP
GetTimeZoneInformation
FlushFileBuffers
SetStdHandle

user32

UnregisterClassW

shell32

SHGetFolderPathW

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 253KB - Virtual size: 253KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2bfff525d91602b7475e23c5a057fcbe

Headers

DLL Characteristics

File Characteristics

Imports

version

kernel32

user32

shell32

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 253KB - Virtual size: 253KB

.data Size: 11KB - Virtual size: 21KB

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 63KB - Virtual size: 62KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 253KB - Virtual size: 253KB

.data
Size: 11KB - Virtual size: 21KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 63KB - Virtual size: 62KB