e031bea9b724c9ef4334d5161c99890ac6f4dc4d61f494fb92f8a301f07ce0cc

Sharing

Copy URL Twitter E-mail

General

Target

e031bea9b724c9ef4334d5161c99890ac6f4dc4d61f494fb92f8a301f07ce0cc
Size

928KB
MD5

d73f890f6a65e371afa564edae8d6458
SHA1

c9d1aa6011d775b3bcd280df2a5bb26c2db1a1d6
SHA256

e031bea9b724c9ef4334d5161c99890ac6f4dc4d61f494fb92f8a301f07ce0cc
SHA512

faf9a35811e418ff5799774513df9d3c2392ddb950e982e01929fe94e75683728d94188116ab4a6db7619b98dd5e06e4ec209993300489f98c02a62a048a4284
SSDEEP

12288:/h4CL/Hlj2oDUPzLmOZ2GKKzUWiu+G+pKdYdb6m32FfqsiTYrhz9unjl:/htL/HlqoDrO8qUWiu+G+/moTTYr9Ajl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e031bea9b724c9ef4334d5161c99890ac6f4dc4d61f494fb92f8a301f07ce0cc

Files

e031bea9b724c9ef4334d5161c99890ac6f4dc4d61f494fb92f8a301f07ce0cc
.exe windows x86

b4f0584ec2ce181d5ad7fb0ee7e5b148

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryW
GetProcAddress
CreateProcessW
WaitForSingleObject
GetModuleHandleW
GetExitCodeProcess
WaitForMultipleObjects
CloseHandle
LocalFree
HeapAlloc
HeapFree
GetProcessHeap
OpenProcess
GetVersionExW
GetCurrentThreadId
GetCurrentProcess
GetModuleFileNameW
QueryDosDeviceW
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
FreeLibrary
LoadLibraryW
FindFirstFileW
CreateFileW
GetLongPathNameW
GetFileAttributesExW
GetCurrentProcessId
FindResourceW
LoadResource
LockResource
GetSystemInfo
lstrcmpiW
GetLogicalDriveStringsW
GetFullPathNameW
SetFileTime
GetFileAttributesW
lstrlenW
GetTempPathW
GetCurrentDirectoryW
DeleteFileW
FindClose
FindNextFileW
GetFileSize
SetFilePointer
SetEndOfFile
WriteFile
ReadFile
GetFileTime
GetLastError
SetEnvironmentVariableA
GetTimeZoneInformation
ExitThread
CreateThread
FormatMessageW
GetFileSizeEx
GetLocalTime
CreateMutexW
GetModuleHandleExW
ReleaseMutex
GetEnvironmentVariableW
VirtualQuery
GetUserDefaultLangID
EncodePointer
DecodePointer
IsDebuggerPresent
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
HeapReAlloc
RaiseException
RtlUnwind
ExitProcess
MultiByteToWideChar
WideCharToMultiByte
HeapSize
SetLastError
GetStdHandle
GetFileType
GetStartupInfoW
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
CreateEventW
Sleep
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetTickCount
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetStringTypeW
SetFilePointerEx
GetConsoleMode
ReadConsoleW
GetConsoleCP
LoadLibraryExW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
OutputDebugStringW
SetStdHandle
FlushFileBuffers
WriteConsoleW
ExpandEnvironmentStringsW
FileTimeToSystemTime
InterlockedExchangeAdd
SetEvent
ResumeThread
ResetEvent
DeviceIoControl
InterlockedExchange
GlobalMemoryStatusEx
GetCommandLineW

shell32

CommandLineToArgvW
SHGetFolderPathW
SHGetSpecialFolderPathW

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

shlwapi

PathFileExistsW

Exports

Exports

Run

Sections

.text
Size: 749KB - Virtual size: 748KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 146KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b4f0584ec2ce181d5ad7fb0ee7e5b148

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

shell32

version

shlwapi

Exports

Exports

Sections

.text Size: 749KB - Virtual size: 748KB

.rdata Size: 146KB - Virtual size: 146KB

.data Size: 8KB - Virtual size: 18KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 34KB - Virtual size: 34KB

.text
Size: 749KB - Virtual size: 748KB

.rdata
Size: 146KB - Virtual size: 146KB

.data
Size: 8KB - Virtual size: 18KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 34KB - Virtual size: 34KB