49e2e1547e354c3f060c1314428dc3e6eb9417ea81c500b3e9e20222a79e76de

Sharing

Copy URL Twitter E-mail

General

Target

49e2e1547e354c3f060c1314428dc3e6eb9417ea81c500b3e9e20222a79e76de
Size

5.8MB
MD5

07e37381c0b7f4de6da2cb5a0456aec0
SHA1

a6734829ff41331d7622917514f91d9e4013e2f0
SHA256

49e2e1547e354c3f060c1314428dc3e6eb9417ea81c500b3e9e20222a79e76de
SHA512

61358161efdf71bfbe5426e9258e013ae6965c2648b5776f87b2dbc235f30504a00ca8318380a77c9f5e1dea1ee76f859ef64c8a4783fff9125d9f0e093f6af3
SSDEEP

98304:GbBaq20cjLz7SRHWIKL56GjZ1j8DaDpDZ3jWXIAiz7lkEK2MU2RMsAG1y+I5YR+:Sx50fIKLlz4DaDZZ3jgIAiz7luU2RMsk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49e2e1547e354c3f060c1314428dc3e6eb9417ea81c500b3e9e20222a79e76de

Files

49e2e1547e354c3f060c1314428dc3e6eb9417ea81c500b3e9e20222a79e76de
.exe windows x86

5f3a8e7665346cb059f6336194d491a0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

midiStreamOut

ws2_32

WSACleanup

kernel32

SetFilePointer

user32

IsIconic

gdi32

GetViewportExtEx

winspool.drv

OpenPrinterA

advapi32

RegOpenKeyExA

shell32

ShellExecuteA

ole32

CLSIDFromString

oleaut32

UnRegisterTypeLi

comctl32

ImageList_GetIcon

comdlg32

ChooseColorA

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Exports

Exports

e2ee_CacheClear
e2ee_CacheDecr
e2ee_CacheDelete
e2ee_CacheExists
e2ee_CacheGet
e2ee_CacheGetMulti
e2ee_CacheGetMultiText
e2ee_CacheGetText
e2ee_CacheIncr
e2ee_CacheSet
e2ee_CacheSetExpire
e2ee_CacheSetText

Sections

.text
Size: 4.5MB - Virtual size: 6.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 208KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5f3a8e7665346cb059f6336194d491a0

Headers

File Characteristics

Imports

winmm

ws2_32

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

comdlg32

msvcrt

iphlpapi

psapi

Exports

Exports

Sections

.text Size: 4.5MB - Virtual size: 6.3MB

.sedata Size: 1.1MB - Virtual size: 1.1MB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 208KB - Virtual size: 208KB

.sedata Size: 4KB - Virtual size: 4KB

.text
Size: 4.5MB - Virtual size: 6.3MB

.sedata
Size: 1.1MB - Virtual size: 1.1MB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 208KB - Virtual size: 208KB

.sedata
Size: 4KB - Virtual size: 4KB