e63c60aa59b4796fc7f0ad72453a9701ae68eec182f9726f6aef267f4ddacdf0

Sharing

Copy URL

Twitter E-mail

General

Target

e63c60aa59b4796fc7f0ad72453a9701ae68eec182f9726f6aef267f4ddacdf0
Size

148KB
MD5

01200cb00aaaf9d2b734b065776e491e
SHA1

e4e5b233795f962831ee76e418836bbac8069c50
SHA256

e63c60aa59b4796fc7f0ad72453a9701ae68eec182f9726f6aef267f4ddacdf0
SHA512

f093f920fa9fb53a1f8375e8d3f19e831b708fdba3aa78bfd0813fb83da1e04e63afab9a910ce3a59b6b9924335e3cf93dd3762a74be433a6748d34164c15717
SSDEEP

3072:R7VWoOghmpIMHnWPlJX57HOFMXEBqyb7htZzKeP:RpWvpMP1lwrZzKeP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e63c60aa59b4796fc7f0ad72453a9701ae68eec182f9726f6aef267f4ddacdf0

Files

e63c60aa59b4796fc7f0ad72453a9701ae68eec182f9726f6aef267f4ddacdf0
.exe windows x86

ec47a84dfc3ce927552737479d5be9ed

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
DecodePointer
DeleteCriticalSection
FreeLibrary
GetProcAddress
GetModuleHandleW
lstrcmpiW
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetModuleFileNameW
RaiseException
GetCurrentThreadId
CloseHandle
CreateFileW
InitializeCriticalSectionAndSpinCount
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
GetStringTypeW
GetProcessHeap
GetFileType
LCMapStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetFilePointerEx
EnterCriticalSection
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
ExitProcess
GetLastError
WideCharToMultiByte
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
WriteConsoleW
FindFirstFileExW
FindClose
SetStdHandle
EncodePointer
InitializeSListHead
GetCurrentProcess
IsProcessorFeaturePresent
IsDebuggerPresent
OutputDebugStringW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
RtlUnwind
SetLastError
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleExW
GetStdHandle
WriteFile

user32

DestroyWindow
DefWindowProcW
CharNextW

advapi32

RegOpenKeyExW
RegCloseKey
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegDeleteKeyW
RegEnumKeyExW
RegQueryInfoKeyW

ole32

CoCreateInstance
CoTaskMemRealloc
CoUninitialize
CoInitialize
CoTaskMemFree
CoTaskMemAlloc

oleaut32

VarUI4FromStr

comctl32

InitCommonControlsEx

Sections

.text
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ec47a84dfc3ce927552737479d5be9ed

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

comctl32

Sections

.text Size: 62KB - Virtual size: 62KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 3KB - Virtual size: 5KB

.rsrc Size: 49KB - Virtual size: 48KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 62KB - Virtual size: 62KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 3KB - Virtual size: 5KB

.rsrc
Size: 49KB - Virtual size: 48KB

.reloc
Size: 5KB - Virtual size: 4KB