e76d1a3d31d8880801dd6de24a2ed52f88b1afa315ac2b00be0fa12cf4bba8a1

Sharing

Copy URL Twitter E-mail

General

Target

e76d1a3d31d8880801dd6de24a2ed52f88b1afa315ac2b00be0fa12cf4bba8a1
Size

120KB
MD5

8da4758347389ca3daead5cbfb1a109f
SHA1

ecdbca3090f5b167fa6253746bb6a9ad0b456996
SHA256

e76d1a3d31d8880801dd6de24a2ed52f88b1afa315ac2b00be0fa12cf4bba8a1
SHA512

7dd9c3c2a2bf8d30b95fbaa18ed29216b46441fd7d1f9ec6c82e4c40af954185e9f791f842f99a8d77fc9dfc36ba5fef59b10221cc634251f9b8fceba768f449
SSDEEP

3072:idAjgEDAhtfOje+0wPOdX1SUD50A7PUQeGvIg:o81DOzD5eQe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e76d1a3d31d8880801dd6de24a2ed52f88b1afa315ac2b00be0fa12cf4bba8a1

Files

e76d1a3d31d8880801dd6de24a2ed52f88b1afa315ac2b00be0fa12cf4bba8a1
.exe windows x86

30d950d61077e5614ca1b41bf8d8722b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDiskFreeSpaceExA
DeviceIoControl
GetLogicalDriveStringsA
ReadFile
CreateThread
GetLocalTime
lstrlenA
Sleep
GetExitCodeThread
GetUserDefaultLangID
CompareStringW
CompareStringA
FlushFileBuffers
RtlUnwind
SetStdHandle
LoadLibraryA
GetTimeZoneInformation
VirtualQuery
GetSystemInfo
VirtualProtect
GetLocaleInfoA
GetLastError
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetModuleFileNameA
GetStdHandle
GetProcAddress
ExitProcess
LCMapStringW
MultiByteToWideChar
WideCharToMultiByte
LCMapStringA
GetCPInfo
GetOEMCP
GetACP
HeapReAlloc
VirtualAlloc
GetWindowsDirectoryA
CopyFileA
GetCurrentDirectoryA
QueryDosDeviceA
GetStringTypeW
FormatMessageA
CloseHandle
OutputDebugStringA
CreateFileA
SetFilePointer
VirtualFree
HeapCreate
WriteFile
GetStringTypeA
HeapDestroy
GetVersionExA
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
FindFirstFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
HeapAlloc
HeapFree
SetEnvironmentVariableA

user32

LoadImageA
LoadIconA
GetWindowLongA
SetWindowLongA
DestroyWindow
IsWindowEnabled
GetWindowTextA
GetDlgItemTextA
DialogBoxParamA
PostMessageA
PostQuitMessage
RegisterDeviceNotificationA
DefWindowProcA
IsDlgButtonChecked
SendMessageA
ShowWindow
SetTimer
KillTimer
MessageBoxA
EnableWindow
GetDlgItemInt
GetDC
GetClientRect
FillRect
SetDlgItemInt
GetDlgItem
SetFocus
CheckDlgButton
EndDialog
SetDlgItemTextA
SetWindowTextA
SendDlgItemMessageA
UnregisterDeviceNotification

gdi32

DeleteObject
CreatePen
SelectObject
MoveToEx
LineTo
CreateSolidBrush

advapi32

RegCloseKey
RegCreateKeyA
RegSetValueExA

shell32

StrStrIA

comctl32

PropertySheetA

setupapi

SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupDiDestroyDeviceInfoList
SetupDiSetDeviceRegistryPropertyA
SetupDiSetClassInstallParamsA
SetupDiCallClassInstaller
SetupDiGetDeviceInstallParamsA
SetupDiGetDeviceRegistryPropertyA

Sections

.text
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 185KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

30d950d61077e5614ca1b41bf8d8722b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

comctl32

setupapi

Sections

.text Size: 68KB - Virtual size: 66KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 20KB - Virtual size: 185KB

.rsrc Size: 20KB - Virtual size: 40KB

.text
Size: 68KB - Virtual size: 66KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 20KB - Virtual size: 185KB

.rsrc
Size: 20KB - Virtual size: 40KB