e3b4abd661830aexeexeexeex[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

e3b4abd661830aexeexeexeex.exe
Size

1.6MB
MD5

e3b4abd661830abdc6d79e0cb394e2d3
SHA1

67a94b6ed20e19154622c9ab4dc0fbfb8b8d7411
SHA256

9b98cd18fa2a9a35f8d5c8f6aee566c2a2adbe1edd4bdff9b68ea9bd498634af
SHA512

58fa9c57ab135ac5299d5786120d452733226ff0b3a3386297354a44cf53ffd6ab1f02eb94779cb31da26d16602210418f9efc68228a6ef2d6c854e2a5c74379
SSDEEP

49152:cG733/ADWC/vEhTSKPdG9F+bGmFaFjVqFH:r7H/ADWC/chewGoz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e3b4abd661830aexeexeexeex.exe

Files

e3b4abd661830aexeexeexeex.exe
.exe windows x86

91173f0b117cf85750bc6765f496d3da

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipDeleteGraphics
GdipCreateFont
GdipGetGenericFontFamilySansSerif
GdipDeleteFontFamily
GdipCreateFontFamilyFromName
GdiplusStartup
GdipDrawImageRectRect
GdipSetImageAttributesColorKeys
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipDrawImageRect
GdipGetImageDimension
GdipCreateBitmapFromStreamICM
GdipCreateFromHDC
GdipCloneImage
GdipDisposeImage
GdipDrawString
GdipCloneBrush
GdipAlloc
GdipFree
GdipDeleteBrush
GdipCreateSolidFill
GdipDeleteFont

kernel32

WaitForSingleObject
ExitProcess
SetEvent
AttachConsole
GetStdHandle
GetConsoleScreenBufferInfo
FillConsoleOutputCharacterW
FillConsoleOutputAttribute
SetConsoleCursorPosition
WriteConsoleW
GetTickCount
WaitForMultipleObjects
GetModuleHandleW
MulDiv
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
FindResourceW
LoadResource
SizeofResource
LockResource
ConnectNamedPipe
CreateNamedPipeW
WaitNamedPipeW
InitializeCriticalSection
LeaveCriticalSection
CreateFileW
DisconnectNamedPipe
FlushFileBuffers
EnterCriticalSection
SetNamedPipeHandleState
DeleteCriticalSection
_llseek
QueryPerformanceCounter
_lclose
WriteFile
FormatMessageW
GetLocalTime
QueryPerformanceFrequency
GetCurrentThreadId
LocalFree
GetFullPathNameW
GetEnvironmentVariableW
CreateDirectoryW
GetFileAttributesW
GetCurrentDirectoryW
GetLongPathNameW
GetFileSize
SetFilePointer
VirtualQueryEx
CopyFileW
ReadProcessMemory
ReadFile
GetFileSizeEx
DeleteFileW
MapViewOfFile
ResumeThread
OpenFileMappingW
SearchPathW
ExpandEnvironmentStringsW
FindFirstFileW
FreeLibrary
GetSystemTimeAsFileTime
CreateEventA
GetProcAddress
ResetEvent
LoadLibraryA
GetModuleHandleA
FindNextFileW
GetWindowsDirectoryW
InterlockedIncrement
InterlockedDecrement
GetModuleFileNameW
FindClose
RemoveDirectoryW
SetFileAttributesW
CreateFileMappingW
CreateMutexW
InterlockedCompareExchange
WaitForSingleObjectEx
GetACP
LoadLibraryW
GetShortPathNameW
MoveFileW
GetFileAttributesExW
GetVersionExA
SetEndOfFile
LoadLibraryExW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LCMapStringW
RtlUnwind
RaiseException
GetCPInfo
HeapReAlloc
GetStartupInfoW
HeapSetInformation
GetCommandLineW
HeapFree
HeapAlloc
GetTimeZoneInformation
lstrlenA
DecodePointer
EncodePointer
GetStringTypeW
MultiByteToWideChar
InterlockedExchange
WideCharToMultiByte
GetOEMCP
IsValidCodePage
GetCurrentProcessId
TerminateProcess
SetLastError
GetCurrentProcess
DuplicateHandle
CreateEventW
CreateProcessW
CloseHandle
GetLastError
CreateThread
Sleep
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetLocaleInfoW
GetConsoleCP
GetConsoleMode
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetStdHandle
GetProcessHeap
CompareStringW
SetEnvironmentVariableA
HeapSize
IsProcessorFeaturePresent
HeapCreate
UnmapViewOfFile
ReleaseMutex
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree

user32

KillTimer
PeekMessageW
BeginPaint
CreateWindowExW
GetDesktopWindow
GetWindowRect
RegisterClassExW
LoadCursorW
wsprintfW
DefWindowProcW
ShowWindow
UpdateWindow
IsWindow
DestroyWindow
DispatchMessageW
TranslateMessage
GetMessageW
SetTimer
MessageBoxW
InvalidateRect
DrawTextW
EndPaint
SetLayeredWindowAttributes

gdi32

SetDCPenColor
SetDCBrushColor
GetStockObject
SetBkMode
SetTextColor
DeleteObject
GetTextExtentPoint32W
SelectObject
CreateFontIndirectW
GetDeviceCaps
Rectangle

advapi32

RegCreateKeyExW
RegEnumKeyExW
RegEnumValueW
EnumServicesStatusExW
QueryServiceConfigW
ControlService
GetServiceDisplayNameW
QueryServiceStatusEx
SetServiceStatus
ChangeServiceConfigW
QueryServiceStatus
StartServiceW
ChangeServiceConfig2W
QueryServiceConfig2W
OpenServiceW
EnumDependentServicesW
OpenSCManagerW
DeleteService
CloseServiceHandle
RegOpenKeyW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW

shell32

SHChangeNotify
SHGetSpecialFolderLocation
SHBindToParent
SHCreateDirectoryExW
SHGetFolderPathW
SHGetMalloc

ole32

CoCreateInstance
CoInitialize
OleRun
CreateStreamOnHGlobal

oleaut32

VariantClear
SysAllocString
SysFreeString
GetErrorInfo

shlwapi

StrRetToBufW

Sections

.text
Size: 976KB - Virtual size: 976KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 224KB - Virtual size: 223KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 394KB - Virtual size: 394KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

91173f0b117cf85750bc6765f496d3da

Headers

DLL Characteristics

File Characteristics

Imports

gdiplus

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

Sections

.text Size: 976KB - Virtual size: 976KB

.rdata Size: 224KB - Virtual size: 223KB

.data Size: 8KB - Virtual size: 141KB

.rsrc Size: 394KB - Virtual size: 394KB

.reloc Size: 68KB - Virtual size: 68KB

.text
Size: 976KB - Virtual size: 976KB

.rdata
Size: 224KB - Virtual size: 223KB

.data
Size: 8KB - Virtual size: 141KB

.rsrc
Size: 394KB - Virtual size: 394KB

.reloc
Size: 68KB - Virtual size: 68KB