2113378fa353bf89ea15cdd9aa79c4ed41fa771472e1c706c0c5f6a4db26ae7b

Sharing

Copy URL Twitter E-mail

General

Target

2113378fa353bf89ea15cdd9aa79c4ed41fa771472e1c706c0c5f6a4db26ae7b
Size

164KB
MD5

1a3f76857806beeb81356d35ce6c2f3d
SHA1

78251a0113a9a3bc48a93d437eaff0fa3eb15182
SHA256

2113378fa353bf89ea15cdd9aa79c4ed41fa771472e1c706c0c5f6a4db26ae7b
SHA512

83b7e4f6cd8eb944b6df98de6c3d2c12dc4048a3e7c8f07a52645b29d51c4f146986c2e0e0daa3f4a34a469170a7677f9fba5e3e0dfaad7597fc99279f77e907
SSDEEP

3072:xmd64sOScpJjB10K7DG2xCKTRigeoeWaLH4gjgLd8ys0WKFPwuE2B9NCVdDq:xJjIJVuK7DGiRXeWaLh8Ld870WcPwM9F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2113378fa353bf89ea15cdd9aa79c4ed41fa771472e1c706c0c5f6a4db26ae7b

Files

2113378fa353bf89ea15cdd9aa79c4ed41fa771472e1c706c0c5f6a4db26ae7b
.exe windows x86

e7ecb14baeef11ff4eee19206e301fdc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msacm32

acmDriverAddW
acmFormatTagDetailsW
acmDriverDetailsW
acmDriverRemove
acmFormatDetailsW

setupapi

SetupDiGetClassDescriptionW
SetupDiDeleteDeviceInfo
SetupGetInfFileListA
SetupDuplicateDiskSpaceListA
SetupDiSetSelectedDevice

mapi32

ord148
ord42
ord48
ord68
ord170
ord133

shell32

ShellExecuteExA
SHAppBarMessage
FindExecutableA
SHEmptyRecycleBinW
SHGetDesktopFolder

gdi32

EnumFontFamiliesExA
CreatePalette
StrokePath
CopyEnhMetaFileA
GetColorSpace

winmm

joySetCapture
joy32Message
mixerSetControlDetails
midiStreamPause
mmioInstallIOProcA

avifil32

AVIFileGetStream
AVIFileInit
AVIStreamSampleToTime
AVISave
AVIStreamOpenFromFileW

kernel32

GetProcessHeap
GetStringTypeW
SetStdHandle
FlushFileBuffers
GetEnvironmentStringsW
GetCommandLineW
SetFilePointerEx
GetCPInfo
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
HeapSize
HeapReAlloc
FreeEnvironmentStringsW
CloseHandle
FindNextFileA
FindFirstFileExA
FindClose
CreateFileW
WriteConsoleW
DecodePointer
GetCommandLineA
EnterCriticalSection
VirtualProtect
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
RtlUnwind
GetLastError
SetLastError
RaiseException
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
GetStdHandle
WriteFile
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
ExitProcess
GetModuleHandleExW
GetACP
HeapFree
HeapAlloc
LCMapStringW
GetFileType

Sections

.text
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e7ecb14baeef11ff4eee19206e301fdc

Headers

DLL Characteristics

File Characteristics

Imports

msacm32

setupapi

mapi32

shell32

gdi32

winmm

avifil32

kernel32

Sections

.text Size: 67KB - Virtual size: 66KB

.rdata Size: 25KB - Virtual size: 25KB

.data Size: 30KB - Virtual size: 32KB

.gfids Size: 512B - Virtual size: 176B

.rsrc Size: 34KB - Virtual size: 34KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 67KB - Virtual size: 66KB

.rdata
Size: 25KB - Virtual size: 25KB

.data
Size: 30KB - Virtual size: 32KB

.gfids
Size: 512B - Virtual size: 176B

.rsrc
Size: 34KB - Virtual size: 34KB

.reloc
Size: 5KB - Virtual size: 5KB