e976116676c9cd8f99694a89dfdd1c979f72ac16fd1d9895a62dbe7cdbdbc2cd

Sharing

Copy URL Twitter E-mail

General

Target

e976116676c9cd8f99694a89dfdd1c979f72ac16fd1d9895a62dbe7cdbdbc2cd
Size

171KB
MD5

5a691c903ce3ca3b456832f140a44277
SHA1

a035a065331113bbf18af553d15ad09af964aed5
SHA256

e976116676c9cd8f99694a89dfdd1c979f72ac16fd1d9895a62dbe7cdbdbc2cd
SHA512

0d911b32a3d36d0722b3119b19cf4865a53dc1832b63f3a17a2f06cb08b28e6de80a8d53aa4f14e399c91e6a20484cc1b99737ed0f07af8ce320df631b9a63b5
SSDEEP

3072:TC8Jg48ynhtgVB4QQWPtiEWdnRPaVYvr/02NhRS:WhPynhtgX4UNbehR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e976116676c9cd8f99694a89dfdd1c979f72ac16fd1d9895a62dbe7cdbdbc2cd

Files

e976116676c9cd8f99694a89dfdd1c979f72ac16fd1d9895a62dbe7cdbdbc2cd
.exe windows x86

bcd060e65fcdb3106f8723b9d6ddce5b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

CloseServiceHandle
ControlService
DeleteService
OpenSCManagerA
OpenServiceA

kernel32

CloseHandle
CompareStringA
CompareStringW
CreateEventA
CreateFileA
CreateThread
DeleteCriticalSection
DeviceIoControl
EnterCriticalSection
EnumCalendarInfoA
EnumResourceLanguagesA
EnumResourceNamesA
EnumResourceTypesA
ExitProcess
ExitThread
FindResourceA
FindResourceExA
FormatMessageA
FreeLibrary
FreeResource
GetCommandLineA
GetConsoleMode
GetConsoleOutputCP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetExitCodeThread
GetFileAttributesA
GetFileType
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetProcessAffinityMask
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetThreadLocale
GetThreadPriority
GetUserDefaultLCID
GetVersionExA
GetWindowsDirectoryA
HeapAlloc
HeapFree
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
LoadResource
LocalAlloc
LocalFree
LockResource
MultiByteToWideChar
OutputDebugStringA
ReadFile
ReadProcessMemory
ResetEvent
ResumeThread
SetEndOfFile
SetEvent
SetFilePointer
SetLastError
SetProcessAffinityMask
SetThreadLocale
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
Sleep
SuspendThread
TerminateThread
TlsAlloc
TlsGetValue
TlsSetValue
TryEnterCriticalSection
VirtualFree
WaitForSingleObject
WideCharToMultiByte
WriteFile

oleaut32

SysAllocStringLen
SysFreeString
SysReAllocStringLen

user32

CharLowerA
CharLowerBuffA
CharLowerBuffW
CharUpperA
CharUpperBuffA
CharUpperBuffW
GetSystemMetrics
MessageBeep
MessageBoxA
MsgWaitForMultipleObjects
PeekMessageA

Sections

.text
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_MEM_DISCARDABLE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bcd060e65fcdb3106f8723b9d6ddce5b

Headers

File Characteristics

Imports

advapi32

kernel32

oleaut32

user32

Sections

.text Size: 136KB - Virtual size: 135KB

.data Size: 28KB - Virtual size: 28KB

.bss Size: - Virtual size: 10KB

.CRT Size: 512B - Virtual size: 4B

.idata Size: 3KB - Virtual size: 2KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 136KB - Virtual size: 135KB

.data
Size: 28KB - Virtual size: 28KB

.bss
Size: - Virtual size: 10KB

.CRT
Size: 512B - Virtual size: 4B

.idata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 2KB - Virtual size: 1KB