90509b483f92e283d00fb2a66e2f72a0dd098b18edbacabefb831ce1e548c98a

Sharing

Copy URL Twitter E-mail

General

Target

90509b483f92e283d00fb2a66e2f72a0dd098b18edbacabefb831ce1e548c98a
Size

11.6MB
MD5

7abb815d1c962c71899d8e0f711bbab9
SHA1

715bf20d167d712a6db510fdcddda8ee2dfdbe7d
SHA256

90509b483f92e283d00fb2a66e2f72a0dd098b18edbacabefb831ce1e548c98a
SHA512

8ae901d561a6103bf1052d2a79585b37e1793c96854a4b6de6150588a990e2ff0a249f5bd4a040a37144fe3a3eec4ef110c0ae204f7db86971e4714491664001
SSDEEP

196608:1pvl2BhWRxYzFUIyUuDcMz2tWtZPhO8dUEdRApmm6atyBKSR8nLbqGNI:nvEaTYzWfQu2At148iURST668k5u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
90509b483f92e283d00fb2a66e2f72a0dd098b18edbacabefb831ce1e548c98a

Files

90509b483f92e283d00fb2a66e2f72a0dd098b18edbacabefb831ce1e548c98a
.exe windows:5 windows x86

881303d2bf53a80bc0055d7dd493c88a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

midiStreamOut

ws2_32

WSACleanup

kernel32

GetVersion
GetVersionExA
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

GetMessagePos
CharUpperBuffW

gdi32

TextOutA

winspool.drv

OpenPrinterA

advapi32

RegOpenKeyExA

shell32

Shell_NotifyIconA

ole32

CLSIDFromProgID

oleaut32

UnRegisterTypeLi

comctl32

ord17

comdlg32

ChooseColorA

Exports

Exports

e2ee_CacheClear
e2ee_CacheDecr
e2ee_CacheDelete
e2ee_CacheExists
e2ee_CacheGet
e2ee_CacheGetMulti
e2ee_CacheGetMultiText
e2ee_CacheGetText
e2ee_CacheIncr
e2ee_CacheSet
e2ee_CacheSetExpire
e2ee_CacheSetText

Sections

.text
Size: - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 3.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 623KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SiG
Size: - Virtual size: 7.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.@2#
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.kw1
Size: 11.3MB - Virtual size: 11.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 276KB - Virtual size: 273KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

881303d2bf53a80bc0055d7dd493c88a

Headers

File Characteristics

Imports

winmm

ws2_32

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

comdlg32

Exports

Exports

Sections

.text Size: - Virtual size: 1.1MB

.rdata Size: - Virtual size: 3.3MB

.data Size: - Virtual size: 623KB

.SiG Size: - Virtual size: 7.0MB

.@2# Size: 4KB - Virtual size: 2KB

.kw1 Size: 11.3MB - Virtual size: 11.3MB

.rsrc Size: 276KB - Virtual size: 273KB

.text
Size: - Virtual size: 1.1MB

.rdata
Size: - Virtual size: 3.3MB

.data
Size: - Virtual size: 623KB

.SiG
Size: - Virtual size: 7.0MB

.@2#
Size: 4KB - Virtual size: 2KB

.kw1
Size: 11.3MB - Virtual size: 11.3MB

.rsrc
Size: 276KB - Virtual size: 273KB