e073139794c63458949c0f2384a2dc4a1d4c7259aeb5b3f1b5ffd700bc2df1b7

Sharing

Copy URL Twitter E-mail

General

Target

e073139794c63458949c0f2384a2dc4a1d4c7259aeb5b3f1b5ffd700bc2df1b7
Size

10.8MB
MD5

18174eac61dfc850efa7e2ff3164aac7
SHA1

516caefce2994f98b87a16e3d087f2ea1fa99da6
SHA256

e073139794c63458949c0f2384a2dc4a1d4c7259aeb5b3f1b5ffd700bc2df1b7
SHA512

b5481bc3e4642f655658f8787ac41086a1bcef949580aeeafe8a55b3ba107c34d688077c4401958e2a1f17aa25e57fc1fabec07944ce98ed6734d38b874e2943
SSDEEP

196608:AVZQZGrE2y+EdqF6AV2NFoU+QgBDPtUeH5/b+m1VLNTU6IzULjgWP2zB7QIewD/x:WT/EdtNb2zZ/b+mR4OLjgW+zB700/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e073139794c63458949c0f2384a2dc4a1d4c7259aeb5b3f1b5ffd700bc2df1b7

Files

e073139794c63458949c0f2384a2dc4a1d4c7259aeb5b3f1b5ffd700bc2df1b7
.exe windows:5 windows x86

215f2d365febebda3463274be9e827b0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rasapi32

RasHangUpA

kernel32

GetVersion
GetVersionExA
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

DrawFrameControl
CharUpperBuffW

gdi32

GetViewportExtEx

winmm

waveOutUnprepareHeader

winspool.drv

OpenPrinterA

advapi32

RegSetValueExA

shell32

Shell_NotifyIconA

ole32

CLSIDFromProgID

oleaut32

SafeArrayAccessData

comctl32

ImageList_Destroy

ws2_32

closesocket

wininet

InternetCloseHandle

comdlg32

GetSaveFileNameA

Exports

Exports

e2ee_CacheClear
e2ee_CacheDecr
e2ee_CacheDelete
e2ee_CacheExists
e2ee_CacheGet
e2ee_CacheGetMulti
e2ee_CacheGetMultiText
e2ee_CacheGetText
e2ee_CacheIncr
e2ee_CacheSet
e2ee_CacheSetExpire
e2ee_CacheSetText

Sections

T-VMP
Size: - Virtual size: 948KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

T-VMP
Size: - Virtual size: 920KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

T-VMP
Size: - Virtual size: 590KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

T-VMP
Size: - Virtual size: 5.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

T-VMP
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

T-VMP
Size: 8.5MB - Virtual size: 8.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

T-VMP
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

T-VMP
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

T-VMP
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

T-VMP
Size: 556KB - Virtual size: 552KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

T-VMP
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

215f2d365febebda3463274be9e827b0

Headers

File Characteristics

Imports

rasapi32

kernel32

user32

gdi32

winmm

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

ws2_32

wininet

comdlg32

Exports

Exports

Sections

T-VMP Size: - Virtual size: 948KB

T-VMP Size: - Virtual size: 920KB

T-VMP Size: - Virtual size: 590KB

T-VMP Size: - Virtual size: 5.8MB

T-VMP Size: 4KB - Virtual size: 2KB

T-VMP Size: 8.5MB - Virtual size: 8.5MB

T-VMP Size: 8KB - Virtual size: 6KB

T-VMP Size: 1.7MB - Virtual size: 1.7MB

T-VMP Size: 4KB - Virtual size: 4KB

T-VMP Size: 556KB - Virtual size: 552KB

T-VMP Size: 8KB - Virtual size: 6KB

T-VMP
Size: - Virtual size: 948KB

T-VMP
Size: - Virtual size: 920KB

T-VMP
Size: - Virtual size: 590KB

T-VMP
Size: - Virtual size: 5.8MB

T-VMP
Size: 4KB - Virtual size: 2KB

T-VMP
Size: 8.5MB - Virtual size: 8.5MB

T-VMP
Size: 8KB - Virtual size: 6KB

T-VMP
Size: 1.7MB - Virtual size: 1.7MB

T-VMP
Size: 4KB - Virtual size: 4KB

T-VMP
Size: 556KB - Virtual size: 552KB

T-VMP
Size: 8KB - Virtual size: 6KB