e27a55328bddcec367f428ca520aa7ce99c5451e8dd6c710a150f60bf54688f7

Sharing

Copy URL Twitter E-mail

General

Target

e27a55328bddcec367f428ca520aa7ce99c5451e8dd6c710a150f60bf54688f7
Size

146KB
MD5

7cca135ecf2f056c998d8def79518a95
SHA1

ef6ac44255618482dabf15f24a7ec9e116342399
SHA256

e27a55328bddcec367f428ca520aa7ce99c5451e8dd6c710a150f60bf54688f7
SHA512

9883cc0e56e78cd2e0e9d8cf511d9adb9a0e55adf14510425359203e5448acf8f2e951f9f5b0ce79adc93130e71062b297a905bad50867d86b143328ccc4765b
SSDEEP

1536:u33zDSYY9/jMRBKxsae8SRlNgtjB9+qol6WnGHAUJsyB5:unz2z/jMwe8YcB9+qol6WGHAUDB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e27a55328bddcec367f428ca520aa7ce99c5451e8dd6c710a150f60bf54688f7

Files

e27a55328bddcec367f428ca520aa7ce99c5451e8dd6c710a150f60bf54688f7
.exe windows:4 windows x86

3d63d7d1531d0edfa02fa4fcef7eaac1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileAttributesA
FindFirstFileA
FindNextFileA
MoveFileExA
GetVersionExA
RemoveDirectoryA
GetPrivateProfileStringA
GetLocalTime
CreateDirectoryA
LoadResource
LockResource
GetFileAttributesA
LoadLibraryA
GlobalLock
DeleteFileA
FreeResource
SetErrorMode
lstrcatA
GetWindowsDirectoryA
FreeLibrary
GlobalUnlock
GlobalFree
SizeofResource
_lcreat
_lwrite
_lclose
WinExec
CreateProcessA
WaitForSingleObject
WritePrivateProfileStringA
GetProcAddress
lstrcpynA
FileTimeToLocalFileTime
MultiByteToWideChar
GetFileTime
_lread
FileTimeToDosDateTime
_llseek
_lopen
GetDriveTypeA
GetSystemDirectoryA
MulDiv
lstrcmpA
lstrcmpiA
lstrcpyA
GetModuleFileNameA
lstrlenA
CopyFileA
GetTempPathA
GetTempFileNameA
GetPrivateProfileIntA
FindResourceA
GlobalAlloc
FindClose
FreeEnvironmentStringsA
HeapReAlloc
VirtualAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsW
VirtualFree
HeapCreate
OpenFile
ReadFile
SetFilePointer
WriteFile
GetStdHandle
SetHandleCount
SetStdHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
WideCharToMultiByte
GetCurrentProcess
TerminateProcess
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
HeapFree
HeapAlloc
MoveFileA
CreateFileA
GetFileType
SetEndOfFile
CloseHandle
GetFullPathNameA
SetCurrentDirectoryA
GetCurrentDirectoryA
SetEnvironmentVariableA
GetLastError
GetEnvironmentStrings
GetEnvironmentStringsW
RtlUnwind
GetCPInfo
GetOEMCP
HeapDestroy
GetACP

user32

RegisterClassA
LoadIconA
UpdateWindow
ShowWindow
LoadBitmapA
PeekMessageA
SetTimer
TranslateMessage
CreateWindowExA
GetSystemMetrics
SetWindowTextA
GetMessageA
GetSysColor
LoadCursorA
SetCursor
EnableWindow
IsWindowVisible
CreateDialogParamA
IsDialogMessageA
PostMessageA
MessageBoxA
wsprintfA
ExitWindowsEx
EndPaint
PostQuitMessage
GetClientRect
BeginPaint
ReleaseDC
InvalidateRect
GetDC
DefWindowProcA
MoveWindow
GetWindowRect
SetDlgItemTextA
EndDialog
GetDlgItemTextA
SetRect
ScreenToClient
GetDlgItem
GetWindowTextA
SendDlgItemMessageA
SetFocus
OemToCharA
CharNextA
GetDialogBaseUnits
FillRect
DrawIcon
LoadStringA
GetParent
EnumChildWindows
FindWindowA
SendMessageA
DdeCreateDataHandle
DdeInitializeA
DdeConnect
DestroyWindow
DdeClientTransaction
DdeDisconnect
DdeUninitialize
DialogBoxParamA
DispatchMessageA
KillTimer
DdeFreeDataHandle
DdeGetData
DdeCreateStringHandleA

gdi32

DeleteObject
GetTextExtentPointA
TextOutA
GetObjectA
SetBkMode
CreateFontA
SetTextColor
DeleteDC
BitBlt
GetDeviceCaps
PatBlt
CreateSolidBrush
CreateCompatibleDC
RealizePalette
SelectPalette
SelectObject
SetBkColor
MoveToEx
ExtTextOutA
LineTo
CreateFontIndirectA
CreatePen
CreateCompatibleBitmap
CreateDIBitmap
StretchBlt
GetStockObject
CreatePalette

comdlg32

GetOpenFileNameA

advapi32

RegDeleteKeyA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
CloseServiceHandle
OpenSCManagerA
RegSetValueA
RegSetValueExA
RegCreateKeyExA
RegEnumKeyExA
RegEnumValueA
RegDeleteValueA
RegEnumKeyA
RegOpenKeyA
DeleteService
ControlService
OpenServiceA

ole32

CoUninitialize
CoCreateInstance
CoInitialize

Exports

Exports

_ItemDlg@16
_MainWndProc@16
_PromptDlg@16
_SharedDlg@16

Sections

.text
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3d63d7d1531d0edfa02fa4fcef7eaac1

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

Exports

Exports

Sections

.text Size: 58KB - Virtual size: 58KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 5KB - Virtual size: 7KB

.rsrc Size: 73KB - Virtual size: 73KB

.text
Size: 58KB - Virtual size: 58KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 5KB - Virtual size: 7KB

.rsrc
Size: 73KB - Virtual size: 73KB