9677993c64f6d8f9ddb4ec81b51371e446ea8f12a91f8d76ea0de40330b61c60

Sharing

Copy URL Twitter E-mail

General

Target

9677993c64f6d8f9ddb4ec81b51371e446ea8f12a91f8d76ea0de40330b61c60
Size

15.5MB
MD5

1cb1cb62ec972ac9ae75fbb8f117a1b5
SHA1

ffa025f4886512724643ccfcafbb6e4633d1bef3
SHA256

9677993c64f6d8f9ddb4ec81b51371e446ea8f12a91f8d76ea0de40330b61c60
SHA512

15e746aa680022c8fec6cbb9cc2aab84a41f082970c9e5478e8d57a9b158054cceafd64b7e3bb830112e99ba7f1a4442af0aa86630c872bbd9e10eae78ba23f2
SSDEEP

393216:9C3gE8HFkYBEmfn+/3eCco368x98vaJ4c9smsaJSRX7:9C3QH6NwCcO68marlsaJSRX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9677993c64f6d8f9ddb4ec81b51371e446ea8f12a91f8d76ea0de40330b61c60

Files

9677993c64f6d8f9ddb4ec81b51371e446ea8f12a91f8d76ea0de40330b61c60
.exe windows:4 windows x86

ac12247787dfefb6a966d9ea37a1a8d7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
GetModuleHandleA

winmm

midiStreamRestart

ws2_32

setsockopt

user32

EnumDisplaySettingsA

gdi32

LineTo

msimg32

GradientFill

winspool.drv

ClosePrinter

advapi32

RegOpenKeyExA

shell32

Shell_NotifyIconA

ole32

OleRun

oleaut32

UnRegisterTypeLi

comctl32

ImageList_Draw

wldap32

ord29

comdlg32

ChooseColorA

secur32

GetUserNameExA

wininet

DeleteUrlCacheEntryW

urlmon

URLDownloadToFileW

shlwapi

StrTrimA

iphlpapi

GetAdaptersInfo

Exports

Exports

e2ee_CacheClear
e2ee_CacheDecr
e2ee_CacheDelete
e2ee_CacheExists
e2ee_CacheGet
e2ee_CacheGetMulti
e2ee_CacheGetMultiText
e2ee_CacheGetText
e2ee_CacheIncr
e2ee_CacheSet
e2ee_CacheSetExpire
e2ee_CacheSetText

Sections

.text
Size: - Virtual size: 13.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mapo
Size: 9.8MB - Virtual size: 9.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mapo
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mapo2
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ac12247787dfefb6a966d9ea37a1a8d7

Headers

File Characteristics

Imports

kernel32

winmm

ws2_32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

wldap32

comdlg32

secur32

wininet

urlmon

shlwapi

iphlpapi

Exports

Exports

Sections

.text Size: - Virtual size: 13.0MB

.mapo Size: 9.8MB - Virtual size: 9.8MB

.rsrc Size: 2.9MB - Virtual size: 2.9MB

.mapo Size: 160KB - Virtual size: 160KB

.mapo2 Size: 2.7MB - Virtual size: 2.7MB

.text
Size: - Virtual size: 13.0MB

.mapo
Size: 9.8MB - Virtual size: 9.8MB

.rsrc
Size: 2.9MB - Virtual size: 2.9MB

.mapo
Size: 160KB - Virtual size: 160KB

.mapo2
Size: 2.7MB - Virtual size: 2.7MB