e70f16a3fbc4577962a3d95a9cbc2264c1911214b8fe01856cb4c48facdaf568

Sharing

Copy URL Twitter E-mail

General

Target

e70f16a3fbc4577962a3d95a9cbc2264c1911214b8fe01856cb4c48facdaf568
Size

1.2MB
MD5

f770ede333e70c7a34c5a76e4587fc35
SHA1

03c630b36cb60a66d7e2a0f000f56d90cfc5344e
SHA256

e70f16a3fbc4577962a3d95a9cbc2264c1911214b8fe01856cb4c48facdaf568
SHA512

97bb00e412ea950a06c6d16c8399b6d397cf2c3933b5bfb463dff962c60ac092acbd90c7c21c14dba29eff875641ee9d83f60dc17d80cd854fa526383d2a75b0
SSDEEP

24576:7ZF28UHB0W2/Q2JOt934J7Z6bQaj1BvUm9J:tlUhs7JE3jM2ce

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e70f16a3fbc4577962a3d95a9cbc2264c1911214b8fe01856cb4c48facdaf568

Files

e70f16a3fbc4577962a3d95a9cbc2264c1911214b8fe01856cb4c48facdaf568
.exe windows:5 windows x86

55ad07890b9f3c9d308dadb00e8ec550

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

libcef

cef_log
cef_process_message_create
cef_dictionary_value_create
cef_v8context_get_current_context
cef_v8value_create_bool
cef_execute_process
cef_v8value_create_string
cef_v8value_create_function
cef_string_list_size
cef_string_list_value
cef_string_list_append
cef_string_map_size
cef_string_map_key
cef_string_map_value
cef_string_map_append
cef_string_multimap_size
cef_string_multimap_key
cef_string_multimap_value
cef_string_multimap_append
cef_string_multimap_alloc
cef_string_multimap_free
cef_post_task
cef_api_hash
cef_command_line_create
cef_string_map_free
cef_string_map_alloc
cef_string_list_free
cef_string_list_alloc
cef_v8value_create_int
cef_string_userfree_utf16_free
cef_register_extension
cef_string_utf16_to_utf8
cef_string_utf8_clear
cef_string_utf16_cmp
cef_string_utf8_to_utf16
cef_string_utf16_set
cef_string_utf16_clear

kernel32

GetStartupInfoW
OutputDebugStringW
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
CreateFileW
CloseHandle
SetEnvironmentVariableW
GetCommandLineW
HeapDestroy
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
GetProcessHeap
InitializeCriticalSectionAndSpinCount
GetLastError
DeleteCriticalSection
GetModuleFileNameW
SetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetProcAddress
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
LeaveCriticalSection
EnterCriticalSection
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
IsDebuggerPresent

msvcp140

?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?_BADOFF@std@@3_JB
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z
?uncaught_exception@std@@YA_NXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Xbad_alloc@std@@YAXXZ
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z

vcruntime140

__vcrt_InitializeCriticalSectionEx
memset
memcpy
_except_handler4_common
_CxxThrowException
__CxxFrameHandler3
memchr
wcsrchr
_purecall
__std_exception_copy
__std_exception_destroy
__std_terminate
memmove

api-ms-win-crt-stdio-l1-1-0

__p__commode
_set_fmode
__stdio_common_vsprintf_s

api-ms-win-crt-runtime-l1-1-0

_get_wide_winmain_command_line
_initterm
_initterm_e
exit
_exit
_initialize_onexit_table
_c_exit
_register_thread_local_exe_atexit_callback
_initialize_wide_environment
_configure_wide_argv
_controlfp_s
_set_app_type
_seh_filter_exe
_cexit
_crt_atexit
_invalid_parameter_noinfo_noreturn
terminate
_invalid_parameter_noinfo
_errno
_register_onexit_function

api-ms-win-crt-heap-l1-1-0

free
_set_new_mode
malloc
_callnewh

api-ms-win-crt-string-l1-1-0

isdigit
strpbrk

api-ms-win-crt-convert-l1-1-0

_wtoi64

api-ms-win-crt-filesystem-l1-1-0

_waccess

api-ms-win-crt-math-l1-1-0

__setusermatherr
_except1

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 270KB - Virtual size: 270KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 84B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 375KB - Virtual size: 374KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 584KB - Virtual size: 588KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

55ad07890b9f3c9d308dadb00e8ec550

Headers

DLL Characteristics

File Characteristics

Imports

libcef

kernel32

msvcp140

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 270KB - Virtual size: 270KB

.rdata Size: 45KB - Virtual size: 44KB

.data Size: 2KB - Virtual size: 3KB

.gfids Size: 512B - Virtual size: 84B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 375KB - Virtual size: 374KB

.reloc Size: 584KB - Virtual size: 588KB

.text
Size: 270KB - Virtual size: 270KB

.rdata
Size: 45KB - Virtual size: 44KB

.data
Size: 2KB - Virtual size: 3KB

.gfids
Size: 512B - Virtual size: 84B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 375KB - Virtual size: 374KB

.reloc
Size: 584KB - Virtual size: 588KB