e0c27104035b1acc29ee7d3f5157bce782f8dd87603eb72804eed2f4a46c88de

Sharing

Copy URL Twitter E-mail

General

Target

e0c27104035b1acc29ee7d3f5157bce782f8dd87603eb72804eed2f4a46c88de
Size

127KB
MD5

59099cfa01ef8c1d70cba49401b5f056
SHA1

9d831b9a972ab106a5f7a793c648d79ec4e53abe
SHA256

e0c27104035b1acc29ee7d3f5157bce782f8dd87603eb72804eed2f4a46c88de
SHA512

a90c448890d7d69a886d378d60b473c35956fd3a0a7804ca6e13aa5d3faaeaaee4a54a3835e9b7a827b1e6442d932548ebd19f943029271287ae0b55ba153948
SSDEEP

1536:RgO/zhPmZa4LQ8M2mIEHpzEM9UnBtzWePaHzALKhyQnurAOi1POaRHv5iTM:RhEjtaJzErj9FqQsgSv5iTM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e0c27104035b1acc29ee7d3f5157bce782f8dd87603eb72804eed2f4a46c88de

Files

e0c27104035b1acc29ee7d3f5157bce782f8dd87603eb72804eed2f4a46c88de
.exe windows:5 windows x86

b88275541956d5d5f420e69ffd6dda2b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
LoadLibraryA
SetErrorMode
GetProcAddress
LocalFree
GetCurrentThreadId
InterlockedDecrement
GetLastError
MultiByteToWideChar
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
LoadLibraryExA
WideCharToMultiByte
GetCurrentProcess
GetComputerNameA
GetPrivateProfileStringA
FindClose
FindNextFileA
lstrlenA
CloseHandle
CreateFileA
lstrcpyA
GetModuleFileNameA
SetLastError
GetModuleHandleA
TerminateProcess
GetExitCodeProcess
OpenProcess
Process32Next
Process32First
CreateToolhelp32Snapshot
DeleteFileA
WritePrivateProfileStringA
GetPrivateProfileIntA
Sleep
GetTickCount
WinExec
GlobalDeleteAtom
GlobalFindAtomA
SetStdHandle
FlushFileBuffers
InitializeCriticalSectionAndSpinCount
SetFilePointer
WriteConsoleA
GetConsoleOutputCP
FindFirstFileA
HeapSize
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
GetCurrentProcessId
SetEndOfFile
SetEnvironmentVariableA
CompareStringW
CompareStringA
WriteConsoleW
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
ReadFile
ExitProcess
GetConsoleMode
GetConsoleCP
WriteFile
VirtualAlloc
InterlockedIncrement
InterlockedExchange
HeapFree
GetProcessHeap
GetSystemTimeAsFileTime
RtlUnwind
HeapAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
HeapReAlloc
GetCommandLineA
GetStartupInfoA
LCMapStringA
LCMapStringW
GetCPInfo
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetACP
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
SetHandleCount
GetStdHandle
GetFileType
HeapCreate
VirtualFree

user32

wsprintfA
FindWindowA
PostMessageA

advapi32

RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegCreateKeyExA
RegisterEventSourceA
ReportEventA
DeregisterEventSource
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
SetServiceStatus

ole32

OleInitialize
OleUninitialize

oleaut32

VariantClear

Sections

.text
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b88275541956d5d5f420e69ffd6dda2b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

Sections

.text Size: 101KB - Virtual size: 100KB

.rdata Size: 18KB - Virtual size: 17KB

.data Size: 6KB - Virtual size: 13KB

.rsrc Size: 1024B - Virtual size: 824B

.text
Size: 101KB - Virtual size: 100KB

.rdata
Size: 18KB - Virtual size: 17KB

.data
Size: 6KB - Virtual size: 13KB

.rsrc
Size: 1024B - Virtual size: 824B