e7d4b687f6021d16d3e62f82feef3190ee127fab14a11e9ef540c80b3e845a7c

Sharing

Copy URL Twitter E-mail

General

Target

e7d4b687f6021d16d3e62f82feef3190ee127fab14a11e9ef540c80b3e845a7c
Size

453KB
MD5

7ffb57710e7b119923d7fe0ea1e08062
SHA1

c553b79ce6168d1a45b1d6e4777ca73bb6dd7c63
SHA256

e7d4b687f6021d16d3e62f82feef3190ee127fab14a11e9ef540c80b3e845a7c
SHA512

1cc9745d85e9428105b396f0a6a7eece876a02edbeca4dc21426c85746be37288a5fcfaee73a7b0db08febe77d623e1191c7463399739adb29904a65b1cab7cc
SSDEEP

12288:ZLNGYMLeOT+lH6ixU/L+oCIJ//pbheWYwnBZ:ZJGYJJ6iMBJbhe4D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e7d4b687f6021d16d3e62f82feef3190ee127fab14a11e9ef540c80b3e845a7c

Files

e7d4b687f6021d16d3e62f82feef3190ee127fab14a11e9ef540c80b3e845a7c
.exe windows:6 windows x86

fec2eea6bfad450f6a6c93f1409dd104

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AllocateAndInitializeSid
CopySid
GetLengthSid
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

gdi32

DeleteObject
SelectObject
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
GetCurrentObject
GetDIBits
GetObjectA

shell32

ShellExecuteA

user32

LoadCursorA
DefDlgProcA
CreateDialogParamA
DestroyWindow
RegisterClassA
PostQuitMessage
DispatchMessageA
GetMessageA
GetClientRect
ReleaseDC
GetDC
GetCursorPos
GetForegroundWindow
GetCapture
GetQueueStatus
GetClipboardOwner
MapDialogRect
LoadIconA
CheckMenuRadioItem
GetDesktopWindow
SetWindowLongA
GetWindowLongA
MessageBeep
IsDialogMessageA
GetWindowRect
GetWindowTextLengthA
GetWindowTextA
SetForegroundWindow
SetActiveWindow
AppendMenuA
EnableMenuItem
CheckMenuItem
CreateMenu
SetMenu
EnableWindow
KillTimer
SetTimer
SendDlgItemMessageA
IsDlgButtonChecked
CheckRadioButton
GetDlgItemTextA
SetDlgItemTextA
GetDlgItemInt
SetDlgItemInt
GetDlgItem
EndDialog
DialogBoxParamA
SetWindowPos
MoveWindow
ShowWindow
CreateWindowExA
PostMessageA
SendMessageA
GetMessageTime
MessageBoxIndirectA
MessageBoxA

kernel32

HeapSize
CreateFileW
FlushFileBuffers
GetTimeZoneInformation
GetProcessHeap
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetStringTypeW
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
HeapReAlloc
DecodePointer
GetConsoleOutputCP
ReadConsoleW
GetConsoleMode
SetFilePointerEx
GetFileSizeEx
OutputDebugStringW
WideCharToMultiByte
MultiByteToWideChar
HeapAlloc
HeapFree
WriteConsoleW
GetModuleFileNameW
GetFileType
GetStdHandle
GetModuleHandleExW
ExitProcess
RaiseException
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetLastError
RtlUnwind
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetCurrentThreadId
TerminateProcess
CloseHandle
CreateThread
FindClose
FindFirstFileA
FindNextFileA
QueryPerformanceCounter
GetProcessTimes
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetThreadTimes
GetSystemTimeAsFileTime
GetTickCount
GetWindowsDirectoryA
GetProcAddress
GlobalMemoryStatus
GetEnvironmentVariableA
CreateFileA
DeleteFileA
ReadFile
WriteFile
GetLastError
GetTempPathA
FreeLibrary
LoadResource
LockResource
SizeofResource
FindResourceA
SetCurrentDirectoryA
GetCurrentDirectoryA
OpenProcess
LocalAlloc
LocalFree
GetLocalTime
LoadLibraryA
FormatMessageA
GetSystemDirectoryA
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetEndOfFile

Sections

.text
Size: 331KB - Virtual size: 331KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fec2eea6bfad450f6a6c93f1409dd104

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

comdlg32

gdi32

shell32

user32

kernel32

Sections

.text Size: 331KB - Virtual size: 331KB

.rdata Size: 94KB - Virtual size: 93KB

.data Size: 4KB - Virtual size: 20KB

.rsrc Size: 8KB - Virtual size: 8KB

.reloc Size: 13KB - Virtual size: 13KB

.text
Size: 331KB - Virtual size: 331KB

.rdata
Size: 94KB - Virtual size: 93KB

.data
Size: 4KB - Virtual size: 20KB

.rsrc
Size: 8KB - Virtual size: 8KB

.reloc
Size: 13KB - Virtual size: 13KB