msEcho32[.]exe

General

Target

msEcho32.exe
Size

44KB
MD5

ed4e52ad39139423133bb49c697689d7
SHA1

1abb15356364a1e84686c8760288b77c67e7e0b5
SHA256

d62fa4d9ad5cded8a0e45b12c4a7c0659396391715fed322b786fc61bef35079
SHA512

dc40f5cf62172d817e71ce6c3dfd2135b2b272935d33116ce9c22ccaf9299163f9beeb17649e1efacc0c802011b7b2569e03f8ae00d51ed02d05b0a6a2ecf101
SSDEEP

384:WcxJWYOEW4izAmBsGCyrjxmlxc3yyA1iqarh6oIKWI7aP:xo4QAHGFNyF1x8h6opWh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
msEcho32.exe

Files

msEcho32.exe
.exe windows:4 windows x86

5638ae26c5ac3f285e7a536d279012e6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WritePrivateProfileStringA
GetPrivateProfileIntA
InterlockedDecrement
InterlockedIncrement
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
GetProcAddress
HeapReAlloc
VirtualAlloc
HeapAlloc
GetOEMCP
GetACP
GetCPInfo
WriteFile
RtlUnwind
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
ExitProcess
GetVersion
GetStringTypeW
GetModuleHandleA
GetStartupInfoA
GetCommandLineA

user32

EndDialog
DialogBoxParamA
PostMessageA
RegisterWindowMessageA
SetDlgItemInt
SetDlgItemTextA
SetScrollPos
SetScrollRange
GetDlgItem
SetWindowPos
SetWindowTextA
SendDlgItemMessageA
LoadBitmapA
MessageBoxA
SendMessageA
GetWindowLongA
SetClassLongA
LoadIconA
wsprintfA

mshare32

MidiClose
MidiGetName
MidiSetName
MidiConnect
MidiSetRcvAlarm
MidiOpen
MidiShare
MidiTask
MidiFreeEv
MidiGetEv
MidiSendAt
MidiCopyEv
MidiGetVersion

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.global
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5638ae26c5ac3f285e7a536d279012e6

Headers

File Characteristics

Imports

kernel32

user32

mshare32

Sections

.text Size: 16KB - Virtual size: 13KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 2KB

.global Size: 4KB - Virtual size: 4B

.rsrc Size: 12KB - Virtual size: 10KB

.text
Size: 16KB - Virtual size: 13KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 2KB

.global
Size: 4KB - Virtual size: 4B

.rsrc
Size: 12KB - Virtual size: 10KB