eudcedit[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

eudcedit.exe
Size

372KB
MD5

118861b6becbb9750a8f4e020114a798
SHA1

80e6ae8a6e7e496342b447f009a0c416d3985774
SHA256

55ecca79f29b88c4b2a80e23681cdaa732da1e10aa754792226b0bd74256e1ab
SHA512

22f140a9e7edeb8993ac83e554c2ca3ab21e28c571bae0a7f04f32d43f559d49507d1afdec53ca09867a0f90a1378b47332d41de2e71eab71537f2b38b9e5379
SSDEEP

6144:ZG1o69P2+fqcdVm1Tid4e1qFjJDX/hQIwi70CUi1PZSqtYV:ZEo69P2+fq5LtN/hQIF7tX13tY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eudcedit.exe

Files

eudcedit.exe
.exe windows:10 windows x64 arch:x64

dce88ffca518310aa0a46b0b79160153

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

comdlg32

GetOpenFileNameW
ChooseFontW
GetSaveFileNameW

comctl32

InitCommonControlsEx

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW
ShellAboutW

gdi32

CreateSolidBrush
GetObjectW
GetTextExtentPoint32W
DeleteDC
CreateCompatibleDC
CreateBitmap
GetStockObject
GetBitmapBits
SetBitmapBits
BitBlt
StretchBlt
Rectangle
CreateCompatibleBitmap
PatBlt
CreatePolygonRgn
CreatePen
Ellipse
GetRgnBox
FillRgn
GetTextExtentExPointW
TranslateCharsetInfo
GetTextExtentPoint32A
ExtTextOutA
ExtTextOutW
OffsetRgn
GetTextMetricsW
GetLayout
DeleteObject
SetBkColor
SetTextColor
GetTextExtentPointW
EnumFontFamiliesW
EnableEUDC
CreateFontIndirectW
SelectObject
GetFontData

imm32

ImmConfigureIMEW
ImmSetConversionStatus
ImmSetCompositionStringW
ImmAssociateContext
ImmEscapeW
ImmIsIME
ImmGetCompositionStringW
ImmEnumRegisterWordW
ImmDestroyContext
ImmGetConversionStatus
ImmCreateContext
ImmRegisterWordW

ole32

CoInitialize
CoCreateInstance

msctf

TF_CreateInputProcessorProfiles
TF_CreateThreadMgr

oleaut32

SysAllocString
SysFreeString

advapi32

RegSetValueExW
EventRegister
EventSetInformation
EventWriteTransfer
RegOpenKeyExW
RegQueryValueExW
RegEnumValueW
RegCreateKeyExW
RegDeleteValueW
RegCloseKey
EventUnregister

kernel32

TerminateProcess
GetSystemTimeAsFileTime
QueryPerformanceCounter
MultiByteToWideChar
GlobalAlloc
GlobalFree
GetCurrentProcess
GlobalUnlock
lstrcmpW
lstrlenW
GetACP
GetProcAddress
GetModuleHandleW
WideCharToMultiByte
GetTickCount
GetSystemWindowsDirectoryW
lstrcmpiW
CreateFileW
CloseHandle
lstrcmpA
CompareStringW
GetTempPathW
GetTempFileNameW
MoveFileExW
CreateFileMappingW
MapViewOfFile
GetFileSize
SetUnhandledExceptionFilter
WriteFile
FormatMessageW
GetCurrentThreadId
HeapAlloc
GetProcessHeap
HeapFree
GetModuleHandleExW
GetModuleFileNameA
DebugBreak
GetLastError
IsDebuggerPresent
OutputDebugStringW
SetLastError
ReleaseSemaphore
ReleaseMutex
WaitForSingleObjectEx
LocalAlloc
WaitForSingleObject
OpenSemaphoreW
LocalFree
LocalLock
LocalUnlock
InitOnceBeginInitialize
GetCurrentProcessId
CreateMutexExW
InitOnceComplete
CreateSemaphoreExW
ReadFile
SetFilePointer
HeapSetInformation
RegisterApplicationRestart
DeleteFileW
GetSystemDefaultLCID
MoveFileW
ExpandEnvironmentStringsW
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
Sleep
GetStartupInfoW
UnmapViewOfFile
RtlCaptureContext
GlobalLock

user32

DrawMenuBar
DeleteMenu
IsIconic
IsZoomed
IsWindowVisible
SetRectEmpty
GetDialogBaseUnits
SetWindowLongW
DispatchMessageW
TranslateMessage
PeekMessageW
GetSystemMetrics
SetActiveWindow
GetCapture
GetActiveWindow
SetForegroundWindow
FindWindowW
ShowScrollBar
ReleaseCapture
SetCapture
EqualRect
OffsetRect
InvertRect
ScreenToClient
GetCursorPos
UnionRect
CopyRect
SetClipboardData
EmptyClipboard
SetRect
EnumClipboardFormats
CloseClipboard
GetClipboardData
OpenClipboard
RegisterClipboardFormatW
LoadMenuW
ClientToScreen
IntersectRect
FillRect
GetClientRect
UpdateWindow
LoadIconW
EnableScrollBar
SetScrollInfo
DefWindowProcW
PostMessageW
GetWindow
GetWindowRect
GetDC
MessageBoxW
SetWindowLongPtrW
HideCaret
CreateWindowExW
SendMessageW
EndDialog
SetWindowTextW
MessageBeep
GetWindowLongPtrW
RegisterClassExW
LoadStringW
SetCaretPos
CreateCaret
GetKeyboardLayout
GetSysColor
PtInRect
SetFocus
LoadCursorW
DestroyCaret
GetDlgItem
ActivateKeyboardLayout
ShowCaret
DrawEdge
GetClassInfoExW
GetParent
IsWindow
GetDlgItemTextW
DrawIcon
SetDlgItemTextW
SetCursor
IsWindowEnabled
GetKeyboardLayoutList
GetWindowTextW
EnableWindow
EndPaint
BeginPaint
ReleaseDC
InvalidateRect
DialogBoxParamW

mfc42u

ord1584
ord5887
ord2975
ord1471
ord822
ord3741
ord4741
ord2585
ord6636
ord4456
ord2087
ord1448
ord4122
ord2406
ord5523
ord5526
ord3481
ord1316
ord2921
ord4463
ord2397
ord5706
ord4785
ord5677
ord4775
ord6102
ord1966
ord5091
ord4759
ord4852
ord6841
ord6842
ord5444
ord4623
ord4424
ord3648
ord4363
ord6379
ord6253
ord4459
ord2136
ord2145
ord2497
ord2643
ord2644
ord4454
ord4806
ord2100
ord1053
ord647
ord428
ord4570
ord1857
ord2596
ord6556
ord2535
ord4706
ord4345
ord5838
ord4422
ord2404
ord5506
ord1716
ord1723
ord4749
ord5656
ord6806
ord5701
ord5680
ord2455
ord6457
ord6612
ord6455
ord3638
ord2089
ord4803
ord2133
ord4014
ord1036
ord613
ord4589
ord1931
ord3920
ord6110
ord337
ord852
ord1774
ord6801
ord2425
ord6440
ord4365
ord1778
ord4746
ord5663
ord2399
ord5586
ord6812
ord4694
ord5712
ord4017
ord5229
ord4789
ord2670
ord2060
ord6814
ord3933
ord5484
ord1736
ord5683
ord2457
ord2140
ord5699
ord3049
ord3243
ord3362
ord4815
ord3231
ord3366
ord3052
ord3166
ord3046
ord3535
ord4082
ord4083
ord4077
ord3164
ord4371
ord4988
ord4770
ord3805
ord1067
ord665
ord911
ord626
ord1040
ord5077
ord4473
ord6614
ord6660
ord6147
ord4548
ord1441
ord1463
ord6351
ord2665
ord3177
ord2661
ord4557
ord2898
ord3742
ord2408
ord2427
ord1574
ord286
ord3830
ord3790
ord1647
ord2900
ord2517
ord3761
ord4771
ord5702
ord4752
ord1777
ord6437
ord5406
ord5687
ord6328
ord5245
ord3183
ord4721
ord4544
ord2595
ord3820
ord2449
ord1856
ord4569
ord1650
ord1537
ord2112
ord4807
ord4612
ord310
ord826
ord1646
ord6127
ord3783
ord427
ord3740
ord336
ord851
ord3879
ord890
ord2463
ord2461
ord2420
ord3862
ord6131
ord6130
ord525
ord984
ord6577
ord5443
ord2393
ord6138
ord6243
ord6133
ord4621
ord4442
ord6511
ord2906
ord6832
ord5815
ord6880
ord6821
ord5804
ord4774
ord2456
ord5676
ord4784
ord1674
ord2671
ord5705
ord2396
ord5659
ord4364
ord4462
ord2919
ord2920
ord3536
ord5839
ord1317
ord5420
ord3482
ord4633
ord4817
ord5525
ord5521
ord3141
ord2405
ord2750
ord5522
ord2422
ord2023
ord4542
ord2589
ord4743
ord3751
ord832
ord3894
ord1035
ord6632
ord4598
ord4800
ord1063
ord659
ord1499
ord6510
ord2752
ord5065
ord3681
ord1122
ord3682
ord620
ord3916
ord4983
ord6053
ord5711
ord5730
ord4368
ord5724
ord5722
ord3468
ord2412
ord5615
ord1388
ord4191
ord6071
ord2515
ord2559
ord4836
ord6813
ord1825
ord4599
ord3774
ord867
ord6522
ord6407
ord6524
ord6603
ord6238

msvcrt

__wgetmainargs
__set_app_type
exit
_exit
_cexit
__setusermatherr
_initterm
__C_specific_handler
_wcmdln
_fmode
_commode
?terminate@@YAXXZ
??1type_info@@UEAA@XZ
_lock
_unlock
__dllonexit
_onexit
wcstok
memcpy
_amsg_exit
_XcptFilter
_callnewh
qsort
wcsstr
wcschr
wcstol
_wtoi
??0exception@@QEAA@XZ
_vsnprintf_s
memcpy_s
??0exception@@QEAA@AEBV0@@Z
??1exception@@UEAA@XZ
malloc
memcmp
_CxxThrowException
_vsnwprintf
free
wcsrchr
__CxxFrameHandler4
memset

Sections

.text
Size: 196KB - Virtual size: 193KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 96KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dce88ffca518310aa0a46b0b79160153

Headers

DLL Characteristics

File Characteristics

Imports

comdlg32

comctl32

shell32

gdi32

imm32

ole32

msctf

oleaut32

advapi32

kernel32

user32

mfc42u

msvcrt

Sections

.text Size: 196KB - Virtual size: 193KB

.rdata Size: 60KB - Virtual size: 58KB

.data Size: 4KB - Virtual size: 16KB

.pdata Size: 8KB - Virtual size: 7KB

.rsrc Size: 96KB - Virtual size: 93KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 196KB - Virtual size: 193KB

.rdata
Size: 60KB - Virtual size: 58KB

.data
Size: 4KB - Virtual size: 16KB

.pdata
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 96KB - Virtual size: 93KB

.reloc
Size: 4KB - Virtual size: 3KB