13e9d3725b9be0bee828edbf97ac7e37

Sharing

Copy URL Twitter E-mail

General

Target

13e9d3725b9be0bee828edbf97ac7e37
Size

13.2MB
MD5

13e9d3725b9be0bee828edbf97ac7e37
SHA1

fc653ddfd0636c318d1e566e2ace1dae315ee10b
SHA256

a07b1ebbf4ecfadac3a11d4f5956c81e70029a73465f521e7749130ea9a268e7
SHA512

e6afa319a952b130505dbca998063aab2271f4a65ae8f2c339d8e04ab5d3964e21bbf691e42b9c3d8ed424653898f5eefb95abced32ad7624e82ac69d07fcd66
SSDEEP

6144:ggQR78K60YUjRUVxnYbZ4mrccKS0jF02HSLmDX:r4LYUjRaYd4mABlRHS8X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
13e9d3725b9be0bee828edbf97ac7e37

Files

13e9d3725b9be0bee828edbf97ac7e37
.exe windows:5 windows x86 arch:x86

a98e8a332f8ce452115dc3defb8cd314

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToDosDateTime
HeapReAlloc
GetNativeSystemInfo
CopyFileExW
TlsGetValue
GetStringTypeA
InterlockedIncrement
GetCommState
ReadConsoleA
GetNamedPipeHandleStateA
CreateDirectoryW
GlobalLock
SetHandleInformation
GetProfileStringW
CancelWaitableTimer
FreeEnvironmentStringsA
GetPrivateProfileStringW
GetCommandLineA
GlobalAlloc
LoadLibraryW
TerminateThread
GetSystemWindowsDirectoryA
VerifyVersionInfoA
EnumResourceLanguagesA
IsDBCSLeadByte
GetCompressedFileSizeA
GetSystemDirectoryA
lstrlenW
SetThreadPriority
GetStartupInfoW
WritePrivateProfileStringW
GetPrivateProfileIntW
InterlockedExchange
GetStartupInfoA
GetStdHandle
GetCPInfoExW
GetLastError
GetThreadLocale
GetProcAddress
EnterCriticalSection
CreateMemoryResourceNotification
DisableThreadLibraryCalls
LoadLibraryA
HeapLock
FindAtomA
SetSystemTime
GetOEMCP
Process32NextW
FindNextFileA
WriteProfileStringA
GetModuleHandleA
FreeEnvironmentStringsW
GetCurrentDirectoryA
GetCurrentThreadId
LocalSize
UnregisterWaitEx
LCMapStringW
CopyFileExA
GetVolumeInformationW
HeapValidate
IsBadReadPtr
RaiseException
LeaveCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleFileNameW
InterlockedDecrement
RtlUnwind
GetACP
GetCPInfo
IsValidCodePage
GetModuleHandleW
TlsAlloc
TlsSetValue
TlsFree
SetLastError
DeleteCriticalSection
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
Sleep
ExitProcess
GetModuleFileNameA
GetEnvironmentStrings
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
HeapFree
VirtualFree
WriteFile
HeapAlloc
HeapSize
VirtualAlloc
DebugBreak
OutputDebugStringA
WriteConsoleW
OutputDebugStringW
MultiByteToWideChar
GetStringTypeW
GetLocaleInfoA
LCMapStringA
InitializeCriticalSectionAndSpinCount
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointer
CloseHandle
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
CreateFileA

winhttp

WinHttpWriteData

Sections

.text
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13.0MB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a98e8a332f8ce452115dc3defb8cd314

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

winhttp

Sections

.text Size: 117KB - Virtual size: 117KB

.rdata Size: 34KB - Virtual size: 34KB

.data Size: 68KB - Virtual size: 123KB

.rsrc Size: 23KB - Virtual size: 23KB

.reloc Size: 13.0MB - Virtual size: 13KB

.text
Size: 117KB - Virtual size: 117KB

.rdata
Size: 34KB - Virtual size: 34KB

.data
Size: 68KB - Virtual size: 123KB

.rsrc
Size: 23KB - Virtual size: 23KB

.reloc
Size: 13.0MB - Virtual size: 13KB