e467d8b3be671410ea554a41437e1b3c

Sharing

Copy URL Twitter E-mail

General

Target

e467d8b3be671410ea554a41437e1b3c
Size

392KB
MD5

e467d8b3be671410ea554a41437e1b3c
SHA1

ec2470e5a8c21169b1bf90fc9227ca7759611bff
SHA256

81e6e0360bd044e4a07dd5b384a16851884849a7c08d82d7fd2aae4e60d1ceba
SHA512

48fbdf501a73fc364128701601360eabcc25ef2bc9acedf63e7714c5064b6833f48fb877613b56f9354c778583d063891645a98f167c3b44a60ee3e7f4b96d70
SSDEEP

6144:4/rhmGkIToBF1O9J/pYaDJe/RGC9+CTeY0gXKAGg37:a2IEjI/WiJcvLT0Du

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e467d8b3be671410ea554a41437e1b3c

Files

e467d8b3be671410ea554a41437e1b3c
.exe windows:5 windows x86 arch:x86

90a861ff2fabc1ad7cb0254895f37a5d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ValidateRect
GetMenuItemRect
GetAltTabInfoA
GetWindowRgnBox
GetThreadDesktop
RegisterClassA
DefWindowProcW
PostMessageA
DrawMenuBar
SendDlgItemMessageA
EnableWindow
MoveWindow
BeginPaint
LoadIconA
wsprintfW
IsRectEmpty
LoadCursorA
CallWindowProcA
IsCharLowerA
GetClipboardFormatNameA
IsDlgButtonChecked

shell32

SHBrowseForFolderW

ole32

OleCreateMenuDescriptor
OleDestroyMenuDescriptor
ReleaseStgMedium
OleInitialize

advapi32

RegDeleteValueW

gdi32

Rectangle
CreatePen
GetCharWidthW

crypt32

CryptHashToBeSigned

comctl32

ord17

netapi32

NetSetPrimaryComputerName

kernel32

GetStringTypeW
GetStringTypeA
LCMapStringW
GetLocaleInfoA
MultiByteToWideChar
HeapSize
RtlUnwind
HeapReAlloc
GetOEMCP
GetACP
GetCPInfo
InitializeCriticalSection
LoadLibraryA
Sleep
VirtualAlloc
GetProcAddress
IsDebuggerPresent
SetUnhandledExceptionFilter
EncodePointer
HeapAlloc
HeapCreate
LCMapStringA
GetCommandLineA
FormatMessageW
GetFileAttributesW
VirtualFree
GetFileType
FindNextFileA
GlobalAlloc
LoadLibraryExA
FileTimeToLocalFileTime
VirtualProtect
GetExitCodeThread
CompareFileTime
VirtualAllocEx
GetDateFormatA
VirtualProtectEx
HeapFree
GetVersionExA
GetProcessHeap
GetStartupInfoA
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
TerminateProcess
GetCurrentProcess

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 188KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

90a861ff2fabc1ad7cb0254895f37a5d

Headers

DLL Characteristics

File Characteristics

Imports

user32

shell32

ole32

advapi32

gdi32

crypt32

comctl32

netapi32

kernel32

Sections

.text Size: 68KB - Virtual size: 67KB

.data Size: 134KB - Virtual size: 133KB

.rsrc Size: 188KB - Virtual size: 268KB

.text
Size: 68KB - Virtual size: 67KB

.data
Size: 134KB - Virtual size: 133KB

.rsrc
Size: 188KB - Virtual size: 268KB