13eff4efdc3f0dfce6ab0f9c347eeae2

Sharing

Copy URL

Twitter E-mail

General

Target

13eff4efdc3f0dfce6ab0f9c347eeae2
Size

102KB
MD5

13eff4efdc3f0dfce6ab0f9c347eeae2
SHA1

17cf998df3694956e89842515803f67f47727cdd
SHA256

16e1099765cca0ab555266dd095f200612217bd86db044d0c8a229a8c1f3d610
SHA512

c639513633ae45458b5dd1c1e3bbd7d2f7afbf23b18f59a83ff58028ebd2fc00afd1fc00a48d909b35ecf331102cf86a683c06321b65ec91306934c6cc8d263e
SSDEEP

1536:oEBFayceEurTR5O3tIAGk59vis1GbwUcstuWdQkPw:oEBYetXR03tIAv5fgwUxlQ+w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
13eff4efdc3f0dfce6ab0f9c347eeae2

Files

13eff4efdc3f0dfce6ab0f9c347eeae2
.exe windows:4 windows x86 arch:x86

28e05b5bc595f5f5fda1319a2fbc7445

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ord704
ord411
ord247
ord613
ord578
ord395
ord254
ord351
ord431
ord784
ord336
ord334
ord895
ord240
ord239
ord856
ord316
ord839
ord408
ord875
ord878
ord517
ord930
ord928
ord501
ord498
ord509
ord565
ord564
ord435
ord432
ord76
ord398
ord337
ord372
ord183
ord109
ord374
ord709
ord429
ord457
ord266
ord50
ord948
ord80
ord475
ord942
ord525
ord519
ord881
ord476
ord913
ord404
ord588
ord939
ord908
ord584
ord831
ord515
ord521

user32

ord57
ord599
ord572
ord555
ord490
ord14
ord444
ord201
ord350
ord269
ord477
ord710
ord567
ord275
ord60
ord197
ord274
ord199
ord420
ord227
ord256
ord595
ord729
ord446
ord659
ord596
ord159
ord635
ord404
ord435
ord373
ord457
ord253
ord363
ord641
ord326
ord97
ord83
ord86
ord156
ord347
ord367
ord28
ord179

gdi32

ord406
ord535
ord222
ord466
ord462
ord72
ord81
ord144
ord45
ord64
ord422
ord411
ord51
ord46
ord527
ord543
ord569
ord586
ord19
ord141
ord284

comdlg32

ord110

winmm

ord201
ord207
ord206
ord186

comctl32

ord5
ord17
ord16

gifencode

ord1
ord4
ord5
ord3
ord2

svdvideo

ord83
ord100
ord82
ord87
ord84
ord75

mpegsys

ord46

mmxaudio

ord79
ord82

facehelp

ord33
ord37
ord22
ord21
ord20
ord15
ord17
ord35
ord34
ord6
ord9
ord8
ord7
ord29
ord32
ord11
ord13
ord12
ord30
ord25
ord1

Sections

.text
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

XOR
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

28e05b5bc595f5f5fda1319a2fbc7445

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winmm

comctl32

gifencode

svdvideo

mpegsys

mmxaudio

facehelp

Sections

.text Size: 48KB - Virtual size: 45KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 12KB - Virtual size: 19KB

.rsrc Size: 32KB - Virtual size: 29KB

XOR Size: 2KB - Virtual size: 2KB

.text
Size: 48KB - Virtual size: 45KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 19KB

.rsrc
Size: 32KB - Virtual size: 29KB

XOR
Size: 2KB - Virtual size: 2KB