6e1b97d01d6a6da04d68e7b1766b9fc3

Sharing

Copy URL Twitter E-mail

General

Target

6e1b97d01d6a6da04d68e7b1766b9fc3
Size

94KB
MD5

6e1b97d01d6a6da04d68e7b1766b9fc3
SHA1

d966a423c4038e08ce37830f177f7fea72aa37bf
SHA256

50fe2f8d233e561a0f0c869dbd312ac56a5a8c88edbc24179f67008123bfeaca
SHA512

8c29c1dda666703826bbd4735aaa32c8e33cb066473426440e004b64feafd66d015bb806a844e352e2db4139afb2c09b788428cf9c756ef6c1baa6c71123eb67
SSDEEP

1536:gg57/LTTY55PDL/7TVNwSVuYnV68lfodiSsHSdCM0ssRy/2EMbUiKykhZ8t5XFEN:d4DT/ViStnV73EsRy/2pjkhqt5XFEunW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ljepa/karla.exe

Files

6e1b97d01d6a6da04d68e7b1766b9fc3
.rar
ljepa/Desktop.ini
ljepa/karla.exe
.exe windows:4 windows x86 arch:x86

87d6c9117fed6e89f3b733ac00ac6083

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CompareStringW
CopyFileA
CreateEventA
CreateFileA
CreateProcessA
DeleteCriticalSection
DeleteFileA
EnterCriticalSection
ExitProcess
ExpandEnvironmentStringsA
FileTimeToDosDateTime
FindNextFileW
FlushFileBuffers
FormatMessageA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeResource
GetConsoleOutputCP
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentThreadId
GetDriveTypeA
GetExitCodeProcess
GetFileAttributesW
GetFileSize
GetModuleFileNameW
GetProcessHeap
GetStringTypeA
GetSystemDirectoryW
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetTempPathA
GetThreadLocale
GetWindowsDirectoryA
GlobalDeleteAtom
GlobalFindAtomA
GlobalUnlock
HeapCreate
HeapDestroy
HeapFree
InterlockedExchange
InterlockedIncrement
IsBadWritePtr
IsDBCSLeadByte
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryW
LoadResource
LocalAlloc
OpenProcess
RaiseException
ResumeThread
RtlUnwind
SetCurrentDirectoryA
SetEvent
SetStdHandle
SetThreadLocale
SizeofResource
TerminateThread
TlsAlloc
TlsFree
TlsSetValue
UnmapViewOfFile
VirtualAlloc
VirtualQuery
WaitForMultipleObjects
WideCharToMultiByte
lstrcatA
lstrcmpiA

user32

AdjustWindowRectEx
BeginPaint
CharNextA
ClientToScreen
CloseClipboard
CreateMenu
CreateWindowExA
DeleteMenu
DestroyIcon
DialogBoxParamA
DrawEdge
DrawFrameControl
DrawIconEx
DrawMenuBar
DrawTextA
EmptyClipboard
EnableMenuItem
EnableWindow
EndPaint
EqualRect
FillRect
GetActiveWindow
GetClassInfoA
GetClassNameA
GetDC
GetForegroundWindow
GetKeyState
GetKeyboardType
GetMenuItemCount
GetMenuItemID
GetMenuStringA
GetMessagePos
GetScrollInfo
GetScrollPos
GetScrollRange
GetSysColorBrush
GetSystemMenu
GetTopWindow
GetWindow
GetWindowPlacement
IsIconic
IsWindow
IsWindowEnabled
LoadIconA
MapWindowPoints
OemToCharA
OffsetRect
PostMessageA
PostQuitMessage
PtInRect
RedrawWindow
RegisterClipboardFormatA
ReleaseCapture
RemoveMenu
SetClassLongA
SetClipboardData
SetFocus
SetScrollPos
SetScrollRange
SetTimer
SetWindowPlacement
SetWindowTextA
SetWindowsHookExA
ShowCursor
ShowOwnedPopups
ShowWindow
UnhookWindowsHookEx
UnregisterClassA
UpdateWindow
WaitMessage
WindowFromPoint
wsprintfA

gdi32

AddFontResourceA
BitBlt
CreateDIBPatternBrushPt
CreateDIBitmap
CreateEllipticRgn
CreateEnhMetaFileA
CreateFontA
CreateFontIndirectA
CreateHatchBrush
CreateICA
CreatePolygonRgn
CreateRectRgnIndirect
CreateRoundRectRgn
DeleteEnhMetaFile
Ellipse
EnumFontFamiliesExA
EnumFontFamiliesExW
ExtFloodFill
ExtTextOutW
FillPath
FrameRgn
GdiFlush
GetBkMode
GetBrushOrgEx
GetClipBox
GetClipRgn
GetDIBits
GetEnhMetaFileBits
GetMetaFileBitsEx
GetROP2
GetTextColor
GetTextExtentExPointW
GetTextExtentPointW
GetTextFaceW
GetTextMetricsA
GetTextMetricsW
GetViewportOrgEx
GetWindowOrgEx
IntersectClipRect
LPtoDP
MoveToEx
PlayEnhMetaFile
PolyBezierTo
PolyDraw
Polyline
RectVisible
RestoreDC
SelectClipRgn
SelectPalette
SetAbortProc
SetBkMode
SetColorAdjustment
SetDIBits
SetEnhMetaFileBits
SetGraphicsMode
SetMapperFlags
SetMetaFileBitsEx
SetPixel
SetPolyFillMode
SetStretchBltMode
SetTextCharacterExtra
StretchBlt
StretchDIBits

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

87d6c9117fed6e89f3b733ac00ac6083

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 40KB - Virtual size: 40KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 86KB - Virtual size: 86KB

.rsrc Size: 22KB - Virtual size: 24KB

.text
Size: 40KB - Virtual size: 40KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 86KB - Virtual size: 86KB

.rsrc
Size: 22KB - Virtual size: 24KB