1eebea1d327d5b32b210f09d5ff91fb6

Sharing

Copy URL Twitter E-mail

General

Target

1eebea1d327d5b32b210f09d5ff91fb6
Size

281KB
MD5

1eebea1d327d5b32b210f09d5ff91fb6
SHA1

abf9383e5b776a76e0450fe78e4557899bec0fa1
SHA256

39275a713c271b2be1c2d596495a29fa2ec2f9d1159ffe057c2da761c1297a26
SHA512

916334edeea2d30596de0e9a90117170d45b5f5830380a3b11d05cbb82f8abf315a9856ec2fca8c2c344facd575169872c2477232bf2d81577cc6e2277c6a28f
SSDEEP

6144:5+87CQnGPfW94emS8c3xkvAJ01Gzza7aaner+unnA:s8Wg14jS53S801Gz+unnA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1eebea1d327d5b32b210f09d5ff91fb6

Files

1eebea1d327d5b32b210f09d5ff91fb6
.exe windows:4 windows x86 arch:x86

fda72af611398e2be95b3687f99c2bf0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExW
GetWindowsDirectoryW
CreateProcessW
SetLastError
GetModuleHandleW
MulDiv
GetSystemTimeAsFileTime
GetCurrentThreadId
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateEventW
CloseHandle
FreeLibrary
LocalFree
GlobalFree
GlobalAlloc
OpenProcess
GetComputerNameW
ExpandEnvironmentStringsA
CreateMutexW
GetProcAddress

user32

InflateRect
DrawStateW
ScreenToClient
IsWindow
GetFocus
LoadCursorW
SetCursor
ReleaseCapture
PtInRect
SetCapture
GetIconInfo
SetRect
RedrawWindow
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
IsRectEmpty
SystemParametersInfoW
GetCursorPos
IntersectRect
InvertRect
PostMessageW
GetCapture
DefWindowProcW
GetClassInfoW
GetKeyState
GetMessagePos
ClipCursor
IsWindowVisible
EnableWindow
DrawIconEx
SetRectEmpty
FillRect
GetWindowRect
GetDC
ReleaseDC
LoadImageW
GetSystemMetrics
ModifyMenuW
GetSystemMenu
SetTimer
KillTimer
SetForegroundWindow
SendMessageW
LoadIconW
InvalidateRect
DestroyIcon
PostQuitMessage
CopyRect
GetParent
SetWindowLongW
CreatePopupMenu
AppendMenuW
ClientToScreen
WindowFromPoint
GetDoubleClickTime
CopyIcon
FrameRect
DrawEdge
DispatchMessageW
TranslateMessage
PeekMessageW
GetSysColor
GetClientRect
UpdateWindow
LoadStringW

gdi32

GetObjectW
GetTextExtentPoint32W
GetCurrentObject
GetTextMetricsW
CreatePatternBrush
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
CreateRectRgn
CreateCompatibleBitmap
CreateHalftonePalette
CreatePalette
GetDIBColorTable
BitBlt
RealizePalette
GetDeviceCaps
SetPixel
GetPixel
RoundRect
CreatePen
StretchBlt
PatBlt
CreateCompatibleDC
SelectObject
CreateSolidBrush
CreateFontIndirectW
DeleteObject
GetStockObject

shell32

ShellExecuteW

advapi32

RegQueryValueExW
RegOpenKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW
RegOpenKeyExA
RegQueryValueExA
GetSecurityInfo
GetSecurityDescriptorDacl
GetUserNameW
BuildExplicitAccessWithNameW
SetEntriesInAclW
SetSecurityInfo
CreateProcessAsUserW
GetTokenInformation
LookupAccountSidW
RegCloseKey
OpenProcessToken

comctl32

_TrackMouseEvent

msoert2

PszAllocA

dpnet

DirectPlay8Create
DllCanUnloadNow
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vD
Size: 512B - Virtual size: 763B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ZCOOpe
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.HH
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.EUOaJT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.EfJ
Size: 131KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xVuq
Size: 512B - Virtual size: 402B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eHi
Size: 512B - Virtual size: 474B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.VoF
Size: 81KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fda72af611398e2be95b3687f99c2bf0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

msoert2

dpnet

Sections

.text Size: 26KB - Virtual size: 25KB

.vD Size: 512B - Virtual size: 763B

.rdata Size: 4KB - Virtual size: 3KB

.ZCOOpe Size: 2KB - Virtual size: 1KB

.HH Size: 1KB - Virtual size: 1KB

.EUOaJT Size: 1KB - Virtual size: 1KB

.EfJ Size: 131KB - Virtual size: 203KB

.xVuq Size: 512B - Virtual size: 402B

.eHi Size: 512B - Virtual size: 474B

.data Size: 7KB - Virtual size: 42KB

.VoF Size: 81KB - Virtual size: 172KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 26KB - Virtual size: 25KB

.vD
Size: 512B - Virtual size: 763B

.rdata
Size: 4KB - Virtual size: 3KB

.ZCOOpe
Size: 2KB - Virtual size: 1KB

.HH
Size: 1KB - Virtual size: 1KB

.EUOaJT
Size: 1KB - Virtual size: 1KB

.EfJ
Size: 131KB - Virtual size: 203KB

.xVuq
Size: 512B - Virtual size: 402B

.eHi
Size: 512B - Virtual size: 474B

.data
Size: 7KB - Virtual size: 42KB

.VoF
Size: 81KB - Virtual size: 172KB

.rsrc
Size: 24KB - Virtual size: 23KB