15de8e7ee6ac73a70d62be16d256817c

Sharing

Copy URL Twitter E-mail

General

Target

15de8e7ee6ac73a70d62be16d256817c
Size

1.1MB
MD5

15de8e7ee6ac73a70d62be16d256817c
SHA1

9b30f949533da651f42b08f6eb787aa5b06fc6bf
SHA256

778dd2d54d394b1ac9e11c3fbfab3fe8094bb400fa3b5730e98a1cedfdc11079
SHA512

359e01f5cea0fea1b88c2d89a62c343f791d3786e222dd7f2696c08ab8f23a79487ecf454ddc4ef358bcb6bb139309d878edb34e2aef13b5cdf34b0d31dc9bd9
SSDEEP

6144:3K6cyPiWCgknQ/HuyIzuTVzsMM56519p+6yTOK1hXzYmYCrQx65fc:3M+ZdkmHubeaCo66JJ5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15de8e7ee6ac73a70d62be16d256817c

Files

15de8e7ee6ac73a70d62be16d256817c
.exe windows:4 windows x86 arch:x86

190c23d52f3d8e4f3b5b684edfff6cff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
WritePrivateProfileStringW
WaitForMultipleObjects
TerminateProcess
Sleep
ReadProcessMemory
OpenProcess
LoadLibraryW
LeaveCriticalSection
InitializeCriticalSection
GetWindowsDirectoryW
GetVersionExW
GetTempPathW
WriteProcessMemory
VirtualProtect
OutputDebugStringW
OpenMutexW
MulDiv
IsBadReadPtr
HeapDestroy
HeapCreate
GlobalUnlock
GlobalSize
GlobalHandle
GlobalLock
GlobalFree
GlobalAlloc
GetTickCount
GetSystemInfo
GetProcAddress
GetPrivateProfileStringW
GetLastError
GetCurrentThreadId
GetCurrentProcess
InterlockedIncrement
InterlockedExchangeAdd
InterlockedExchange
InterlockedDecrement
InterlockedCompareExchange
FreeLibrary
FormatMessageW
FlushInstructionCache
EnterCriticalSection
DeleteCriticalSection
CreateMutexW
CloseHandle
VirtualAlloc

user32

DialogBoxParamW
GetDesktopWindow
IsDlgButtonChecked
GetDlgItem
EnableWindow
EndDialog
SetFocus
MessageBoxW
LoadStringW
LoadIconA

gdi32

TextOutA
StartPage
StartDocA
SetTextColor
SetMapMode
SetBkMode
SetBkColor
SelectObject
SelectClipRgn
MoveToEx
LineTo
GetTextMetricsW
GetTextFaceA
GetTextExtentPoint32A
GetStockObject
GetRgnBox
GetObjectW
GetDeviceCaps
GdiFlush
EndPage
EndDoc
DeleteObject
DeleteDC
CreateSolidBrush
CreateRectRgnIndirect
CreatePen
CreateFontA
CreateFontW
CreateDIBSection
CreateDCW
CreateCompatibleDC
CombineRgn
BitBlt
GetEnhMetaFileA
GetEnhMetaFileW

advapi32

RegOpenKeyW

Sections

.text
Size: 366KB - Virtual size: 365KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 607KB - Virtual size: 607KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

t1tta24
Size: 512B - Virtual size: 501B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t1tta23
Size: 512B - Virtual size: 501B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t1tta22
Size: 512B - Virtual size: 501B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t1tta21
Size: 512B - Virtual size: 501B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t1tta20
Size: 512B - Virtual size: 501B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t1tta19
Size: 512B - Virtual size: 501B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t1tta9
Size: 512B - Virtual size: 501B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t1tta8
Size: 512B - Virtual size: 501B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t1tta7
Size: 512B - Virtual size: 501B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t1tta6
Size: 512B - Virtual size: 501B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t1tta5
Size: 512B - Virtual size: 501B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t1tta4
Size: 512B - Virtual size: 501B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t1tta3
Size: 512B - Virtual size: 501B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t1tta2
Size: 512B - Virtual size: 501B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t1tta
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

190c23d52f3d8e4f3b5b684edfff6cff

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 366KB - Virtual size: 365KB

.rdata Size: 607KB - Virtual size: 607KB

t1tta24 Size: 512B - Virtual size: 501B

t1tta23 Size: 512B - Virtual size: 501B

t1tta22 Size: 512B - Virtual size: 501B

t1tta21 Size: 512B - Virtual size: 501B

t1tta20 Size: 512B - Virtual size: 501B

t1tta19 Size: 512B - Virtual size: 501B

t1tta9 Size: 512B - Virtual size: 501B

t1tta8 Size: 512B - Virtual size: 501B

t1tta7 Size: 512B - Virtual size: 501B

t1tta6 Size: 512B - Virtual size: 501B

t1tta5 Size: 512B - Virtual size: 501B

t1tta4 Size: 512B - Virtual size: 501B

t1tta3 Size: 512B - Virtual size: 501B

t1tta2 Size: 512B - Virtual size: 501B

t1tta Size: 99KB - Virtual size: 98KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 26KB - Virtual size: 26KB

.text
Size: 366KB - Virtual size: 365KB

.rdata
Size: 607KB - Virtual size: 607KB

t1tta24
Size: 512B - Virtual size: 501B

t1tta23
Size: 512B - Virtual size: 501B

t1tta22
Size: 512B - Virtual size: 501B

t1tta21
Size: 512B - Virtual size: 501B

t1tta20
Size: 512B - Virtual size: 501B

t1tta19
Size: 512B - Virtual size: 501B

t1tta9
Size: 512B - Virtual size: 501B

t1tta8
Size: 512B - Virtual size: 501B

t1tta7
Size: 512B - Virtual size: 501B

t1tta6
Size: 512B - Virtual size: 501B

t1tta5
Size: 512B - Virtual size: 501B

t1tta4
Size: 512B - Virtual size: 501B

t1tta3
Size: 512B - Virtual size: 501B

t1tta2
Size: 512B - Virtual size: 501B

t1tta
Size: 99KB - Virtual size: 98KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 26KB - Virtual size: 26KB