8e34473c35b834a20f148e997c9d2aa8

Sharing

Copy URL

Twitter E-mail

General

Target

8e34473c35b834a20f148e997c9d2aa8
Size

420KB
MD5

8e34473c35b834a20f148e997c9d2aa8
SHA1

d27c261687b98741d2cd7869b2a544324f83bd68
SHA256

224e5fbfaa2f215519dc7ccb40141970ab781518dd72f7fac3f06dfc8d19d600
SHA512

d47b2ee2da69ff5e2880a4fba05c9730e449a018d50c2ae64a8f8afb47439cad4c4b3a080bd8eae6f36ccc5f6744a07c6390db692354faa0b330ee017b66eb50
SSDEEP

12288:PSsdUFScJneRmrrkIWK6eyVUCw3AyUcwPLkb:PPdaJeRMrGK6eAURDILq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e34473c35b834a20f148e997c9d2aa8

Files

8e34473c35b834a20f148e997c9d2aa8
.exe windows:4 windows x86 arch:x86

5c670a7ce4f44771feaeb979fc877885

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\EWFEE

Imports

comctl32

InitCommonControlsEx
ImageList_LoadImageA
ImageList_Merge
ImageList_AddMasked
ImageList_DragEnter

user32

VkKeyScanExW
SwapMouseButton
GetWindowWord
TrackPopupMenuEx
GetDC
SetWindowPlacement
CloseDesktop
ToUnicode
SetProcessWindowStation
TranslateAccelerator
RegisterWindowMessageA
GetAncestor
DdeAbandonTransaction
RegisterClassA
DlgDirListW
LoadMenuIndirectW
SetCursor
DragObject
DestroyAcceleratorTable
SetClassLongA
IsCharLowerW
AdjustWindowRectEx
SendIMEMessageExA
DdeConnectList
DdeQueryConvInfo
GetClassNameA
MapVirtualKeyExW
LoadMenuIndirectA
SetWindowRgn
GetMenuDefaultItem
GetDlgCtrlID
FillRect
GetClipboardFormatNameW
GetUserObjectSecurity
LoadKeyboardLayoutA
ChangeMenuW
EnumDisplayDevicesW
GetDialogBaseUnits
GetSystemMenu
CreateWindowExA
SetLastErrorEx
DdeImpersonateClient
GetWindowInfo
IsCharAlphaNumericA
DdeFreeDataHandle
GetClassWord
FindWindowExA
TrackPopupMenu
GetWindowLongA
UnionRect
MapVirtualKeyW
InSendMessageEx
LoadCursorW
CreateDialogIndirectParamA
LoadImageW
EnumDesktopsW
MonitorFromWindow
GetClassInfoExA
SetWindowsHookW
GetScrollPos
ModifyMenuW
RegisterClassExA
EnumDisplayMonitors
DrawTextA
SetCursorPos
InvalidateRgn
GetListBoxInfo
GetMenuCheckMarkDimensions
CreateIconFromResource
DrawIcon
LockWindowUpdate
CheckMenuItem
UnregisterDeviceNotification
DrawFocusRect
ReleaseCapture
CheckRadioButton
SetClassWord
IntersectRect
SetMenuItemInfoA
SetWindowTextW
CreateCursor
LoadCursorFromFileA
GetDlgItem
CharToOemA
ChildWindowFromPoint
IsChild
SendNotifyMessageW
CharToOemW
IsCharUpperA
GetMenuItemInfoA
SetThreadDesktop
EnumPropsExW
MapDialogRect
SendMessageW
GetNextDlgTabItem
GetWindowDC
UnregisterClassA

kernel32

GetStringTypeA
WaitForMultipleObjects
TlsAlloc
GetDiskFreeSpaceA
DeleteCriticalSection
GetVolumeInformationW
GetModuleHandleW
LocalHandle
GetStdHandle
TerminateThread
WriteFile
GetWindowsDirectoryA
GetProcAddress
VirtualAlloc
CompareStringA
TerminateProcess
HeapFree
GetACP
LoadModule
SetHandleCount
WideCharToMultiByte
CreateEventW
GetTimeFormatA
GlobalSize
CreateFileA
FindResourceExA
RtlFillMemory
OpenMutexA
SetFilePointer
TlsSetValue
SetCurrentDirectoryA
HeapAlloc
CompareStringW
WriteConsoleOutputW
CloseHandle
MultiByteToWideChar
EnumTimeFormatsW
HeapDestroy
FlushFileBuffers
FindFirstFileA
GetStartupInfoA
SetCurrentDirectoryW
WriteConsoleW
GlobalFindAtomW
LCMapStringA
SetConsoleCtrlHandler
CreateMutexA
EnumSystemLocalesA
SetLastError
GetTickCount
GetCurrentProcessId
RtlUnwind
GetProcessHeap
LCMapStringW
EnumResourceNamesA
GetFileType
OutputDebugStringW
LocalSize
SetThreadLocale
IsDebuggerPresent
InterlockedDecrement
GetEnvironmentStrings
WriteConsoleOutputA
GetVersionExA
IsValidCodePage
UnlockFileEx
GetNumberFormatA
GetModuleHandleA
CreateRemoteThread
GetConsoleMode
DeleteFileW
GetDriveTypeA
GetSystemTimeAsFileTime
InterlockedIncrement
InterlockedExchange
GetUserDefaultLCID
TlsFree
GetCommandLineA
LeaveCriticalSection
UnlockFile
QueryPerformanceCounter
GetLocaleInfoA
FileTimeToSystemTime
HeapReAlloc
SetUnhandledExceptionFilter
GetCurrentThread
GetEnvironmentStringsW
LoadLibraryA
SetStdHandle
GetVersion
UnhandledExceptionFilter
GetStringTypeW
GetEnvironmentStringsA
ReadConsoleW
InitializeCriticalSection
WaitNamedPipeW
CreateSemaphoreA
SetEnvironmentVariableA
ExitProcess
GetModuleFileNameA
FindNextFileA
CreateMailslotW
CreateFileMappingA
FreeEnvironmentStringsW
GetDateFormatA
GetConsoleCP
EnumDateFormatsExW
RemoveDirectoryW
VirtualQuery
FindResourceW
FreeLibrary
Sleep
GetLastError
GetCPInfo
SetComputerNameA
lstrcmpi
GetCurrentProcess
GetFileAttributesExW
ExpandEnvironmentStringsW
GetLocaleInfoW
HeapSize
GetCurrentThreadId
EnterCriticalSection
FreeEnvironmentStringsA
GetOEMCP
GetSystemTimeAdjustment
lstrcat
WriteConsoleA
IsValidLocale
GetThreadSelectorEntry
ReadFile
GetConsoleOutputCP
OpenMutexW
VirtualProtectEx
FindNextFileW
TlsGetValue
GetTimeZoneInformation
VirtualFree
HeapCreate

comdlg32

PrintDlgA
GetSaveFileNameA

Sections

.text
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 135KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 102KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5c670a7ce4f44771feaeb979fc877885

Headers

File Characteristics

PDB Paths

Imports

comctl32

user32

kernel32

comdlg32

Sections

.text Size: 144KB - Virtual size: 144KB

.rdata Size: 135KB - Virtual size: 134KB

.data Size: 102KB - Virtual size: 116KB

.rsrc Size: 37KB - Virtual size: 37KB

.text
Size: 144KB - Virtual size: 144KB

.rdata
Size: 135KB - Virtual size: 134KB

.data
Size: 102KB - Virtual size: 116KB

.rsrc
Size: 37KB - Virtual size: 37KB