8e7436e251f8d84c38e0eb7f1c1eb480

Sharing

Copy URL Twitter E-mail

General

Target

8e7436e251f8d84c38e0eb7f1c1eb480
Size

1.8MB
MD5

8e7436e251f8d84c38e0eb7f1c1eb480
SHA1

214bf4f57742dbb595d4f799fed6c47734f22ab9
SHA256

e28f2fb23a9547569e7e34731c574aa8143ccbc0bf5c3314e46c433ee327a2c4
SHA512

ad0cbc02a0444199420e40cb370a2090c517e1598da6fd9cc49883cdf418020f3263165b0c0e65ea34c4922de04581131182607e84c50cb1084082f2bd7f5f5e
SSDEEP

49152:6n9IcUaodnGOmy3R2ddrRs0mtafhj++1jvqcZ:U9ILdnGjgtafhv1jCcZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e7436e251f8d84c38e0eb7f1c1eb480

Files

8e7436e251f8d84c38e0eb7f1c1eb480
.exe windows:4 windows x86 arch:x86

9cb770598d0ee66de1dd02c861bfb6c2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

lz32

LZCopy
LZRead
LZOpenFileA
LZClose

kernel32

_lread
_lwrite
CloseHandle
SetFileTime
CreateFileA
GetVersionExA
GlobalDeleteAtom
GlobalAddAtomA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalGetAtomNameA
SetThreadPriority
GetCurrentThread
GetDiskFreeSpaceA
GetFileAttributesA
FlushFileBuffers
RtlUnwind
HeapSize
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetStdHandle
GetOEMCP
GetACP
CopyFileA
GetStringTypeW
GetStringTypeA
LockResource
GetLocaleInfoA
VirtualQuery
GetSystemInfo
VirtualProtect
SetFilePointer
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
WriteFile
GetCurrentProcess
TerminateProcess
GetProcAddress
ExitProcess
LCMapStringW
MultiByteToWideChar
WideCharToMultiByte
LCMapStringA
HeapReAlloc
DeleteFileA
VirtualAlloc
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
HeapAlloc
GetSystemDirectoryA
_lcreat
FreeResource
_lclose
SystemTimeToFileTime
LocalFileTimeToFileTime
GetModuleFileNameA
FindResourceA
LoadResource
GetWindowsDirectoryA
lstrcatA
WinExec
GetCPInfo
GetLastError
lstrlenA
lstrcpyA
OpenFile
LoadLibraryA
CreateDirectoryA

user32

MessageBeep
IsDlgButtonChecked
CheckRadioButton
GetMessageA
LoadIconA
UnhookWindowsHookEx
DestroyWindow
PeekMessageA
DispatchMessageA
TranslateMessage
LoadBitmapA
GetWindowRect
GetSystemMetrics
SetWindowPos
GetFocus
EnableWindow
SendDlgItemMessageA
SetFocus
CreateDialogParamA
GetDlgItemTextA
PackDDElParam
UnpackDDElParam
FreeDDElParam
GetParent
SetForegroundWindow
CharUpperA
IsWindow
PostMessageA
UpdateWindow
SetTimer
KillTimer
SetDlgItemInt
GetDC
ReleaseDC
SendMessageA
GetWindowLongA
SetWindowLongA
BeginPaint
GetSysColor
EndPaint
GetClientRect
FillRect
LoadStringA
PostQuitMessage
MessageBoxA
GetDlgItem
ShowWindow
SetDlgItemTextA
IsDialogMessageA

gdi32

BitBlt
DeleteDC
GetObjectA
CreateFontIndirectA
AddFontResourceA
CreatePen
MoveToEx
LineTo
SelectObject
CreateSolidBrush
DeleteObject
CreateCompatibleDC

advapi32

RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegCreateKeyA
RegSetValueA
RegQueryValueExA
RegCloseKey
RegSetValueExA
RegOpenKeyA

Sections

.text
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9cb770598d0ee66de1dd02c861bfb6c2

Headers

File Characteristics

Imports

lz32

kernel32

user32

gdi32

advapi32

Sections

.text Size: 40KB - Virtual size: 38KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 10KB

.rsrc Size: 1.8MB - Virtual size: 1.8MB

.text
Size: 40KB - Virtual size: 38KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 10KB

.rsrc
Size: 1.8MB - Virtual size: 1.8MB