8e6074f3a02b68f0d2e5de81f8b47912

Sharing

Copy URL Twitter E-mail

General

Target

8e6074f3a02b68f0d2e5de81f8b47912
Size

540KB
MD5

8e6074f3a02b68f0d2e5de81f8b47912
SHA1

dbc0cca7ca1f10fb308b5d8cb726d9562d006633
SHA256

bbb622cef48461cfe4c5c47161c3eefaf4f72863a29120195ae6ba27368b0814
SHA512

983e1c0638fb485119fd43af5372a22bfc1f5231b441a8797f76f99299d5a3b880ddd681a3ecb37f5a55f1dc7eb0860903829e04c776ad0f9e8df1cb79aa7279
SSDEEP

12288:GoBM2mb1jSmQFmvyS6+Of1zFWkOMMS7UjQZT:S2mb1Gmgh8kOMv7gQZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e6074f3a02b68f0d2e5de81f8b47912

Files

8e6074f3a02b68f0d2e5de81f8b47912
.exe windows:4 windows x86 arch:x86

ea8fb90560c820c296681bdc483b62d7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHInvokePrinterCommandA
InternalExtractIconListA
ExtractIconExA

kernel32

CreateMutexA
InterlockedExchangeAdd
EnumSystemLocalesA
GetStdHandle
CreateEventW
RtlFillMemory
ExitProcess
GetSystemDefaultLCID
GetDiskFreeSpaceExW
LCMapStringA
TlsGetValue
DeleteCriticalSection
GetStringTypeExA
PulseEvent
TlsAlloc
InitializeCriticalSection
WriteFile
HeapDestroy
GetOEMCP
GlobalCompact
ReadFile
FindAtomW
SystemTimeToFileTime
GetVolumeInformationW
GetTickCount
DeleteFiber
GetDriveTypeW
CommConfigDialogA
TerminateProcess
VirtualProtect
SetThreadContext
IsValidCodePage
VirtualProtectEx
GetSystemTimeAdjustment
IsValidLocale
GetLastError
DebugActiveProcess
HeapCreate
VirtualQuery
GetVersionExA
LocalLock
WideCharToMultiByte
CompareStringA
LoadLibraryA
QueryPerformanceCounter
GetACP
TlsSetValue
SetEnvironmentVariableA
CommConfigDialogW
GetCurrentThread
GetFileType
SetTimeZoneInformation
GetDateFormatA
IsBadWritePtr
lstrcpynW
AddAtomW
HeapSize
MultiByteToWideChar
Sleep
LocalUnlock
LeaveCriticalSection
DosDateTimeToFileTime
HeapAlloc
GetTimeZoneInformation
GetTempFileNameA
GlobalFindAtomW
GetProcAddress
GetFullPathNameW
ExpandEnvironmentStringsW
GetConsoleScreenBufferInfo
GlobalFree
CompareStringW
WriteConsoleA
GetStringTypeA
GetEnvironmentStringsW
VirtualAlloc
GetModuleHandleA
lstrcmpW
SetHandleCount
WriteConsoleOutputW
SetConsoleCtrlHandler
FoldStringA
TlsFree
GetLocaleInfoA
SetStdHandle
EnterCriticalSection
LocalSize
GetCPInfo
MoveFileW
GetLocaleInfoW
VirtualFree
GetUserDefaultLCID
GetWindowsDirectoryW
InterlockedIncrement
FreeEnvironmentStringsW
IsBadReadPtr
GetStringTypeW
GetEnvironmentStrings
HeapReAlloc
UnhandledExceptionFilter
RtlUnwind
GetStartupInfoA
SetFilePointer
GetModuleFileNameA
GetPrivateProfileIntW
LCMapStringW
InterlockedExchange
FillConsoleOutputAttribute
GlobalAddAtomA
HeapFree
FreeEnvironmentStringsA
GetSystemInfo
GetCurrentProcess
OpenMutexA
GetCurrentThreadId
WriteProfileSectionW
GetSystemTimeAsFileTime
SetConsoleOutputCP
SetLastError
CloseHandle
FlushFileBuffers
SetConsoleTitleW
VirtualAllocEx
GetCurrentProcessId
GetCommandLineA
GetTimeFormatA
SetComputerNameW
SetLocaleInfoW

comctl32

ImageList_AddIcon
ImageList_GetIconSize
InitCommonControlsEx
ImageList_Create
ImageList_LoadImageW
ImageList_Destroy
GetEffectiveClientRect
ImageList_Remove
ImageList_Draw
ImageList_Replace
ImageList_DragShowNolock
ImageList_Duplicate
ImageList_SetFilter
ImageList_DrawEx
CreateStatusWindow
ImageList_GetFlags
MakeDragList
CreateUpDownControl
ImageList_GetImageCount
ImageList_SetOverlayImage
ImageList_GetIcon
_TrackMouseEvent
DrawStatusTextA
ImageList_LoadImageA

user32

MoveWindow
DestroyWindow
SendNotifyMessageA
MsgWaitForMultipleObjects
InflateRect
ShowWindow
GrayStringA
LoadCursorA
RegisterClassA
CharToOemW
CreateIcon
SetUserObjectInformationA
GetSubMenu
GetCapture
GetClipCursor
FindWindowExW
SetUserObjectInformationW
DefWindowProcA
wvsprintfA
ScrollWindow
CallMsgFilter
SetWindowsHookA
MessageBoxExW
GetProcessDefaultLayout
GetClassNameA
DdeAccessData
DdeImpersonateClient
GetDlgCtrlID
RedrawWindow
AnimateWindow
SetMenuItemBitmaps
SendMessageW
IsWindowUnicode
SendMessageA
SetPropA
SetClipboardViewer
CreateAcceleratorTableA
DdeSetQualityOfService
PeekMessageW
CreateWindowExW
DdeAddData
RegisterClassExA
GetUpdateRgn
DdeFreeStringHandle
DdeReconnect
MapVirtualKeyW
GetMenuStringA
UnhookWindowsHook
GetMenuState
EnumPropsW
MessageBoxA
WINNLSEnableIME
GetKBCodePage
MonitorFromPoint
CallMsgFilterW
SetWindowTextW
ChildWindowFromPointEx
ScreenToClient
SetShellWindow
EnumPropsA

Sections

.text
Size: 156KB - Virtual size: 153KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 248KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ea8fb90560c820c296681bdc483b62d7

Headers

File Characteristics

Imports

shell32

kernel32

comctl32

user32

Sections

.text Size: 156KB - Virtual size: 153KB

.rdata Size: 248KB - Virtual size: 244KB

.data Size: 116KB - Virtual size: 138KB

.rsrc Size: 16KB - Virtual size: 14KB

.text
Size: 156KB - Virtual size: 153KB

.rdata
Size: 248KB - Virtual size: 244KB

.data
Size: 116KB - Virtual size: 138KB

.rsrc
Size: 16KB - Virtual size: 14KB