8e9c7582081fb4829daac6bf0753655a

Sharing

Copy URL Twitter E-mail

General

Target

8e9c7582081fb4829daac6bf0753655a
Size

485KB
MD5

8e9c7582081fb4829daac6bf0753655a
SHA1

7a5bd2b6e48eae3757451cfbc1fc817ecc898c67
SHA256

af64ebab36d2a158a74386a2314526b9603fbd796c680a4c8013399e1ac38d91
SHA512

2213cebafa9036c9f891adfb0039a49d485514ad403aa2a0c077082daa643f2d718f9efc16f23a48fa0b1edeb45c1a321993e3c1c2b61d37b5bdfa4c25bbb3a7
SSDEEP

12288:AYCTML+ljbkUcNIxtLU+IfI+vtoQ1KZG:AYCTMLQjnzDLUHI+9KZG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e9c7582081fb4829daac6bf0753655a

Files

8e9c7582081fb4829daac6bf0753655a
.exe windows:4 windows x86 arch:x86

49bb74b29b77036e0f2ea37b8ab52cc8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ExtractIconA
SHBrowseForFolderW

kernel32

GetCurrentThread
DeleteCriticalSection
CompareStringA
RtlUnwind
LCMapStringA
lstrlen
MoveFileExW
WideCharToMultiByte
ReadFile
GetCPInfo
GetStringTypeW
CompareStringW
GetProcAddress
TlsAlloc
VirtualFree
GetPrivateProfileSectionA
InterlockedExchangeAdd
SetFilePointer
InterlockedIncrement
GetTickCount
GetFileType
GetTimeZoneInformation
TlsFree
FlushFileBuffers
GetStdHandle
GetCurrentProcessId
HeapFree
GetCurrentThreadId
GetSystemTimeAsFileTime
TerminateProcess
GetVersion
GetCurrentProcess
LoadLibraryA
HeapAlloc
SetLastError
ConnectNamedPipe
InterlockedExchange
HeapReAlloc
VirtualAlloc
OpenMutexA
GetCommandLineA
UnhandledExceptionFilter
GetEnvironmentStrings
GetStartupInfoA
GetLastError
EnterCriticalSection
MultiByteToWideChar
lstrcatA
GetEnvironmentStringsW
VirtualQuery
InitializeCriticalSection
GetProcessHeaps
LCMapStringW
QueryPerformanceCounter
GetSystemTime
FreeEnvironmentStringsW
IsBadWritePtr
WriteFile
CreateMutexA
GetOEMCP
SetHandleCount
InterlockedDecrement
GetModuleFileNameA
HeapDestroy
GetStringTypeA
TlsSetValue
SetEnvironmentVariableA
CloseHandle
TlsGetValue
FreeEnvironmentStringsA
LeaveCriticalSection
GetACP
ExitProcess
GetModuleHandleA
SetUnhandledExceptionFilter
ReadConsoleInputW
SetStdHandle
GetLocalTime
HeapCreate

gdi32

GdiPlayScript
Ellipse
GetEnhMetaFileW
SetWinMetaFileBits
CreateRectRgn
GdiSetBatchLimit
GetPolyFillMode
PlayMetaFileRecord
CreateMetaFileA
GetTextColor
PathToRegion
ExtTextOutW
GetMetaFileW
GetMetaFileA
EqualRgn
SetTextColor
ArcTo

comctl32

InitCommonControlsEx

user32

LoadKeyboardLayoutA
WindowFromPoint
GetMenuItemID
GetClassNameW
RegisterClassA
ChangeClipboardChain
GetKeyboardLayoutList
MessageBeep
UnregisterHotKey
RegisterClassExA

Sections

.text
Size: 162KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 313KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

49bb74b29b77036e0f2ea37b8ab52cc8

Headers

File Characteristics

Imports

shell32

kernel32

gdi32

comctl32

user32

Sections

.text Size: 162KB - Virtual size: 162KB

.rdata Size: 4KB - Virtual size: 28KB

.data Size: 313KB - Virtual size: 313KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 162KB - Virtual size: 162KB

.rdata
Size: 4KB - Virtual size: 28KB

.data
Size: 313KB - Virtual size: 313KB

.rsrc
Size: 3KB - Virtual size: 3KB