e2c27a55dcabb44ec1c5b6aa76317acc768bc6e026b0734d7fbe10612337ff53

Sharing

Copy URL Twitter E-mail

General

Target

e2c27a55dcabb44ec1c5b6aa76317acc768bc6e026b0734d7fbe10612337ff53
Size

282KB
MD5

6fe6b910f7a52337c8fe1f214bd55c0f
SHA1

7ae067ef713f43a9dac6b0ef89919e0377f152f6
SHA256

e2c27a55dcabb44ec1c5b6aa76317acc768bc6e026b0734d7fbe10612337ff53
SHA512

9ce5fd4aa683bf4500ccb38f9a44d7a93257b80c1dfd4c186b76d7dcb40523b1db5bdf148d1a341b7c861e0323a3f0aa0f007741023e4316288209ad32183c3c
SSDEEP

3072:vqrf1n0oP/Rlff2uWV1mtmyEMxyvE4OpTnUNAkeUizaqPN4qHSzMCQQ/vmhqfiHk:Crf1n0oX+XmQyEWuE4mUNRtJH/vmUkt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e2c27a55dcabb44ec1c5b6aa76317acc768bc6e026b0734d7fbe10612337ff53

Files

e2c27a55dcabb44ec1c5b6aa76317acc768bc6e026b0734d7fbe10612337ff53
.exe windows:5 windows x86 arch:x86

3ad713087e9b543db170b78580d8cd8a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCompact
WriteConsoleOutputCharacterW
CreateJobObjectW
CreateHardLinkA
GlobalAlloc
WideCharToMultiByte
LoadLibraryW
GetLocaleInfoW
GetConsoleWindow
HeapCreate
GetFileAttributesW
InterlockedExchange
GetStdHandle
FreeLibraryAndExitThread
GetLastError
GetCurrentDirectoryW
SetComputerNameA
BuildCommDCBW
GetNumaHighestNodeNumber
ResetEvent
GetAtomNameA
UnhandledExceptionFilter
GetFileType
FindFirstVolumeMountPointW
ConvertDefaultLocale
GetModuleFileNameA
VirtualProtect
ScrollConsoleScreenBufferA
FindAtomW
FileTimeToLocalFileTime
HeapReAlloc
GetProcAddress
GetModuleHandleW
ExitProcess
DecodePointer
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RaiseException
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
HeapFree
IsProcessorFeaturePresent
EncodePointer
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
WriteFile
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
RtlUnwind
Sleep
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
LCMapStringW
MultiByteToWideChar
GetStringTypeW

user32

GetMonitorInfoA

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 149KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.piy
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3ad713087e9b543db170b78580d8cd8a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 42KB - Virtual size: 42KB

.rdata Size: 149KB - Virtual size: 148KB

.data Size: 7KB - Virtual size: 43KB

.tls Size: 2KB - Virtual size: 2KB

.piy Size: 512B - Virtual size: 12B

.rsrc Size: 79KB - Virtual size: 78KB

.text
Size: 42KB - Virtual size: 42KB

.rdata
Size: 149KB - Virtual size: 148KB

.data
Size: 7KB - Virtual size: 43KB

.tls
Size: 2KB - Virtual size: 2KB

.piy
Size: 512B - Virtual size: 12B

.rsrc
Size: 79KB - Virtual size: 78KB