e8f04889adb7c5fb8dc22ed1a2592ff0292a42d13435b258ae95749dc7e11bbb

Sharing

Copy URL Twitter E-mail

General

Target

e8f04889adb7c5fb8dc22ed1a2592ff0292a42d13435b258ae95749dc7e11bbb
Size

96KB
MD5

911aa3fd3c629b40b7e8b7050ae9041d
SHA1

95e734bc11619dbe57c317304d37f91e9da3ef34
SHA256

e8f04889adb7c5fb8dc22ed1a2592ff0292a42d13435b258ae95749dc7e11bbb
SHA512

d4de2f2f51f54a34fff59175807d13ab8e39c5468cf9787a716cb575424ddf0b47716e6739a0372944eda0d7454534a8fa159ebf9f86e6190079a63a812e3f7d
SSDEEP

3072:K2sbdwf2q+1gx8Y8eftQbpkQ3avm/PxIf5Z:K9NqcwQbpkQ38mRC3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e8f04889adb7c5fb8dc22ed1a2592ff0292a42d13435b258ae95749dc7e11bbb

Files

e8f04889adb7c5fb8dc22ed1a2592ff0292a42d13435b258ae95749dc7e11bbb
.dll windows:4 windows x86 arch:x86

eeeed78bfe70268307271b151d937122

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
DeleteFileA
ExitProcess
GetACP
GetCommandLineA
GetLastError
GetLocalTime
GetModuleHandleA
GetOEMCP
GetPrivateProfileStringA
GetStartupInfoA
HeapAlloc
InterlockedIncrement
RtlUnwind
SetCurrentDirectoryA
SetErrorMode
SetLastError
VirtualFree
WritePrivateProfileSectionA
lstrcmpiA
lstrcpyA

advapi32

RegCloseKey
RegEnumKeyA
RegLoadKeyA
RegOpenKeyExA
RegQueryValueA
LookupPrivilegeValueA

ole32

CoUninitialize
CoInitialize
OleFlushClipboard
CoGetClassObject
CoCreateInstance
CLSIDFromProgID
StgCreateDocfileOnILockBytes
RevokeDragDrop
OleUninitialize
OleSetClipboard
OleLockRunning
OleInitialize
CreateOleAdviseHolder
GetRunningObjectTable
DoDragDrop

user32

SetMenuInfo
SetCursor
MessageBoxA
GetCursor
EnableWindow
DrawCaption
DispatchMessageA
DialogBoxParamA
CreateMDIWindowA
CreateIconFromResourceEx
CreateDesktopA
CreateCursor
CharUpperA
ChangeMenuA
DrawTextA

shell32

SHFileOperationA
SHGetDesktopFolder
SHGetFileInfoA
SHGetMalloc
ShellExecuteExA
ShellExecuteExW
Shell_NotifyIconA
SHBindToParent

shlwapi

PathCanonicalizeA
PathCompactPathExA
PathFileExistsA
StrStrIA
PathMatchSpecA
PathIsRootA
PathIsDirectoryA
PathFindExtensionA
PathAppendA

imm32

ImmGetContext
ImmReleaseContext
ImmSetCompositionFontA
ImmSetCompositionWindow
ImmGetCompositionStringW

msvcrt

vsprintf
__set_app_type
_errno
fflush
getenv
malloc
memcpy
memmove
memset
rand
realloc
sprintf
sscanf
strcmp
strlen
__dllonexit

oleaut32

SysAllocStringLen
SysStringLen
VariantChangeTypeEx
VariantClear
LoadTypeLib

Exports

Exports

Bnst
Cg
Ddjkit
Hfwyal
Ifybouuq
Iirfjx
Jv
Kttsogp
Ml
Odkjtxf
Sqz
Tiuvguvgc
Wrlsba
Zfx

Sections

.text
Size: 22KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eeeed78bfe70268307271b151d937122

Headers

File Characteristics

Imports

kernel32

advapi32

ole32

user32

shell32

shlwapi

imm32

msvcrt

oleaut32

Exports

Exports

Sections

.text Size: 22KB - Virtual size: 24KB

.rdata Size: 32KB - Virtual size: 32KB

.data Size: 30KB - Virtual size: 32KB

.idata Size: 3KB - Virtual size: 4KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 22KB - Virtual size: 24KB

.rdata
Size: 32KB - Virtual size: 32KB

.data
Size: 30KB - Virtual size: 32KB

.idata
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 8KB - Virtual size: 8KB