e6fe558f6c026493bff28c7451069715[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

e6fe558f6c026493bff28c7451069715.exe
Size

307KB
MD5

e6fe558f6c026493bff28c7451069715
SHA1

edfa573934a1b0505727e0d4b1b0544f11523e7e
SHA256

75e985ad843283de707a360843a5ac65e0800b8dde13004c9eec247bc4ee4437
SHA512

ff896b158a5f9b81ef945667774e4d0ab48940ac5848a8c7fe8fd151773c3acb60d9673cd155317a90d3658ea5997158fd60b1b6dd3161927a3d3c86cfd61dbd
SSDEEP

3072:RlJLNbCckq+PcKNEXZDr6EQb4rhLxZ60uDO/6sBh7aFTvCoVoJ7rMRk2JYn3:RsqXZq5b4rXZJu6/jn7aFTe7ARW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e6fe558f6c026493bff28c7451069715.exe

Files

e6fe558f6c026493bff28c7451069715.exe
.exe windows:5 windows x86 arch:x86

778ccad6990ff49005ab127aaa21897f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedDecrement
QueryDosDeviceA
CreateDirectoryW
GetFileAttributesExA
GetTickCount
FindNextVolumeMountPointA
ReadConsoleW
GetWindowsDirectoryA
EnumTimeFormatsA
GlobalAlloc
WideCharToMultiByte
GetVolumeInformationA
GlobalFindAtomA
TerminateThread
GetLocaleInfoW
GetSystemPowerStatus
GetConsoleAliasExesLengthW
GetVersionExW
GetConsoleAliasW
WriteConsoleW
GetLocaleInfoA
GetLastError
GetCurrentDirectoryW
GetProcAddress
LoadLibraryA
SetConsoleCtrlHandler
GetNumberFormatW
RemoveDirectoryW
GetModuleHandleA
VirtualProtect
PeekConsoleInputA
GetCurrentProcessId
ReadConsoleOutputCharacterW
CloseHandle
CreateFileW
SetStdHandle
OutputDebugStringW
LoadLibraryExW
CreateFileA
FindResourceA
GetModuleFileNameW
GetEnvironmentVariableW
EncodePointer
DecodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
MultiByteToWideChar
GetStringTypeW
HeapFree
HeapAlloc
IsProcessorFeaturePresent
GetCommandLineA
RaiseException
RtlUnwind
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
LCMapStringW
GetProcessHeap
ExitProcess
GetModuleHandleExW
GetStdHandle
WriteFile
FlushFileBuffers
GetConsoleCP
GetConsoleMode
HeapSize
IsDebuggerPresent
GetCurrentThreadId
GetFileType
ReadFile
SetFilePointerEx
GetModuleFileNameA
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetACP
IsValidCodePage
GetOEMCP
HeapReAlloc

user32

GetClassInfoW
CharLowerA
GetAltTabInfoA
SetUserObjectSecurity
DrawFrameControl
CharUpperBuffW

gdi32

CreateDCA

advapi32

ReadEventLogA

Sections

.text
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 148KB - Virtual size: 41.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

778ccad6990ff49005ab127aaa21897f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 62KB - Virtual size: 62KB

.rdata Size: 34KB - Virtual size: 33KB

.data Size: 148KB - Virtual size: 41.1MB

.rsrc Size: 61KB - Virtual size: 61KB

.text
Size: 62KB - Virtual size: 62KB

.rdata
Size: 34KB - Virtual size: 33KB

.data
Size: 148KB - Virtual size: 41.1MB

.rsrc
Size: 61KB - Virtual size: 61KB