e02d659742bb402cbee381b8ec2e72f9

Sharing

Copy URL Twitter E-mail

General

Target

e02d659742bb402cbee381b8ec2e72f9
Size

101KB
MD5

e02d659742bb402cbee381b8ec2e72f9
SHA1

0d93f1386b122cde382a4bfabda727290ef811d0
SHA256

4a149edea0b958479c0df875899c687c2dff68b47e1bb986a8b1fdca327f74c9
SHA512

0ebb6fbb8636d610aee47147df5083c578dec9e0fd69a8b67076828636734c4688955ee5866ff25bec3635bfda3343070c16142a0402927d7c8f7818f13eb6c8
SSDEEP

3072:Z7J19cQv6iCgbPxbCJ9gdiSDADeak7dJHB/AS:Z1vCkPxbISsQLH5AS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e02d659742bb402cbee381b8ec2e72f9

Files

e02d659742bb402cbee381b8ec2e72f9
.exe windows:4 windows x86 arch:x86

40a9f86e436c59b14f44997ba64607e2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
CreateFileA
ReadFile
lstrcpynA
CloseHandle
SetFilePointer
GetModuleHandleA
LocalHandle
GlobalAlloc
SetStdHandle
LoadLibraryA
GetLastError
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetOEMCP
GetACP
GetCPInfo
WideCharToMultiByte
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
MultiByteToWideChar
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetStringTypeA
GetStringTypeW
lstrcatA
HeapFree
GetProcAddress
lstrlenA
LocalFree
LocalAlloc
lstrcpyA
VirtualAlloc
FlushFileBuffers
HeapAlloc
GlobalFree
GlobalLock
lstrcmpiA
GlobalUnlock

user32

RegisterClassA
DispatchMessageA
TranslateMessage
LoadAcceleratorsA
TranslateAcceleratorA
GetMessageA
ShowWindow
CreateWindowExA
GetSystemMetrics
LoadStringA
EnableWindow
GetSysColor
GetMenu
EnableMenuItem
MessageBeep
GetDlgItemTextA
SendDlgItemMessageA
EndDialog
PostQuitMessage
GetDC
SetWindowLongA
SendMessageA
ReleaseDC
PostMessageA
SetFocus
DefWindowProcA
DialogBoxParamA
BeginPaint
GetClientRect
FillRect
EndPaint
LoadIconA
LoadCursorA
MessageBoxA

gdi32

CreatePen
GetStockObject
GetTextMetricsA
TextOutA
SetBkMode
DeleteObject
SetTextColor
LineTo
MoveToEx
SelectObject

winspool.drv

EnumPrintersA

comdlg32

GetSaveFileNameA
GetOpenFileNameA

advapi32

RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 951B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 647KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

40a9f86e436c59b14f44997ba64607e2

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

version

Sections

.text Size: 40KB - Virtual size: 40KB

.rdata Size: 1024B - Virtual size: 951B

.data Size: 12KB - Virtual size: 647KB

.idata Size: 3KB - Virtual size: 2KB

.rsrc Size: 43KB - Virtual size: 43KB

.text
Size: 40KB - Virtual size: 40KB

.rdata
Size: 1024B - Virtual size: 951B

.data
Size: 12KB - Virtual size: 647KB

.idata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 43KB - Virtual size: 43KB