e01eedc3f92f4003c20d1fdc3cbf2b24

Sharing

Copy URL Twitter E-mail

General

Target

e01eedc3f92f4003c20d1fdc3cbf2b24
Size

72KB
MD5

e01eedc3f92f4003c20d1fdc3cbf2b24
SHA1

d89efa78768808efe1ecb522a90a6a81ec4591ea
SHA256

a787197e0190655eaaf96e67b4f73b9280944f4fb6c7cf6f3f60e5802a7dec28
SHA512

643b05895b636ba5f630f4dac65fd13431a29f2d517021449a6f7acf5b903ecd6d8aae70b03f656f33efa9c6e46066fca568043e9652f8245eae462fbe3fd230
SSDEEP

1536:+HRmIX8UkfKoA5iQBwiTm/EmFjVJW7OcTHJoQI1EE:48Zfxqh2EmFjW7DTiu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e01eedc3f92f4003c20d1fdc3cbf2b24

Files

e01eedc3f92f4003c20d1fdc3cbf2b24
.exe windows:5 windows x86 arch:x86

74e3e61a480d851fb57f8fae8a481aaf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathBuildRootW
StrCatW
PathFindFileNameW

gdi32

SetDIBColorTable
GetSystemPaletteUse
LineTo
GetStockObject
GetNearestColor
CreateRectRgn
TextOutA
EnumFontFamiliesExW
SetWindowExtEx
DeleteObject
PathToRegion

comdlg32

GetSaveFileNameA
PageSetupDlgW
GetFileTitleW

kernel32

SetErrorMode
GetModuleHandleA
GetStdHandle
LCMapStringA
HeapLock
GetThreadPriority
ResetEvent
SetConsoleCP
GetFileAttributesExW
OpenSemaphoreW
GlobalDeleteAtom
HeapFree
GetOEMCP
GetExitCodeProcess
SetTimerQueueTimer

user32

DestroyMenu
SetSysColors
GetCaretBlinkTime
CascadeChildWindows
ReplyMessage
AppendMenuA
GetClipCursor
GetMenuState
MoveWindow
TileChildWindows
AdjustWindowRect
GetMenu
LoadImageW
FindWindowW

comctl32

CreateToolbarEx
ImageList_AddMasked

Exports

Exports

_WAgxkxxwc_gdcltnjY_oFI@4
_Jubcgsap_oJlxjba@8
_QJiiNzgpq_prdnwPFc_hJ@12
_BfstvIaqk_eroIkvw@12
_SqVWtuvo_Omsdse@8

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 18KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

74e3e61a480d851fb57f8fae8a481aaf

Headers

File Characteristics

Imports

shlwapi

gdi32

comdlg32

kernel32

user32

comctl32

Exports

Exports

Sections

.text Size: 17KB - Virtual size: 16KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 7KB - Virtual size: 7KB

.xdata Size: 13KB - Virtual size: 13KB

.pdata Size: 18KB - Virtual size: 90KB

.edata Size: 2KB - Virtual size: 1KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 17KB - Virtual size: 16KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 7KB - Virtual size: 7KB

.xdata
Size: 13KB - Virtual size: 13KB

.pdata
Size: 18KB - Virtual size: 90KB

.edata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 4KB