e0101f085d40614f584aa16a6f2366a9

General

Target

e0101f085d40614f584aa16a6f2366a9
Size

180KB
MD5

e0101f085d40614f584aa16a6f2366a9
SHA1

c088213c447441ed1bd504fbb43dfc5ffe00f11d
SHA256

cb7f0c1d9fd50c625de6c03091b7bd5eea9a923831e8b4903b69d50ddafb790e
SHA512

71b885364f39ead8b4aaedc63b848de361361b371dd2666e4da909c407c231a8b91864bcf4288c9b873974eafb5bf256d7d98c3531add9ae5fa6793c8ffb0940
SSDEEP

3072:/v4e6PnFyMUc+G1Nb3YbClvoudsd+mJe1srr:/D6vFyMKezyUpd4M1m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e0101f085d40614f584aa16a6f2366a9

Files

e0101f085d40614f584aa16a6f2366a9
.exe windows:4 windows x86 arch:x86

4076f46ccc0b4d92e67f7cf5917eea3b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeviceIoControl
FindClose
GetCPInfo
GetConsoleOutputCP
GetFileSize
GetLocaleInfoA
GetPrivateProfileStringA
GetSystemTimeAsFileTime
GlobalDeleteAtom
GlobalLock
LoadLibraryExA
MapViewOfFile
RemoveDirectoryA
RtlUnwind
WriteFile

user32

DefWindowProcA
DispatchMessageA
DrawTextA
GetActiveWindow
GetClassInfoA
GetParent
GetSubMenu
GetWindowRect
GetWindowTextA
GetWindowThreadProcessId
LoadBitmapA
LoadIconA
PostQuitMessage
RegisterClassA
SetForegroundWindow
TrackPopupMenu
UpdateWindow

gdi32

CreateDCA
CreatePen
Ellipse
GetRgnBox
GetTextColor
GetViewportExtEx
SetEnhMetaFileBits
SetViewportOrgEx
SetWinMetaFileBits
SetWindowExtEx
SetWindowOrgEx

shell32

SHAppBarMessage
SHBrowseForFolder
SHBrowseForFolderA
SHCreateDirectoryExA
SHFileOperationA
SHGetDesktopFolder
ShellExecuteA
ShellExecuteExW
Shell_NotifyIconW

comctl32

CreatePropertySheetPageA
ImageList_GetImageInfo
ImageList_LoadImageW
ImageList_SetDragCursorImage

Sections

.text
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4076f46ccc0b4d92e67f7cf5917eea3b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comctl32

Sections

.text Size: 72KB - Virtual size: 71KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 82KB - Virtual size: 82KB

.rsrc Size: 22KB - Virtual size: 140KB

.text
Size: 72KB - Virtual size: 71KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 82KB - Virtual size: 82KB

.rsrc
Size: 22KB - Virtual size: 140KB