eca9c4ff185d22de20dcf5d2bfa70d08034ed65ac2a3060fd35bb65d29ec9886

Sharing

Copy URL

Twitter E-mail

General

Target

eca9c4ff185d22de20dcf5d2bfa70d08034ed65ac2a3060fd35bb65d29ec9886
Size

50KB
MD5

10be93035136f9e7a26683e956144ea3
SHA1

2bcfe78c32782aa03adabee326895caec8f5d097
SHA256

eca9c4ff185d22de20dcf5d2bfa70d08034ed65ac2a3060fd35bb65d29ec9886
SHA512

e1e1f22ad0b93983e52fcbe8253926646bef9a985d3480a63ba8470ee70e08dce7f5c19061cd58f0e38b4bd4d5b639f7d28112087995d4fe0b2e163cb7e32bef
SSDEEP

384:O4OiBe0lDJW6ZDKDXa55nUK+c9Th28KBA74AiDJAcZUwmgZWQWhcfWGsiqis9Qln:O4zZWX851xLNwWZwmg//iisKl4qR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eca9c4ff185d22de20dcf5d2bfa70d08034ed65ac2a3060fd35bb65d29ec9886

Files

eca9c4ff185d22de20dcf5d2bfa70d08034ed65ac2a3060fd35bb65d29ec9886
.exe windows:4 windows x86 arch:x86

8a7e9f20d89b2807f15163338a1efcc3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msjter40

ord5
ord3
ord4

msjet40

ord154
ord176
ord178

msrepl40

ord2044
ord2095
ord2099
ord2098
ord2096
ord2097

vbajet32

ord1

gdi32

GetDeviceCaps

kernel32

GetEnvironmentStrings
SetHandleCount
GetCurrentProcess
UnhandledExceptionFilter
TerminateProcess
GetProcAddress
LoadLibraryA
WriteFile
RtlUnwind
GetFileType
GetStdHandle
LCMapStringA
FreeEnvironmentStringsW
GetStringTypeW
lstrcmpiA
GetEnvironmentStringsW
GetVersionExA
FreeLibrary
Sleep
WaitForSingleObject
SetEvent
GetExitCodeThread
OpenEventA
CreateThread
GetModuleHandleA
WideCharToMultiByte
MultiByteToWideChar
FreeResource
LockResource
LoadResource
FindResourceA
HeapDestroy
GetModuleFileNameA
FreeEnvironmentStringsA
GetVersion
HeapAlloc
HeapFree
GetStartupInfoA
GetCommandLineA
ExitProcess
GetACP
HeapCreate
VirtualFree
VirtualAlloc
GetCPInfo
GetOEMCP
GetStringTypeA
LCMapStringW

ole32

OleUninitialize
OleInitialize
CoUninitialize
CoInitialize
StringFromGUID2

user32

GetDC
GetDlgCtrlID
GetWindowLongA
GetDlgItem
ScreenToClient
WinHelpA
MapDialogRect
MoveWindow
GetClientRect
DrawTextA
SetWindowTextA
RegisterClassA
CreateDialogParamA
GetWindowRect
ReleaseDC
SetWindowPos
SendMessageA
SetFocus
LoadStringA
EnableWindow
EndDialog
SetWindowLongA
MessageBoxA
DefWindowProcA
DefWindowProcW
SetDlgItemTextA
GetParent
DestroyWindow
LoadIconA
RegisterClassW
LoadIconW
ShowWindow
CreateWindowExA
DispatchMessageW
TranslateMessage
IsDialogMessageA
PeekMessageA
DialogBoxIndirectParamA

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8a7e9f20d89b2807f15163338a1efcc3

Headers

File Characteristics

Imports

msjter40

msjet40

msrepl40

vbajet32

gdi32

kernel32

ole32

user32

Sections

.text Size: 24KB - Virtual size: 20KB

.data Size: 12KB - Virtual size: 10KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 24KB - Virtual size: 20KB

.data
Size: 12KB - Virtual size: 10KB

.rsrc
Size: 10KB - Virtual size: 10KB