e06a576a2fdf78317103a1a3134cdb72

General

Target

e06a576a2fdf78317103a1a3134cdb72
Size

156KB
MD5

e06a576a2fdf78317103a1a3134cdb72
SHA1

8a773c91df2aac23b4dc0923a0892976f6523f33
SHA256

791902580939103c51947bdef1f05890061fbac2e03aafceb69e1a609ef5830d
SHA512

0560450688b75fcfce8a0b8248c8a7ecc831b297ce94df348bd735ea376db4419b13ef556096b89a8aa2815cc142cd1c92bcf214cdbb217ff318020df8f00e7e
SSDEEP

3072:AFTjie89di0Cn9RMBarY6JwTGR4pC77Ry5zcPSBs+Ci6LujDooic:AFTjmdiTnmZywTGapC3Ry5QKBBQLuHrl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e06a576a2fdf78317103a1a3134cdb72

Files

e06a576a2fdf78317103a1a3134cdb72
.exe windows:4 windows x86 arch:x86

82ab339b0a4d3e10fab818fab26a41ea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetOEMCP
EndUpdateResourceA
LockResource
lstrlenW
IsValidCodePage
GetVersionExA
GetCurrentThreadId
ExitProcess
GetCurrentProcessId
TlsFree
GetShortPathNameA
RaiseException
CreateThread
InterlockedIncrement
GetModuleFileNameA
DeleteFileA
GetModuleHandleA
GetFileSize
GetSystemTimeAsFileTime
GetStartupInfoA
SetConsoleCP
SetFileAttributesW
CreateEventW
TerminateProcess
HeapCreate
WriteFile
LocalReAlloc
VirtualFree
GetStartupInfoW
CreateFileMappingA
GetACP
GetLocalTime
GetCommandLineA
IsBadCodePtr
SetLastError
SetStdHandle
LocalAlloc
GetDriveTypeA
VirtualProtect
GetSystemInfo
FreeResource
GlobalFree
FindNextFileW
GetLastError
InterlockedCompareExchange
GetEnvironmentVariableW
HeapDestroy
GetPrivateProfileStringA
GetTickCount

msvcrt

??0exception@@QAE@XZ
memset
__p__commode
_wtol
_purecall
wcsrchr
?terminate@@YAXXZ
_wcsicmp

user32

GetWindow
CharNextA
KillTimer
ClientToScreen
PostMessageW
GetMenuItemCount
SetParent
SetDlgItemTextA
EnumChildWindows
GetSystemMetrics
GetDlgItemTextW
CopyRect

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 119KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

82ab339b0a4d3e10fab818fab26a41ea

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

Sections

.text Size: 31KB - Virtual size: 30KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 119KB - Virtual size: 181KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 31KB - Virtual size: 30KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 119KB - Virtual size: 181KB

.rsrc
Size: 3KB - Virtual size: 2KB