e06bd2fe81d51e0239a2fac43fbf53d5

Sharing

Copy URL Twitter E-mail

General

Target

e06bd2fe81d51e0239a2fac43fbf53d5
Size

688KB
MD5

e06bd2fe81d51e0239a2fac43fbf53d5
SHA1

253b54bb0ebbe87f5fff36b433cca396b69a16dc
SHA256

24fb840c409e8920ba957905f3639587e9916ec8ccaaf8a0ea153f3ee1b89280
SHA512

301900cd0cfef5e4e62f717b43778e3e4eb3c6303841499ec96b1f407029290100206b794c94e13b071d15ee2bf6464befaaa33397dff6bce51defea52ae4eac
SSDEEP

12288:jKYGa/EasV55Ym4uES0TSHu8n5wHpHTX6wu+CaT/VFmgjpLbpz:+VLxGmfES0TSTqpHPu+rLpz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e06bd2fe81d51e0239a2fac43fbf53d5

Files

e06bd2fe81d51e0239a2fac43fbf53d5
.exe windows:4 windows x86 arch:x86

f29ac3a5e274e3ff269bdf3257df0d20

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ReleaseDC
MoveWindow
DefWindowProcA
InvalidateRect
SetWindowTextA
SetWindowLongA
GetMessageA
GetWindowTextA
DrawEdge
GetSysColor
DestroyWindow
CreateWindowExA
CharToOemA
OemToCharA
SendMessageA
PeekMessageA
TranslateMessage
DispatchMessageA
GetDlgItem
SetFocus
DialogBoxParamA
SendDlgItemMessageA
EndDialog
wsprintfA
MessageBoxA
GetWindowRect
GetSystemMetrics
SetWindowPos
GetClientRect
GetDC
FillRect
ShowWindow
BeginPaint
PostQuitMessage
EndPaint
LoadCursorA
GetUpdateRect
RegisterClassA
LoadIconA
GetDialogBaseUnits

gdi32

CreateSolidBrush
TextOutA
DeleteObject
SetBkColor
SetTextColor
GetTextExtentPoint32A
DeleteDC
CreateFontA
SelectObject
CreateCompatibleDC
GetDeviceCaps

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteA

msvcrt

strcpy
__p__fmode
__set_app_type
fopen
??3@YAXPAX@Z
fread
fclose
fwrite
_mbsicmp
rename
_mbsrchr
_chdir
_chdrive
_except_handler3
free
malloc
memset
memcpy
strcat
sprintf
memcmp
memchr
_splitpath
strlen
strcmp
strncmp
_mbsnbcpy
_acmdln
_getcwd
_getdrive
getenv
_exit
_XcptFilter
exit
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
_controlfp

kernel32

GetCurrentDirectoryA
FindFirstFileA
FindNextFileA
FindClose
CreateFileA
CloseHandle
DeleteFileA
SetFileTime
SetCurrentDirectoryA
WriteFile
_lopen
_lread
_lcreat
_lclose
CreateDirectoryA
_llseek
_lwrite
RemoveDirectoryA
LocalFileTimeToFileTime
DosDateTimeToFileTime
GetModuleFileNameA
SetFileAttributesA
GetFileAttributesA
GetModuleHandleA
GetStartupInfoA
SetFilePointer
ReadFile

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f29ac3a5e274e3ff269bdf3257df0d20

Headers

File Characteristics

Imports

user32

gdi32

shell32

msvcrt

kernel32

Sections

.text Size: 20KB - Virtual size: 19KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 13KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 20KB - Virtual size: 19KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 13KB

.rsrc
Size: 4KB - Virtual size: 2KB