e0be5c149aac260de695638fc1190f18

Sharing

Copy URL

Twitter E-mail

General

Target

e0be5c149aac260de695638fc1190f18
Size

521KB
MD5

e0be5c149aac260de695638fc1190f18
SHA1

9d896c47a4d3959e1bbdb405ae0689ad7f85bcd8
SHA256

b495977c85b5d1655f739020b1f6ec4b8e3bdb6d60f42d93c1ea0649dc1ecd00
SHA512

20c5f443fe5fdc5cfb588d2b32f3eb11085200227c1b00340d3148e41618b8fd252043164b64e5abd999a7bf63445df05374a14bc63aaf98bd52eaf4525e6370
SSDEEP

12288:m187/PVKvwd/Fm5N5suqfrzRdLXQv6DXDax26l0er1:m18xcqmX5srrFFXG6DX+x26ue

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e0be5c149aac260de695638fc1190f18

Files

e0be5c149aac260de695638fc1190f18
.exe windows:4 windows x86 arch:x86

1a858200f57598941cdad5fef2cbd6f7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

user32

EnableWindow
LoadIconA
InvertRect
ReleaseDC
ShowOwnedPopups
InsertMenuA
CharPrevW
SetKeyboardState
WaitMessage
RemoveMenu
RegisterClassExA
EnumDisplayDevicesW
DestroyMenu
OpenClipboard
RealChildWindowFromPoint
DrawTextExW
RegisterClassA
GetPriorityClipboardFormat
PackDDElParam
SetScrollInfo
GetMenuItemInfoA

advapi32

CryptEnumProvidersW
InitiateSystemShutdownW
RegSaveKeyW
RegFlushKey
RegCreateKeyA
CryptReleaseContext
CryptVerifySignatureW
CryptExportKey

comdlg32

GetFileTitleA
PrintDlgW

shell32

DragQueryFileAorW
FindExecutableA
DoEnvironmentSubstW

kernel32

SetConsoleWindowInfo
GetACP
TerminateProcess
Sleep
FreeEnvironmentStringsW
GetCurrentThreadId
CompareStringW
IsDebuggerPresent
GetLocaleInfoW
WritePrivateProfileStringW
TlsSetValue
GetModuleFileNameA
VirtualFree
GetCPInfo
RtlUnwind
WriteConsoleW
GetLastError
GetStringTypeA
EnterCriticalSection
VirtualAlloc
TlsGetValue
GetCurrentProcessId
CreateFileA
SetConsoleCtrlHandler
WriteFile
InterlockedExchange
LeaveCriticalSection
GetCommandLineA
GetUserDefaultLangID
GetTickCount
LoadLibraryA
InterlockedDecrement
SetStdHandle
GetTimeFormatA
SetHandleCount
GetConsoleCP
GetOEMCP
ExitProcess
GetStartupInfoW
GetStdHandle
VirtualQuery
MultiByteToWideChar
TlsAlloc
GetSystemTimeAsFileTime
WriteFileEx
FreeLibrary
GetNamedPipeHandleStateW
GetEnvironmentStrings
HeapAlloc
GetStringTypeW
OpenMutexA
lstrcmp
UnhandledExceptionFilter
LCMapStringW
GetUserDefaultLCID
GetTimeZoneInformation
lstrcat
CompareStringA
WideCharToMultiByte
GetModuleHandleA
SetLastError
GetCommandLineW
GetCurrentProcess
SetEnvironmentVariableA
IsValidCodePage
GetModuleHandleW
GetFileType
EnumSystemLocalesA
GetConsoleOutputCP
ReadFile
SetFilePointer
CloseHandle
LCMapStringA
QueryPerformanceCounter
DeleteCriticalSection
HeapDestroy
InterlockedIncrement
IsValidLocale
GetModuleFileNameW
HeapCreate
GetLocaleInfoA
GetStartupInfoA
GetProcAddress
HeapFree
LockFileEx
InitializeCriticalSectionAndSpinCount
CreateMutexA
GetDateFormatA
SetUnhandledExceptionFilter
GetEnvironmentStringsW
GetSystemDirectoryA
GetConsoleMode
HeapReAlloc
HeapSize
GetCurrentThread
FlushFileBuffers
WriteConsoleA
EnumResourceTypesA
TlsFree

Sections

.text
Size: 181KB - Virtual size: 181KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 315KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1a858200f57598941cdad5fef2cbd6f7

Headers

File Characteristics

Imports

comctl32

user32

advapi32

comdlg32

shell32

kernel32

Sections

.text Size: 181KB - Virtual size: 181KB

.rdata Size: 10KB - Virtual size: 30KB

.data Size: 315KB - Virtual size: 315KB

.rsrc Size: 13KB - Virtual size: 13KB

.text
Size: 181KB - Virtual size: 181KB

.rdata
Size: 10KB - Virtual size: 30KB

.data
Size: 315KB - Virtual size: 315KB

.rsrc
Size: 13KB - Virtual size: 13KB