e0e8851cd007d0e9d652f8db40c8ed0f

Sharing

Copy URL Twitter E-mail

General

Target

e0e8851cd007d0e9d652f8db40c8ed0f
Size

505KB
MD5

e0e8851cd007d0e9d652f8db40c8ed0f
SHA1

e12b9a235182721f7f5b0dc12591de186b73163c
SHA256

790452d9d282d1d02378644f1cda005eb0cc333cb9476ff02f1e2effbb62eae9
SHA512

e893745de77c5734746ac0e41b0a0d892b47cc9228cd1de4bbbf0f33d388405f04988f69c4cf0ee7e23e467ec35e3c0b378a334a8a761a27948977dd10f1438f
SSDEEP

12288:yhsd2daSZMjdYlEg0uQVZKj9Pf5OwCKdc2Ehb/BcK:yC2da8MjdYD018VMecfyK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e0e8851cd007d0e9d652f8db40c8ed0f

Files

e0e8851cd007d0e9d652f8db40c8ed0f
.exe windows:4 windows x86 arch:x86

969cd09875addc29b3f173ae9a644d2b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsFree
GetFileType
GetStringTypeA
GetTimeZoneInformation
LeaveCriticalSection
GetStdHandle
FindResourceW
SetUnhandledExceptionFilter
GetCurrentProcessId
HeapDestroy
GetEnvironmentStringsW
VirtualAlloc
TlsSetValue
GetACP
GetProcAddress
InterlockedIncrement
GetSystemTimeAsFileTime
GetConsoleCP
GetVersionExA
GetOEMCP
WritePrivateProfileSectionW
UnhandledExceptionFilter
GetLocaleInfoA
HeapSize
CompareStringW
CloseHandle
FreeLibrary
ExitProcess
VirtualQuery
IsValidLocale
TlsAlloc
WriteConsoleA
HeapFree
FreeEnvironmentStringsW
EnumSystemLocalesA
GetModuleHandleA
WriteConsoleW
SetLastError
GetUserDefaultLCID
GetDateFormatA
LCMapStringA
VirtualFree
GetCPInfo
WideCharToMultiByte
QueryPerformanceCounter
GetTickCount
GetConsoleMode
DeleteCriticalSection
GetTimeFormatA
GetCurrentThreadId
OpenWaitableTimerA
SetEnvironmentVariableA
HeapAlloc
TerminateProcess
GetEnvironmentStrings
GetStartupInfoA
SetStdHandle
LCMapStringW
FlushFileBuffers
IsValidCodePage
TlsGetValue
CreateMutexA
SetHandleCount
CreateFileA
GetProcAddress
GetLocaleInfoW
IsDebuggerPresent
GetConsoleOutputCP
GlobalCompact
InterlockedDecrement
DeleteAtom
SetFilePointer
InitializeCriticalSection
GetProcessHeap
HeapCreate
GetLastError
ReadFile
GetModuleFileNameA
MultiByteToWideChar
GetStringTypeW
OpenMutexA
Sleep
EnterCriticalSection
GetCurrentProcess
FreeEnvironmentStringsA
SetConsoleCtrlHandler
GetCurrentThread
CreateDirectoryW
CompareStringA
InterlockedExchange
GetCommandLineA
RtlUnwind
LoadLibraryA
HeapReAlloc
WriteFile

user32

ChangeDisplaySettingsExA
WinHelpA
SetWindowTextA
GetTabbedTextExtentA
RegisterClassExA
PtInRect
ChangeDisplaySettingsW
GetUserObjectInformationA
TranslateAcceleratorA
SetWinEventHook
GetMenuDefaultItem
FindWindowExW
EnumDisplaySettingsExW
BringWindowToTop
RegisterClassA
CloseWindow
DefFrameProcW

comctl32

InitCommonControlsEx

comdlg32

FindTextW
GetOpenFileNameW
GetSaveFileNameW
LoadAlterBitmap

Sections

.text
Size: 171KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 315KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

969cd09875addc29b3f173ae9a644d2b

Headers

File Characteristics

Imports

kernel32

user32

comctl32

comdlg32

Sections

.text Size: 171KB - Virtual size: 171KB

.rdata Size: 9KB - Virtual size: 24KB

.data Size: 315KB - Virtual size: 315KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 171KB - Virtual size: 171KB

.rdata
Size: 9KB - Virtual size: 24KB

.data
Size: 315KB - Virtual size: 315KB

.rsrc
Size: 8KB - Virtual size: 7KB