e0f1e3275c31350487e2c1ee2d7d22a4

Sharing

Copy URL Twitter E-mail

General

Target

e0f1e3275c31350487e2c1ee2d7d22a4
Size

682KB
MD5

e0f1e3275c31350487e2c1ee2d7d22a4
SHA1

a67cfa73bdb86a8cc0526f7f2a0d35180185b9f4
SHA256

c1c3c4a0f83d86e4060f6b26b8968dae3d6ece7223638e3fd8b6d2886ddc5c06
SHA512

f0d376168b808e6535c72234ed3260c9a754d8a4c3588bf7d6965dfa6b5b0332c154a0977416809d3f44765a7d0cfa5d289306c6f3ed431829683fc6e8b6a18b
SSDEEP

12288:PQzL3bUkelWaM85lTjgaKlUi0wFpkdA2VT4UDLsEhHY:PQHwkelxM8TTjga6Ui0wF2hZ4fEhHY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e0f1e3275c31350487e2c1ee2d7d22a4

Files

e0f1e3275c31350487e2c1ee2d7d22a4
.exe windows:5 windows x86 arch:x86

93f40a41560a463495ff2439af9b4756

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ddraw

DirectDrawCreate

winmm

waveOutReset
waveOutGetVolume
waveOutWrite
waveOutPrepareHeader
waveOutOpen
joyGetPosEx
joyGetDevCapsA
joyGetNumDevs
waveOutSetVolume
waveOutUnprepareHeader
waveOutClose
waveOutRestart
waveOutGetPosition
waveOutPause
midiOutGetNumDevs
midiOutGetDevCapsA
midiInGetNumDevs
midiInGetDevCapsA
midiInOpen
midiInStart
midiOutOpen
midiOutShortMsg
midiOutGetVolume
midiOutSetVolume
midiInStop
midiInReset
midiInClose
midiOutReset
midiOutClose
timeGetTime

dsound

ord1
ord2

kernel32

GetLocaleInfoA
RaiseException
GetTempPathA
DeleteCriticalSection
GetModuleFileNameA
OutputDebugStringA
Sleep
GetCommandLineA
InitializeCriticalSection
GetVersion
DuplicateHandle
GetCurrentProcess
GetCurrentThread
GetModuleHandleA
GetLogicalDrives
CloseHandle
LeaveCriticalSection
SetEvent
EnterCriticalSection
CreateEventA
MultiByteToWideChar
WaitForSingleObject
QueryPerformanceCounter
SetThreadPriority
QueryPerformanceFrequency
GetProcAddress
GetThreadPriority
ResetEvent
WaitForMultipleObjects
FreeLibrary
LoadLibraryA
GetVersionExA
PulseEvent
HeapAlloc
GetLastError
HeapReAlloc
HeapFree
GetStartupInfoA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
FindFirstFileW
GetDriveTypeA
FindFirstFileA
FindNextFileW
FindNextFileA
GetCurrentDirectoryA
GetFullPathNameW
GetFullPathNameA
GetFileType
CreateFileW
DeleteFileW
ExitThread
ResumeThread
CreateThread
MoveFileA
TerminateProcess
IsDebuggerPresent
VirtualFree
VirtualAlloc
HeapCreate
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapSize
GetFileAttributesA
WideCharToMultiByte
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetTickCount
GetCurrentProcessId
GetConsoleCP
GetConsoleMode
FlushFileBuffers
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
CreateFileA
SetStdHandle
SetFilePointer
SetEndOfFile
GetProcessHeap
ReadFile
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount
GetExitCodeProcess
CreateProcessA
CompareStringA
CompareStringW
SetEnvironmentVariableA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
DeleteFileA

user32

DestroyIcon
CreateIconIndirect
InvalidateRect
SystemParametersInfoA
AdjustWindowRect
MoveWindow
GetClientRect
SetWindowTextA
RedrawWindow
SetClassLongA
EnableMenuItem
GetSystemMenu
GetClassLongA
MessageBoxW
GetWindowRect
ShowWindow
SetWindowPos
ReleaseDC
GetDC
LoadCursorA
PostMessageA
SetCursor
GetCursorPos
SetCursorPos
GetSystemMetrics
GetAsyncKeyState
ToAscii
GetKeyboardState
MapVirtualKeyA
GetKeyNameTextA
MessageBoxA
GetWindowLongA
GetForegroundWindow
SendMessageA
CallWindowProcA
KillTimer
EndPaint
BeginPaint
IsIconic
GetActiveWindow
SetTimer
PostQuitMessage
DefWindowProcA
DestroyWindow
UpdateWindow
SetForegroundWindow
CreateWindowExA
RegisterClassA
LoadIconA
DispatchMessageA
GetMessageA
PeekMessageA
MsgWaitForMultipleObjects
ClientToScreen
SetWindowLongA
RegisterWindowMessageA

gdi32

SetPixel
SetPaletteEntries
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
DeleteDC
StretchDIBits
SelectPalette
RealizePalette
CreateBitmap
CreatePalette
BitBlt
CreateSolidBrush
DeleteObject
GetDeviceCaps
GetSystemPaletteEntries

ole32

CoUninitialize
CoInitialize
CoCreateInstance

Sections

.text
Size: 554KB - Virtual size: 554KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 287KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

93f40a41560a463495ff2439af9b4756

Headers

DLL Characteristics

File Characteristics

Imports

ddraw

winmm

dsound

kernel32

user32

gdi32

ole32

Sections

.text Size: 554KB - Virtual size: 554KB

.rdata Size: 49KB - Virtual size: 49KB

.data Size: 39KB - Virtual size: 287KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 37KB - Virtual size: 37KB

.text
Size: 554KB - Virtual size: 554KB

.rdata
Size: 49KB - Virtual size: 49KB

.data
Size: 39KB - Virtual size: 287KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 37KB - Virtual size: 37KB