e119d045928ff5d2ecddfebf02d3dd4b

Sharing

Copy URL Twitter E-mail

General

Target

e119d045928ff5d2ecddfebf02d3dd4b
Size

168KB
MD5

e119d045928ff5d2ecddfebf02d3dd4b
SHA1

1022dfb8d4b10b6ed0a1f237c931fde5ed29b926
SHA256

0b38cf123b5b9740d08c4e92ba6ea8dd71c38403f5ce83b75e4628881f7093d2
SHA512

866b2ca2962679b328ada908a46d2d2d390ad6e480c1cea009357d786c759d6793eac01a9fac96cf8fccfd0ead5d507904af1fd23a428aa8105ceaabd911cacb
SSDEEP

3072:nhmnUQYprumjJT9H5DSHP+FJRVO8wChZxin8jGcUcuh:4nU9r1l55DSv0RALChbin8jGc+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e119d045928ff5d2ecddfebf02d3dd4b

Files

e119d045928ff5d2ecddfebf02d3dd4b
.dll windows:4 windows x86 arch:x86

1536b95425f91732396c6dea2ab05d99

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
CloseHandle
CreateThread
LeaveCriticalSection
VirtualAlloc
lstrcpyA
SetEvent
CancelIo
Sleep
lstrlenA
lstrcatA
FreeLibrary
DeleteFileA
GetLastError
RemoveDirectoryA
LocalFree
GetFileSize
ReadFile
LocalAlloc
SetFilePointer
WriteFile
MoveFileA
GetVersionExA
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
TerminateThread
InterlockedExchange
ExitProcess
GetTempPathA
GetTickCount
HeapAlloc
GetProcessHeap
DeviceIoControl
GetModuleFileNameA
WaitForSingleObject
RaiseException

msvcrt

ceil
_ftol
strlen
strstr
memcmp
_CxxThrowException
strchr
malloc
strcpy
strcmp
free
_except_handler3
strrchr
strcat
memmove
strncmp
strncpy
_errno
_snprintf
_mbsstr
_mbsupr
fclose
fprintf
fopen
strncat
realloc
_beginthreadex
calloc
??1type_info@@UAE@XZ
__CxxFrameHandler
memcpy
memset
atoi
??2@YAPAXI@Z
_strnset
??3@YAXPAX@Z
_strnicmp

msvcp60

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

msvfw32

ICSendMessage

Exports

Exports

Install
lch
main
xjm

Sections

.text
Size: 112KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1536b95425f91732396c6dea2ab05d99

Headers

File Characteristics

Imports

kernel32

msvcrt

msvcp60

msvfw32

Exports

Exports

Sections

.text Size: 112KB - Virtual size: 110KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 20KB - Virtual size: 25KB

.CRT Size: 4KB - Virtual size: 4B

.rsrc Size: 4KB - Virtual size: 856B

.reloc Size: 12KB - Virtual size: 8KB

.text
Size: 112KB - Virtual size: 110KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 20KB - Virtual size: 25KB

.CRT
Size: 4KB - Virtual size: 4B

.rsrc
Size: 4KB - Virtual size: 856B

.reloc
Size: 12KB - Virtual size: 8KB