e1262c43ad638d36bcde0239dc312d25

Sharing

Copy URL

Twitter E-mail

General

Target

e1262c43ad638d36bcde0239dc312d25
Size

44KB
MD5

e1262c43ad638d36bcde0239dc312d25
SHA1

4f7d321c4c599f1da075f8f64fc0b96873f31582
SHA256

c1b9fae9f3ecf14fc7ec07494e43a625c6c91889ff6a5c444472641cdcbacbc4
SHA512

8d7f6363e8ce6dd5437be0d4e9a3d470ecdc92a81224f70e327333c6bd79a652a110f4d45f87d8fd4241ab1e546d01b0ebd91aa317d7f3f5f4823cfa492a1ce1
SSDEEP

768:2qWmFMA7Enyg0IbNGYN9lTncQuQtj5mdNtX5WDU50HKLAxLLOacP2r:2qWmFTlg0IhGYN9lzB+dNtpWIAxLqaS2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e1262c43ad638d36bcde0239dc312d25

Files

e1262c43ad638d36bcde0239dc312d25
.exe windows:4 windows x86 arch:x86

2f0953aeb06c5b7fe0652068b2e1e5d5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetArcDirection
GetROP2
GetPixel
PtVisible
OffsetWindowOrgEx
GetBrushOrgEx
ResetDCA
GetCharWidth32A
DescribePixelFormat
LPtoDP
GdiGetBatchLimit
GetRasterizerCaps
SetROP2
SetICMProfileW
CancelDC
GetTextCharsetInfo
SetLayout
StartDocA
GetGlyphOutlineW
PathToRegion
FloodFill

msvcrt

_wcsnicoll
fprintf
_ismbcpunct
tolower
_cexit
toupper
cos
_open
_stat
iswalpha
_wpopen
_ismbbkalnum
strcmp
iswdigit
_amsg_exit
_mbsncoll
_ismbbtrail
atoi
_mbsrev
_wexeclp
strerror
_CItan
ceil
_chdir
fgetwc
_setjmp3
_ismbstrail
_strerror
towlower
towupper
sin
iswspace
_wpgmptr
_fputchar
_pctype
div
__lconv_init
gets
strxfrm
_ftime
_hypot
setlocale
_write
tanh
_wstrtime
_umask

advapi32

SetEntriesInAuditListW
RegLoadKeyA
SetNamedSecurityInfoA
TrusteeAccessToObjectW
GetSecurityDescriptorGroup
ControlService
RegFlushKey
EqualPrefixSid
CreatePrivateObjectSecurity
GetOldestEventLogRecord
SetNamedSecurityInfoW

kernel32

OpenSemaphoreA
GetCurrentThread
CreateDirectoryExW
InterlockedCompareExchange
GetModuleHandleW
GetCommandLineA
lstrcpyW
ReleaseMutex
AreFileApisANSI
EnumResourceTypesA
EndUpdateResourceW
PurgeComm
EnumSystemCodePagesW
GetCurrentProcess
VirtualQuery
LocalCompact
RtlMoveMemory
CancelWaitableTimer
GetEnvironmentStringsA
GlobalLock
CreateToolhelp32Snapshot
SuspendThread
GetPrivateProfileSectionW
Heap32First
GetFileAttributesExA
Sleep
SetErrorMode
CreateThread
GetFileTime
GetCurrentThreadId
GlobalDeleteAtom
GlobalAlloc
CreateFileW
ExitProcess
GetStartupInfoW
GetCurrentProcessId
GetAtomNameW
VirtualAlloc
GetCommandLineW
EnumResourceTypesW
lstrcmpiA
GetDefaultCommConfigW
_lcreat
VirtualFree
GetLocaleInfoA
GetLastError

user32

GetMessageExtraInfo
GetDialogBaseUnits
CloseWindow
RemovePropW
LoadCursorW
DdeCreateStringHandleA
GetWindowTextLengthW
AttachThreadInput
GetClipboardOwner
WINNLSEnableIME
GetGuiResources
CharLowerA
DestroyWindow
SetScrollInfo
FlashWindow
CreateAcceleratorTableW
MessageBoxA
GetListBoxInfo
CheckMenuRadioItem
IsChild
mouse_event
EnumDisplaySettingsA
GetInputState
CopyRect
GetWindowRgn
IMPSetIMEW
SwapMouseButton
MessageBoxIndirectA
DestroyAcceleratorTable
DdeQueryStringA
ScrollWindow
GetDlgItemTextW
SetCapture
IsMenu
EnumWindows
OemToCharBuffW
GetClipboardFormatNameW
wvsprintfA
SetProcessDefaultLayout
GetDlgCtrlID
LoadAcceleratorsW
IsWindow
UnionRect
GetClassInfoW
MsgWaitForMultipleObjectsEx
GetClassInfoExW
OpenClipboard
GetWindowDC
LoadStringW
KillTimer

Sections

.text
Size: 10KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 10KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2f0953aeb06c5b7fe0652068b2e1e5d5

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

msvcrt

advapi32

kernel32

user32

Sections

.text Size: 10KB - Virtual size: 11KB

.data Size: 11KB - Virtual size: 19KB

.rdata Size: 10KB - Virtual size: 41KB

.idata Size: 10KB - Virtual size: 18KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 10KB - Virtual size: 11KB

.data
Size: 11KB - Virtual size: 19KB

.rdata
Size: 10KB - Virtual size: 41KB

.idata
Size: 10KB - Virtual size: 18KB

.rsrc
Size: 2KB - Virtual size: 2KB