e14bebd397c79b4f87932582bfb943be

Sharing

Copy URL Twitter E-mail

General

Target

e14bebd397c79b4f87932582bfb943be
Size

536KB
MD5

e14bebd397c79b4f87932582bfb943be
SHA1

b483a30eb0dfb04157267110f61f81ad86c5557b
SHA256

e4e16f13d2146380cd83260b5a51a963b1bd5c2b4644a153ec80e8ac832b76a3
SHA512

086350a8ea59d8e0821d25967501d63491dad12aa91840be4b99c1de311ce8abe01d29d299fe5833faae889e936c83213d8f720a7fdaa90ee033b61479407289
SSDEEP

12288:iRwvkbivE4Q1SGiNYq3tirLew/RdJoGbv/+GdDEGXuoKBsUM:cwMGTGijIJ/R4GrmGdD70BsU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e14bebd397c79b4f87932582bfb943be

Files

e14bebd397c79b4f87932582bfb943be
.exe windows:4 windows x86 arch:x86

31b42640394259f0630b68f76105c9a1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDC
CallWindowProcA
GetWindowLongA
ShowWindow
IsWindow
GetWindowRect
GetSysColor
EnableWindow
SystemParametersInfoA
SendMessageA
GetDlgItem
SetCursor
RegisterClassA

kernel32

MultiByteToWideChar
GetStartupInfoA
ExitProcess
HeapFree
LCMapStringW
SetHandleCount
GetSystemInfo
lstrlenA
GetFileAttributesA
HeapDestroy
QueryPerformanceCounter
IsDebuggerPresent
InterlockedIncrement
WriteConsoleW
LocalAlloc
VirtualAlloc
FindResourceA
GetCurrentThreadId
GetFileType
Sleep
InterlockedDecrement
VirtualQuery
SetLastError
LoadResource
GetProcAddress
GetVersion
WriteConsoleA
LCMapStringA
GetModuleFileNameA
LocalFree
FindNextFileW
GetModuleHandleW
HeapReAlloc
GetSystemTimeAsFileTime
CloseHandle
WriteFile
GetCurrentProcessId
ReadFile
DeleteFileW
SetFilePointer
MapViewOfFile
GetModuleHandleA
GetModuleFileNameW
WaitForMultipleObjects
GetCommandLineA
FreeEnvironmentStringsW
HeapSize
GetTickCount
UnhandledExceptionFilter
DeleteFileA
FindClose
GetFileSize
GetLocaleInfoA
GetConsoleMode
GetCurrentProcess
DeleteCriticalSection
RemoveDirectoryA
LoadLibraryA
GetEnvironmentStringsW
GetVersionExA
TlsAlloc

version

GetFileVersionInfoSizeA
VerQueryValueA

msvcrt

__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_strcmpi
_acmdln
exit
_XcptFilter
_exit

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 502KB - Virtual size: 501KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

31b42640394259f0630b68f76105c9a1

Headers

File Characteristics

Imports

user32

kernel32

version

msvcrt

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 21KB - Virtual size: 20KB

.data Size: 502KB - Virtual size: 501KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 21KB - Virtual size: 20KB

.data
Size: 502KB - Virtual size: 501KB

.rsrc
Size: 4KB - Virtual size: 4KB