e143bcd985b61541bd59b1c4f7c7230e

Sharing

Copy URL Twitter E-mail

General

Target

e143bcd985b61541bd59b1c4f7c7230e
Size

296KB
MD5

e143bcd985b61541bd59b1c4f7c7230e
SHA1

622df170236a04fe990628fbbd7aa9b767bda15e
SHA256

54a23c053dc5388121375ec8792ddee67ff65a196f3e1f196903e7a41850d46c
SHA512

423bc6cc69eaf932fcb7c9d84ee2dadf30c7816116ad15ad2ca751d17cd90245cbd169a8633a27f8989262d69db31ea4e356b5952d87a0752ab00a397fc21033
SSDEEP

6144:xy2Blvfu8eoqd5odzw99Q/9PVsB9YXFbZ9ol3cH/3tGk:walvfu5jd58zwXQFP6B9xcf3Yk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e143bcd985b61541bd59b1c4f7c7230e

Files

e143bcd985b61541bd59b1c4f7c7230e
.exe windows:4 windows x86 arch:x86

d76ab8e23a82d901f27bbf055b3da2b3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\idihobyx\icygomasah\Xisibutow\Vysyzabys\Cyqelafy.pdb

Imports

user32

GetMessagePos
UpdateWindow
GetClassNameA
GetDC
GetAsyncKeyState
EnumChildWindows
SetWindowPos
GetWindowTextA
FindWindowA
SetClipboardData
DestroyWindow
SendMessageA
IsClipboardFormatAvailable
SendDlgItemMessageA
CheckRadioButton
SetForegroundWindow
GetMessageA
CloseClipboard
EndDialog
OffsetRect
LoadIconA
MapDialogRect
BeginDeferWindowPos
DeferWindowPos
CreateMenu
UnregisterHotKey
GetPropA
TranslateMessage
RegisterWindowMessageA

setupapi

SetupGetFileCompressionInfoA
SetupGetInfFileListA
SetupScanFileQueueA
SetupInstallFilesFromInfSectionA
SetupOpenAppendInfFileA
SetupOpenFileQueue
SetupGetSourceFileLocationA
SetupGetSourceFileSizeA
SetupCloseFileQueue
SetupCloseInfFile
SetupCommitFileQueueA
SetupDecompressOrCopyFileA
SetupRemoveFileLogEntryA
SetupOpenLog
SetupCloseLog
SetupInitializeFileLogA
SetupQueryFileLogA

kernel32

LeaveCriticalSection
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetLocaleInfoW
GetTimeZoneInformation
GetSystemInfo
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
HeapSize
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
IsBadWritePtr
HeapReAlloc
VirtualAlloc
GetCPInfo
GetOEMCP
GetACP
LoadLibraryA
VirtualQuery
InterlockedExchange
RtlUnwind
FatalAppExitA
HeapAlloc
InitializeCriticalSection
HeapFree
VirtualFree
HeapCreate
HeapDestroy
TlsGetValue
TlsSetValue
TlsFree
GetCurrentThread
GetCurrentThreadId
SetLastError
TlsAlloc
IsProcessorFeaturePresent
VirtualProtect
GetWindowsDirectoryA
GetLastError
CloseHandle
GetFileType
CreateFileA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersionExA
SetHandleCount
GetStdHandle
DeleteCriticalSection
SetStdHandle
EnterCriticalSection
SetEndOfFile
ReadFile
SetFilePointer
ExitProcess
GetProcAddress
TerminateProcess
GetCurrentProcess
WriteFile
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW

Sections

.text
Size: 84KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d76ab8e23a82d901f27bbf055b3da2b3

Headers

File Characteristics

PDB Paths

Imports

user32

setupapi

kernel32

Sections

.text Size: 84KB - Virtual size: 82KB

.rdata Size: 92KB - Virtual size: 90KB

.data Size: 116KB - Virtual size: 169KB

.text
Size: 84KB - Virtual size: 82KB

.rdata
Size: 92KB - Virtual size: 90KB

.data
Size: 116KB - Virtual size: 169KB