e15c791e571228096f7f3105e9eae251

Sharing

Copy URL Twitter E-mail

General

Target

e15c791e571228096f7f3105e9eae251
Size

497KB
MD5

e15c791e571228096f7f3105e9eae251
SHA1

4f0f50dcbb01ce71553c8cd00f26a3ea3b1e0982
SHA256

f9a2059daf7cfdfcb2bc534f0de876bf12759e371f388d61f9b52081d53940fe
SHA512

278a74d81057ae5b346ca37e9b2c73efe8005776f8d62f3680529e1e1968780e1bff74381f4a784feaec38e673f707f97e334d4260ac09bde2f46991db101f9b
SSDEEP

12288:wp3xAFCVWR3GXNwZ7Iy6KcQUwixmUqKmFiyWHdV+78V:wpSMVmZKKolmUFgiy8+7a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e15c791e571228096f7f3105e9eae251

Files

e15c791e571228096f7f3105e9eae251
.exe windows:4 windows x86 arch:x86

7315de033c6803762ef1003ad809f6c2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
LoadLibraryExW
HeapCreate
GetACP
GetCommandLineW
GetSystemTimeAsFileTime
VirtualQuery
InterlockedExchange
HeapReAlloc
GetDateFormatA
RtlUnwind
GetProcAddress
IsValidLocale
GetCPInfo
TlsSetValue
EnumResourceLanguagesA
CompareStringW
CreateMailslotW
InitializeCriticalSection
GetLongPathNameA
VirtualFree
GetDiskFreeSpaceExA
ReadConsoleInputA
TlsAlloc
GetVersionExA
IsBadWritePtr
LCMapStringW
WideCharToMultiByte
GetTickCount
GetEnvironmentStrings
EnumDateFormatsExA
GetEnvironmentStringsW
GetTimeFormatA
GetLocaleInfoW
ReadFile
SetFilePointer
GetStartupInfoA
GetCurrentProcess
LeaveCriticalSection
TlsGetValue
GetPrivateProfileStringA
GetStringTypeW
VirtualAlloc
GetCurrentProcessId
CompareStringA
EnumSystemLocalesA
CreateFileMappingA
GetModuleHandleA
GetLastError
GetUserDefaultLCID
lstrcmp
DeleteCriticalSection
FreeEnvironmentStringsA
GetModuleFileNameA
FoldStringW
LoadLibraryA
GetLocaleInfoA
LocalShrink
IsValidCodePage
HeapDestroy
lstrcpy
ExitProcess
GetStdHandle
HeapAlloc
MultiByteToWideChar
GetFileType
GetSystemInfo
GetCurrentThread
HeapSize
QueryPerformanceCounter
SetStdHandle
SetHandleCount
FlushFileBuffers
FreeEnvironmentStringsW
GetTimeZoneInformation
GetModuleFileNameW
SetLastError
GetConsoleTitleW
GetCommandLineA
HeapFree
WritePrivateProfileStringW
GetCurrentThreadId
GetOEMCP
GetStartupInfoW
FindNextFileA
LCMapStringA
EnterCriticalSection
CreateMutexA
GetCurrencyFormatA
TerminateProcess
GetCompressedFileSizeA
SetEnvironmentVariableA
GetStringTypeA
UnhandledExceptionFilter
OpenMutexA
GetShortPathNameA
GetProfileSectionA
TlsFree
WriteFile
VirtualProtect

advapi32

RegQueryValueA
RegSetValueExW
CryptSignHashA
RegEnumValueA
RegQueryInfoKeyA
CryptEnumProviderTypesW
RegEnumValueW
AbortSystemShutdownW
CreateServiceW
RegReplaceKeyW
CryptSetProviderExA
CryptDestroyHash
LookupAccountSidA
CryptSetProviderW
LookupPrivilegeDisplayNameW
RegReplaceKeyA

wininet

FtpCreateDirectoryA
FindFirstUrlCacheContainerW
FtpOpenFileW
FtpSetCurrentDirectoryA
InternetCanonicalizeUrlW
DeleteUrlCacheGroup
UnlockUrlCacheEntryStream
InternetTimeToSystemTime

comctl32

InitCommonControlsEx

shell32

ShellExecuteA
SHGetSpecialFolderLocation
CheckEscapesW

user32

WaitForInputIdle
MenuItemFromPoint
LoadMenuA
ToAscii
RegisterClassA
UnionRect
CloseDesktop
GetWindowDC
LookupIconIdFromDirectoryEx
RegisterClassExA
ExcludeUpdateRgn
GetClipboardOwner
TranslateMDISysAccel
GetKeyNameTextA
MapVirtualKeyW
GetDlgItem
DdeQueryNextServer
BringWindowToTop
IsCharUpperA
GetWindowLongW
CallWindowProcW
GetMenuCheckMarkDimensions
CopyIcon

Sections

.text
Size: 158KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 319KB - Virtual size: 318KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7315de033c6803762ef1003ad809f6c2

Headers

File Characteristics

Imports

kernel32

advapi32

wininet

comctl32

shell32

user32

Sections

.text Size: 158KB - Virtual size: 158KB

.rdata Size: 9KB - Virtual size: 27KB

.data Size: 319KB - Virtual size: 318KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 158KB - Virtual size: 158KB

.rdata
Size: 9KB - Virtual size: 27KB

.data
Size: 319KB - Virtual size: 318KB

.rsrc
Size: 9KB - Virtual size: 9KB