e1b170925f168e0ee792954dee10d96f

Sharing

Copy URL

Twitter E-mail

General

Target

e1b170925f168e0ee792954dee10d96f
Size

169KB
MD5

e1b170925f168e0ee792954dee10d96f
SHA1

b19a417561bdf871fe3fd6ce1d4b720da8dd13df
SHA256

e071d6ef20ea5e8023176f5de5b7ec8a7e61f31e19bbc74af0709ef0e992d62f
SHA512

62b32586cf5ce599d73030b5f1a8a007b93a42e5c652c162f75dc5a9d006216b9c0f73b4c0c6a9bf460cbb43774bf11f23e6b50b266a340a1fa63db1754f542e
SSDEEP

3072:SszgiDeUQQmTpVe74osXvrZUCcosErTKSaYh+HzaeoFo9x0W4K/Y:dleUnaHeEoMvZTrDhizZBDlY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e1b170925f168e0ee792954dee10d96f

Files

e1b170925f168e0ee792954dee10d96f
.exe windows:4 windows x86 arch:x86

b0d4e2973661c12eed017de9a30790b7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHEmptyRecycleBinW
SHGetDiskFreeSpaceExA
ord180

gdi32

EqualRgn
SelectPalette
SetMapMode
SetColorAdjustment
SetMiterLimit
CreatePen
GetViewportExtEx
LineTo
SetDIBitsToDevice
CombineTransform
GetPaletteEntries
GetCharWidth32A
EnumFontsA
CreateRectRgnIndirect
PolyBezier
CreateRoundRectRgn
FrameRgn
PathToRegion
AddFontResourceA
RealizePalette
CreatePenIndirect
StretchBlt
DPtoLP
GetPath
GetCurrentPositionEx
GetGraphicsMode
UnrealizeObject
CreatePolygonRgn
SetPaletteEntries
GetCharABCWidthsA
GetMapMode

comctl32

ord5
ord6
ord2

kernel32

GetModuleFileNameA
GetProcAddress
FlushFileBuffers
Sleep
GetModuleHandleA
LoadLibraryA
GetStartupInfoA

user32

SendMessageA
AnyPopup
GetCaretPos
BringWindowToTop
IsRectEmpty
MessageBoxA
SubtractRect
IsZoomed
UnionRect
ChildWindowFromPoint
CreateDialogIndirectParamA
EndDeferWindowPos
IntersectRect
MessageBoxIndirectA
DefDlgProcA
EqualRect
MapDialogRect
MessageBoxExW
ClientToScreen
IsIconic

msvcrt

_exit
_XcptFilter
_cexit
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
_except_handler3
_c_exit

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 116B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.udata
Size: - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b0d4e2973661c12eed017de9a30790b7

Headers

File Characteristics

Imports

shell32

gdi32

comctl32

kernel32

user32

msvcrt

Sections

.text Size: 7KB - Virtual size: 7KB

.data Size: 512B - Virtual size: 116B

.udata Size: - Virtual size: 48KB

.rdata Size: 96KB - Virtual size: 96KB

.reloc Size: 512B - Virtual size: 348B

.text
Size: 7KB - Virtual size: 7KB

.data
Size: 512B - Virtual size: 116B

.udata
Size: - Virtual size: 48KB

.rdata
Size: 96KB - Virtual size: 96KB

.reloc
Size: 512B - Virtual size: 348B