e2105b3892b2fe30793b0a8ba2775adc

Sharing

Copy URL Twitter E-mail

General

Target

e2105b3892b2fe30793b0a8ba2775adc
Size

15KB
MD5

e2105b3892b2fe30793b0a8ba2775adc
SHA1

6d6e84615a67612b25a116c5f2bc19c4e0dd56bb
SHA256

48fe05a43c5f3051e9aec3b2a28c2463449d8ed459a860ff7c8e1ba795a796f1
SHA512

ae301fdabbff103763a77f2507cd1b3afd22680ab8c1c14a93b987b71eaa9e8dbad67f335dc54daab1f86ee1bdd7c29342472831803177c3cedd53e320f3b217
SSDEEP

384:a55Xo8tk4CxUs+rWyrJgEIQ9JNCvZ8YfFzlkY9PJ:eNmxUUyrJtIQ9XCCYpPJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e2105b3892b2fe30793b0a8ba2775adc

Files

e2105b3892b2fe30793b0a8ba2775adc
.exe windows:4 windows x86 arch:x86

162b16d7b815c58b82df8bbf71e49aa0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetDIBits
SetMapMode
GetNearestColor
SelectObject
PatBlt
StretchDIBits
SetDIBColorTable
GetCurrentObject
DeleteObject
GetNearestPaletteIndex
CreateSolidBrush
GetObjectW
SetStretchBltMode
SetDIBitsToDevice
SelectPalette

kernel32

SetUnhandledExceptionFilter
EnterCriticalSection
GlobalDeleteAtom
GlobalAddAtomA
GetCurrentProcess
GetCurrentThreadId
DeleteCriticalSection
TerminateProcess
InterlockedIncrement
LeaveCriticalSection
VirtualAlloc
InitializeCriticalSectionAndSpinCount
GetLastError
GetSystemTimeAsFileTime
GetTickCount
UnhandledExceptionFilter
GetCurrentProcessId
Sleep
lstrlenA
QueryPerformanceCounter

user32

UnionRect

dhcpcsvc

McastEnumerateScopes

ole32

ReleaseStgMedium

ntdll

NtCreateFile

msvcrt

_iob
realloc
_except_handler3
fprintf
longjmp
sscanf
_initterm
_adjust_fdiv
_purecall
getenv
__CxxFrameHandler
exit
free
malloc
_snprintf
_setjmp3

Sections

.textbss
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 452B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

162b16d7b815c58b82df8bbf71e49aa0

Headers

File Characteristics

Imports

gdi32

kernel32

user32

dhcpcsvc

ole32

ntdll

msvcrt

Sections

.textbss Size: - Virtual size: 1.3MB

.text Size: 512B - Virtual size: 452B

.rdata Size: 512B - Virtual size: 32B

.idata Size: 44KB - Virtual size: 44KB

.data Size: 512B - Virtual size: 448B

.textbss
Size: - Virtual size: 1.3MB

.text
Size: 512B - Virtual size: 452B

.rdata
Size: 512B - Virtual size: 32B

.idata
Size: 44KB - Virtual size: 44KB

.data
Size: 512B - Virtual size: 448B