e219c1e1a6bc2059cd7a9604abcf2709

Sharing

Copy URL Twitter E-mail

General

Target

e219c1e1a6bc2059cd7a9604abcf2709
Size

90KB
MD5

e219c1e1a6bc2059cd7a9604abcf2709
SHA1

41221aa462ec16391e1c71fb3b5950ee7ce1cebb
SHA256

e9fa813ea0cf70bbacdaac26ee7ef97d56ea33e019daff1da4d7b0b9c0597dea
SHA512

efd219efd7bd0c4930f1baadeafaf4f3ff2eba983af9c4d4cf4c20627a7f5ef73a11a6a128c2ed31310b1a6bb1b009c6e87927e23122458328bc1d93ead236f6
SSDEEP

1536:tvD4pksN1maouGiTSEVBvJbQoVfhGudlJrT5JC+Dmg1lqG:t8pk3aouv+Qf75JTq8lqG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e219c1e1a6bc2059cd7a9604abcf2709

Files

e219c1e1a6bc2059cd7a9604abcf2709
.dll windows:4 windows x86 arch:x86

f078ade4da6970b986371c27777f4efb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleW
InterlockedCompareExchange
Sleep
InterlockedExchange
InterlockedIncrement
LocalFree
InterlockedDecrement
LoadLibraryW
CreateFileW
CloseHandle
GetFileAttributesW
CreateMutexW
CreateThread
LocalAlloc
GetSystemDefaultLangID
GetOEMCP
FreeResource
WriteFile
SizeofResource
LoadResource
FindResourceW
GetModuleFileNameW
MoveFileA
GetVersionExA
GetComputerNameA
CreateFileA
FormatMessageA
MultiByteToWideChar
FindResourceA
lstrcmpiA
GetCurrentProcess
GlobalFree
lstrlenW
WideCharToMultiByte
lstrlenA
GlobalAlloc
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
HeapSize
HeapReAlloc
VirtualAlloc
GetCPInfo
GetACP
GetSystemInfo
HeapAlloc
GetEnvironmentStringsW
GetLastError
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetModuleFileNameA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetModuleHandleA
ExitProcess
VirtualQuery
RtlUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetProcAddress
LoadLibraryA
FreeLibrary
DisableThreadLibraryCalls
GetCommandLineA
lstrcpyA
VirtualProtect

user32

GetWindowLongW
GetClientRect
SetDlgItemTextW
GetClassNameA
LoadBitmapA
RemovePropW
RemovePropA
CharUpperW
SendMessageA
LoadMenuA
MessageBoxA
MessageBoxW
PostMessageA
DefWindowProcA
CharUpperA
GetSystemMetrics
EndDialog
LoadStringW
SendDlgItemMessageW
GetKeyboardLayout
LoadStringA
SetWindowLongW
SendMessageW
LoadImageW
LoadIconW
DialogBoxParamW
DestroyIcon
GetDlgItem
EnableWindow
PostMessageW

advapi32

RegQueryValueExA
RegCloseKey
GetUserNameA
RegOpenKeyExA

gdi32

StartDocA
CreateFontA
GetObjectA

ole32

CoUninitialize
CoInitialize

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f078ade4da6970b986371c27777f4efb

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

ole32

Sections

.text Size: 40KB - Virtual size: 40KB

.rdata Size: 40KB - Virtual size: 39KB

.data Size: 4KB - Virtual size: 36KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 40KB - Virtual size: 40KB

.rdata
Size: 40KB - Virtual size: 39KB

.data
Size: 4KB - Virtual size: 36KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 3KB