e22e76ddaf0234de9338723651be93d5

Sharing

Copy URL Twitter E-mail

General

Target

e22e76ddaf0234de9338723651be93d5
Size

61KB
MD5

e22e76ddaf0234de9338723651be93d5
SHA1

10eb45ab59238e839efa32d041711736718925fd
SHA256

e2c4efbc1e9715b09db72f8c24fd03b2adb7efdf79537fe8f3251af3e16440b8
SHA512

f82921155d2fd5ac2726bc77ff40a1d1c9f3015cd2215dd4765ac395a56438265def925e8bac2afe98d8de20ddc923b3f1b875534bf6d9c48b24eff2586245b2
SSDEEP

1536:J5e0OEiiOqOIii+q1jFvwYgays3kSlSLLLLLLLLLLLLLLLLLLLLLL:feDEi6+gjFYZE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e22e76ddaf0234de9338723651be93d5

Files

e22e76ddaf0234de9338723651be93d5
.exe windows:5 windows x86 arch:x86

d622c954ab0e91f84c975dbb2b5b41a5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\yefczSfm\EBochAIs\ddipex\lbjigy\KgcjbFbN.pdb

Imports

user32

LoadAcceleratorsW
UnloadKeyboardLayout
PostThreadMessageW
GetFocus
IsWindowUnicode
CharToOemBuffA
GetUserObjectInformationA
GetWindowRect
DrawFrameControl
SetParent
mouse_event
MapVirtualKeyA

shlwapi

PathMakePrettyW
StrSpnA

gdi32

SetStretchBltMode
CreatePalette
DeleteObject
OffsetViewportOrgEx
RectVisible
SetBrushOrgEx

kernel32

ExitProcess
InterlockedExchangeAdd
GetCurrentProcessId
FindNextFileA
GlobalMemoryStatus
lstrcmpiW
FindNextFileW
GetCompressedFileSizeW
GetDateFormatA
OpenFile
InterlockedExchange

ntdll

memset
_stricmp

Exports

Exports

?IXAd_ns_@@YGPAEKM@Z
?W_TI_MT_S_G@@YGPAGE@Z
?__znr_v_fm_mj__q_nr@@YGXJ@Z
?_tp_q_cu_I_tmj_v_v@@YGIJ@Z
?tb_l_lczi@@YGKPADG@Z
?TIP_JS__TUCGgnri_@@YGKPANF@Z
?VCJWYKSyqmSZ_Be@@YGXPAI@Z
?hqD_W_PxijtxCW_RZAZgl@@YGX_NPAN@Z
?___juy_YLTL_cQZCQLR@@YGPAXD@Z
?ESHIHX_@@YGPAIE@Z
?smtgky__vHI_QFHnna_m@@YGPAKM@Z
?xqqJYYyq_cp__dLG__S_T@@YGGPAM@Z
?HPjJbLKCOS_WULjqno_yhk@@YGJPAJ@Z
?DHI_VswOZJ@@YGPAXPAF@Z
?H__SZGX_d_r_hnpqD__E_F@@YGPA_NJ_N@Z
?tvfcqB_G_vos_y_VHGki@@YGFPAJG@Z
?_qciw_n@@YGPAFIK@Z

Sections

.code
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 829B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.import
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d622c954ab0e91f84c975dbb2b5b41a5

Headers

File Characteristics

PDB Paths

Imports

user32

shlwapi

gdi32

kernel32

ntdll

Exports

Exports

Sections

.code Size: 24KB - Virtual size: 24KB

.data Size: 20KB - Virtual size: 80KB

.rdata Size: 7KB - Virtual size: 6KB

.edata Size: 1024B - Virtual size: 829B

.import Size: 1024B - Virtual size: 912B

.rsrc Size: 7KB - Virtual size: 8KB

.reloc Size: 2KB - Virtual size: 1KB

.code
Size: 24KB - Virtual size: 24KB

.data
Size: 20KB - Virtual size: 80KB

.rdata
Size: 7KB - Virtual size: 6KB

.edata
Size: 1024B - Virtual size: 829B

.import
Size: 1024B - Virtual size: 912B

.rsrc
Size: 7KB - Virtual size: 8KB

.reloc
Size: 2KB - Virtual size: 1KB