e22e30b43cfe4441071a59f3aa5b9a79

Sharing

Copy URL Twitter E-mail

General

Target

e22e30b43cfe4441071a59f3aa5b9a79
Size

42KB
MD5

e22e30b43cfe4441071a59f3aa5b9a79
SHA1

4a7c4e8c57b0f916d5da969d82794c1ebae3a21e
SHA256

4b95385196d3a3942fc5199c82939d9d1fd236d7eb2c5a836791902d945ee086
SHA512

c15351978fb44d818fd11d13d4a08f5791c51b3329d38e915323f84f376ea2c92dcdfbcdb361874acc9280e57115e24eba5cebfdfe7659c3e0292fa5a4835954
SSDEEP

768:OIKf0B+VBBmL/OaoJ1UoW/zIszAodDj2nv+f48RbkeiPU/FKMEzH:ZnB+VBM2erPpMMQeHKMEzH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e22e30b43cfe4441071a59f3aa5b9a79

Files

e22e30b43cfe4441071a59f3aa5b9a79
.dll windows:4 windows x86 arch:x86

e4c919d124d0b250f34e7c7bf44295c9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress
VirtualAlloc
VirtualFree
VirtualProtect

shell32

ShellExecuteA

ole32

CreateStreamOnHGlobal

gdi32

BitBlt

imm32

ImmGetContext

avicap32

capCreateCaptureWindowA

winmm

waveInStop

msvcrt

free

ws2_32

listen

shlwapi

StrChrA

psapi

GetModuleFileNameExA

user32

IsWindow

advapi32

RegCloseKey

Exports

Exports

erdftgyhy
222222222222
ServiceMain

Sections

.guoc
Size: 27KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.guocy
Size: 1024B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.guof
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

guocy
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gyuio
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wesdrf
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.guocyok
Size: 6KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e4c919d124d0b250f34e7c7bf44295c9

Headers

File Characteristics

Imports

kernel32

shell32

ole32

gdi32

imm32

avicap32

winmm

msvcrt

ws2_32

shlwapi

psapi

user32

advapi32

Exports

Exports

Sections

.guoc Size: 27KB - Virtual size: 67KB

.guocy Size: 1024B - Virtual size: 6KB

.guof Size: 1024B - Virtual size: 2KB

guocy Size: - Virtual size: 4KB

.gyuio Size: 3KB - Virtual size: 3KB

.rsrc Size: - Virtual size: 4KB

.wesdrf Size: 2KB - Virtual size: 3KB

.guocyok Size: 6KB - Virtual size: 4KB

.guoc
Size: 27KB - Virtual size: 67KB

.guocy
Size: 1024B - Virtual size: 6KB

.guof
Size: 1024B - Virtual size: 2KB

guocy
Size: - Virtual size: 4KB

.gyuio
Size: 3KB - Virtual size: 3KB

.rsrc
Size: - Virtual size: 4KB

.wesdrf
Size: 2KB - Virtual size: 3KB

.guocyok
Size: 6KB - Virtual size: 4KB