e24b67c9e5f7bb2c9d1e15eafee9f329

Sharing

Copy URL Twitter E-mail

General

Target

e24b67c9e5f7bb2c9d1e15eafee9f329
Size

65KB
MD5

e24b67c9e5f7bb2c9d1e15eafee9f329
SHA1

0b3c238fc6bdf8cd469bc377b4f5bfa3e23a705f
SHA256

1df0e73f40d49e9497e39bb1931dab84606ba0e309b3a10b03e858ba029d194b
SHA512

7ab32711fa2ab4a614248eb1e2e2d9a2887b3efddef261f85dea2caf9c0f063f001231816f8d59687827d35163dc832e5df6d1d5e7c57b00fcb13636fd3eab60
SSDEEP

1536:b9/+qo7X7Q1N4PpQ2iHzNb3vSkdaZcPvQRcCefymztRe:blJ0EIRQ2iJ5daiPvQR6qmhR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e24b67c9e5f7bb2c9d1e15eafee9f329

Files

e24b67c9e5f7bb2c9d1e15eafee9f329
.exe windows:4 windows x86 arch:x86

c99cfe2bd8dd60b527e3ce7bf71b8bf8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
CloseHandle
DeviceIoControl
CreateFileW
GetSystemDirectoryA
GetVolumeInformationA
GetTempPathA
ExitProcess
TerminateProcess
SetProcessPriorityBoost
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetCurrentProcess
GetEnvironmentVariableA
GetShortPathNameA
GetModuleFileNameA
IsBadWritePtr
GetComputerNameA
WriteFile
lstrlenA
GetVersionExA
CreateProcessA

shell32

ShellExecuteExA
SHChangeNotify

msvcrt

sprintf
_snprintf
srand
time
strncat
??3@YAXPAX@Z
rand
atoi
_except_handler3
strncpy
_strdup
__CxxFrameHandler
_itoa

msvcp60

?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Xlen@std@@YAXXZ
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_Copy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

wininet

HttpQueryInfoA
InternetOpenUrlA
InternetOpenA
InternetReadFile
InternetCloseHandle

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c99cfe2bd8dd60b527e3ce7bf71b8bf8

Headers

File Characteristics

Imports

kernel32

shell32

msvcrt

msvcp60

wininet

Sections

.text Size: 10KB - Virtual size: 9KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 51KB - Virtual size: 53KB

.text
Size: 10KB - Virtual size: 9KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 51KB - Virtual size: 53KB