Endermanch@Antivirus2010[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

[email protected]
Size

775KB
MD5

f49bcb5336b1e1212ae82cbb98f8dfe4
SHA1

fc87518aee297f9c18e40f4604ea048aec0342c4
SHA256

1501affdcf557a9dcb73ae34d43365d5301532a48328564160fdc1f3acb01e2e
SHA512

51a4b1a5ede81e4dbeb9a335fe3a370e6ae452a46d4f4ce8753b37d6e399b00e0de3b066921febf1b5b20f5e3356e0d93da5df366acd2002b792ecb7eb32a7e4
SSDEEP

12288:msCyG0JUuqby8mkxhZZIQUopL1UnDs1WxWM1W0pdNkFGNjB7tDWYK:j/kxX/ZLwo1WgMPACBv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
[email protected]

Files

[email protected]
.exe windows:4 windows x86 arch:x86

7fbaa4ed437c6c11ecec3f2819b67132

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ddraw

DirectDrawCreate
DirectDrawCreateEx

user32

SetMenuItemBitmaps
GetClientRect
MapDialogRect
GetSysColorBrush
IsWindowEnabled
GetNextDlgGroupItem
CreateWindowExW
EnableMenuItem
DestroyWindow
GetWindowLongW
PostMessageW
DrawIcon
InvalidateRgn
GetParent
GetDesktopWindow
IsIconic
ValidateRect
SetActiveWindow
GetMenuState
IsWindowVisible
MessageBeep
SetMenu
EndDialog
SetTimer
DispatchMessageW
GetMenuCheckMarkDimensions
GetSystemMetrics
UpdateWindow
LoadBitmapW
GetKeyState
ModifyMenuW
GetActiveWindow
GetDlgItem
SetWindowContextHelpId
SetWindowPos
CheckMenuItem
GetCursorPos
GetFocus
CreateDialogIndirectParamW
GetWindow
PeekMessageW
IsWindow
EnableWindow
PostQuitMessage
GetNextDlgTabItem
TranslateMessage

kernel32

VirtualUnlock
GlobalAlloc
SetUnhandledExceptionFilter
InterlockedCompareExchange
GlobalHandle
GetTempPathW
QueryPerformanceCounter
WideCharToMultiByte
GetCurrentProcess
GetComputerNameW
ProcessIdToSessionId
GetVersionExW
LocalFree
ReleaseMutex
VirtualAlloc
CreateThread
GetSystemInfo
LCMapStringW
TerminateProcess
LoadResource
LeaveCriticalSection
SetEvent
lstrlenW
MultiByteToWideChar
GetProcAddress
RaiseException
IsDebuggerPresent
WaitForMultipleObjects
GetStartupInfoW
HeapSetInformation
FlushInstructionCache
CloseHandle
GetVersionExA
LoadLibraryW
LockResource
GetModuleHandleA
FindResourceW
GetProcessId
GetThreadLocale
GetSystemDirectoryW
GetModuleFileNameW
VirtualFree
GlobalFree
GetLocaleInfoW
CreateMutexW
DeleteCriticalSection
FormatMessageW
OpenProcess
SetLastError
LocalAlloc
GetSystemTimeAsFileTime
GetTickCount
LoadLibraryExW
FreeLibrary
FindResourceExW
InitializeCriticalSection
MulDiv
lstrlenA
WaitForSingleObject
GetCurrentThreadId
InterlockedDecrement
ResetEvent
VirtualLock
HeapFree
HeapReAlloc
HeapSize
GetLocaleInfoA
lstrcmpW
GlobalUnlock
LoadLibraryA
UnhandledExceptionFilter
CreateFileW
GetLastError
HeapAlloc
InterlockedExchange
EnterCriticalSection
GlobalLock
SizeofResource
InterlockedIncrement
IsProcessorFeaturePresent
CreateEventW
GetACP
Sleep
HeapDestroy
GetModuleHandleW

msvcrt

_controlfp
_amsg_exit
_initterm
__wgetmainargs
exit
log
__setusermatherr
_wtoi64
__set_app_type
iswdigit
_exit
memset
_cexit
_initterm
__p__fmode
?terminate@@YAXXZ
_wcmdln
memcpy
__p__commode
_XcptFilter

Sections

.text
Size: 433KB - Virtual size: 432KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 336KB - Virtual size: 336KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7fbaa4ed437c6c11ecec3f2819b67132

Headers

File Characteristics

Imports

ddraw

user32

kernel32

msvcrt

Sections

.text Size: 433KB - Virtual size: 432KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 336KB - Virtual size: 336KB

.rsrc Size: 1024B - Virtual size: 1024B

.text
Size: 433KB - Virtual size: 432KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 336KB - Virtual size: 336KB

.rsrc
Size: 1024B - Virtual size: 1024B