ee84691064b555a0a31a6f25c06be205de82c4f34239aca6dafcecd1cb631a0a

Sharing

Copy URL Twitter E-mail

General

Target

ee84691064b555a0a31a6f25c06be205de82c4f34239aca6dafcecd1cb631a0a
Size

925KB
MD5

9c2539748015e09ade01207be5943455
SHA1

145ae21a6e845c633bd9ba57884d34284ca0bf8c
SHA256

ee84691064b555a0a31a6f25c06be205de82c4f34239aca6dafcecd1cb631a0a
SHA512

17f8883ca5b54730c9f6ce1c1ee624f21f5efe265f8e871e8eddfec0a98e71bda87e62d12b75f7ec54c7b0b8d9323e04daaef6d110245983e34b4d00f5c5c92d
SSDEEP

24576:aVfu1R4JqRlCq6BQvWmwx6LqdSvjXmVh8gj6rUYI:6u1R4JqvCQCjpVh8gY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ee84691064b555a0a31a6f25c06be205de82c4f34239aca6dafcecd1cb631a0a

Files

ee84691064b555a0a31a6f25c06be205de82c4f34239aca6dafcecd1cb631a0a
.exe windows:4 windows x86 arch:x86

0f2cd02d5289c8ffd0f9b971a21518c1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

comctl32

InitCommonControls

gdi32

ChoosePixelFormat
GetDeviceCaps
GetDeviceGammaRamp
SetDeviceGammaRamp
SetPixelFormat
SwapBuffers

kernel32

AllocConsole
CloseHandle
CreateEventA
CreateThread
ExitProcess
FreeConsole
FreeLibrary
GetCommandLineA
GetConsoleScreenBufferInfo
GetLargestConsoleWindowSize
GetModuleFileNameA
GetModuleHandleA
GetNumberOfConsoleInputEvents
GetProcAddress
GetStartupInfoA
GetStdHandle
GlobalAlloc
GlobalFree
GlobalLock
GlobalMemoryStatus
GlobalUnlock
LoadLibraryA
MapViewOfFile
QueryPerformanceCounter
QueryPerformanceFrequency
ReadConsoleInputA
ReadConsoleOutputCharacterA
SetConsoleScreenBufferSize
SetConsoleWindowInfo
SetEvent
SetUnhandledExceptionFilter
Sleep
UnmapViewOfFile
WaitForMultipleObjects
WriteConsoleInputA
WriteFile

msvcrt

_stricmp
_strnicmp
_unlink
__getmainargs
__p__environ
__set_app_type
_cexit
_fileno
_findclose
_findfirst
_findnext
_fmode
_fpreset
_iob
_mkdir
_setjmp
_setmode
_snprintf
_vsnprintf
atan
atan2
atexit
atof
atoi
ceil
exit
exp
fclose
feof
fflush
fgets
floor
fopen
fread
free
fseek
ftell
fwrite
isalpha
isdigit
isupper
localtime
log
longjmp
malloc
memcpy
memmove
memset
pow
rand
signal
sprintf
srand
sscanf
strcat
strchr
strcmp
strcpy
strftime
strncmp
strncpy
strrchr
strstr
strtol
tan
time
tolower
toupper
vfprintf
vsprintf

user32

AdjustWindowRectEx
ChangeDisplaySettingsA
ClipCursor
CreateWindowExA
DefWindowProcA
DestroyWindow
DispatchMessageA
GetCursorPos
GetDC
GetKeyboardState
GetMessageA
GetSystemMetrics
LoadCursorA
LoadIconA
MessageBoxA
MoveWindow
MsgWaitForMultipleObjects
PeekMessageA
RegisterClassA
RegisterWindowMessageA
ReleaseCapture
ReleaseDC
SetCapture
SetCursorPos
SetForegroundWindow
SetWindowPos
ShowCursor
ShowWindow
SystemParametersInfoA
ToAscii
TranslateMessage
UpdateWindow

winmm

joyGetDevCapsA
joyGetNumDevs
joyGetPosEx
mciSendCommandA
timeBeginPeriod
timeGetTime
waveOutClose
waveOutOpen
waveOutPrepareHeader
waveOutReset
waveOutUnprepareHeader
waveOutWrite

wsock32

WSACleanup
WSAGetLastError
WSAStartup
bind
closesocket
gethostbyname
getsockname
htons
ioctlsocket
ntohs
recvfrom
sendto
socket

Sections

.text
Size: 872KB - Virtual size: 872KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 50.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0f2cd02d5289c8ffd0f9b971a21518c1

Headers

File Characteristics

Imports

comctl32

gdi32

kernel32

msvcrt

user32

winmm

wsock32

Sections

.text Size: 872KB - Virtual size: 872KB

.data Size: 47KB - Virtual size: 46KB

.bss Size: - Virtual size: 50.5MB

.idata Size: 5KB - Virtual size: 4KB

.text
Size: 872KB - Virtual size: 872KB

.data
Size: 47KB - Virtual size: 46KB

.bss
Size: - Virtual size: 50.5MB

.idata
Size: 5KB - Virtual size: 4KB