e5e4abc69eccc17b7df35be105ce29f22c3d82f05b91fd7f26a78eb7de79b9f8

Sharing

Copy URL Twitter E-mail

General

Target

e5e4abc69eccc17b7df35be105ce29f22c3d82f05b91fd7f26a78eb7de79b9f8
Size

379KB
MD5

4a6c7831d8c1ab4c9b1b3e31c928d48b
SHA1

90e43bf34b29ee21328226ba03bf21f980856c7e
SHA256

e5e4abc69eccc17b7df35be105ce29f22c3d82f05b91fd7f26a78eb7de79b9f8
SHA512

df6a827b2738a86af8c4b91424350bc4962558688f90789ca3de110b25fcd7737688ca75aa17a137e330cd0d75aa1b512e524dac62163888a1ed27e3017ab9e6
SSDEEP

6144:cTsnT8xBMY2vLiuHiRYoTG9A6K75tod9lylHkxXPKQRsEGeF3pT02buFW4D4NTBb:cQn4n25j9lylHkxXPKQRd31NT2UOUOan

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e5e4abc69eccc17b7df35be105ce29f22c3d82f05b91fd7f26a78eb7de79b9f8

Files

e5e4abc69eccc17b7df35be105ce29f22c3d82f05b91fd7f26a78eb7de79b9f8
.exe windows:6 windows x86 arch:x86

539fb0d51797d663336a64571b5a0934

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Program Files (x86)\zMail\appzm\zMailAutoUpdate.pdb

Imports

user32

DrawTextW
DestroyIcon
LoadCursorW
ScreenToClient
AdjustWindowRectEx
ValidateRect
ReleaseDC
GetDC
IsWindowVisible
ShowWindow
DestroyWindow
CreateWindowExW
RegisterClassExW
UnregisterClassW
PostQuitMessage
DefWindowProcW
PostMessageW
PeekMessageW
DispatchMessageW
TranslateMessage
LoadIconW
GetWindowLongW
GetWindowRect
SetWindowPos
SendMessageW
GetSystemMetrics
MoveWindow
SetWindowLongW

kernel32

GetLocalTime
GetConsoleWindow
lstrcpynW
SetEvent
ResetEvent
CreateEventW
CreateThread
GetTickCount
GetModuleFileNameW
GetModuleHandleW
AllocConsole
FreeConsole
SetConsoleCtrlHandler
GlobalUnlock
GlobalLock
CloseHandle
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
LockResource
GlobalAlloc
GlobalReAlloc
GlobalFree
CreateFileW
ReadFile
LoadResource
SizeofResource
FindResourceW
GetProcAddress
LoadLibraryW
TlsAlloc
GetLastError
SetCurrentDirectoryA
ReleaseMutex
WaitForSingleObject
CreateMutexW
GetModuleFileNameA
Sleep
HeapSize
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
ExitProcess
GetStdHandle
WriteFile
GetConsoleMode
ReadConsoleW
GetFileType
HeapFree
GetConsoleOutputCP
GetFileSizeEx
HeapAlloc
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
FlushFileBuffers
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
WriteConsoleW
SetLastError
RaiseException
GetTimeZoneInformation
HeapReAlloc
GetProcessHeap
RtlUnwind
SetStdHandle
InitializeCriticalSectionAndSpinCount
WaitForSingleObjectEx
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetCurrentProcess
TerminateProcess
CreateDirectoryW
FindClose
FindFirstFileExW
FindNextFileW
GetFileAttributesW
GetFileAttributesExW
GetFileInformationByHandle
SetEndOfFile
SetFileAttributesW
SetFileInformationByHandle
SetFilePointerEx
AreFileApisANSI
CopyFileW
GetFileInformationByHandleEx
MultiByteToWideChar
WideCharToMultiByte
LocalFree
FormatMessageA
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
InitializeCriticalSectionEx
TryEnterCriticalSection
EncodePointer
DecodePointer
LCMapStringEx
GetStringTypeW
GetCPInfo
SetEnvironmentVariableW

gdi32

PolyBezier
Polyline
Polygon
TextOutW
MoveToEx
GetObjectW
ExtCreatePen
SetROP2
SetPolyFillMode
SetPixelV
SelectPalette
RoundRect
RealizePalette
Rectangle
Pie
LineTo
GetTextExtentPoint32W
GetPolyFillMode
GetPixel
GetDIBits
GetCurrentObject
GetClipRgn
GetBkMode
GetROP2
FillRgn
ExtFloodFill
Ellipse
CreateRectRgn
CreateBrushIndirect
CreateBitmap
Arc
GdiSetBatchLimit
CreateDIBSection
SetWorldTransform
SetTextColor
SetGraphicsMode
SetBkMode
SetBkColor
SelectObject
SelectClipRgn
GetStockObject
DeleteObject
DeleteDC
CreateSolidBrush
CreatePen
CreateFontIndirectW
CreateCompatibleDC
BitBlt

shell32

ShellExecuteA
ShellExecuteExA
ExtractIconW

ole32

CreateStreamOnHGlobal
CoCreateGuid
CoUninitialize
CoInitialize

Sections

.text
Size: 230KB - Virtual size: 229KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

539fb0d51797d663336a64571b5a0934

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

user32

kernel32

gdi32

shell32

ole32

Sections

.text Size: 230KB - Virtual size: 229KB

.rdata Size: 82KB - Virtual size: 82KB

.data Size: 6KB - Virtual size: 10KB

.rsrc Size: 47KB - Virtual size: 47KB

.reloc Size: 12KB - Virtual size: 12KB

.text
Size: 230KB - Virtual size: 229KB

.rdata
Size: 82KB - Virtual size: 82KB

.data
Size: 6KB - Virtual size: 10KB

.rsrc
Size: 47KB - Virtual size: 47KB

.reloc
Size: 12KB - Virtual size: 12KB