e3195658596b7ab07e896f70b5e725a50cb5fb0d10bb4f1105b335d26aff78c1

Sharing

Copy URL Twitter E-mail

General

Target

e3195658596b7ab07e896f70b5e725a50cb5fb0d10bb4f1105b335d26aff78c1
Size

1.8MB
MD5

484a30cc6b76cde593d9077fd7aa5a75
SHA1

6511bbd1350e1805d5d42dca5821e2778ab7c214
SHA256

e3195658596b7ab07e896f70b5e725a50cb5fb0d10bb4f1105b335d26aff78c1
SHA512

01244f9728704c8fb1426d5653be6d2f9ca49a60625074ae26ad9b9618e63c588bab9040a4a30f8bef05710078201df712458dec2223672747c5cac718bc82b5
SSDEEP

3072:JRzD8Dej/QY975OA1V9xMgLAqKyjwFdcInr3b3jNL6/pbJk/OBZuVA:7Lj/Qy5VoqKyibSPBg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e3195658596b7ab07e896f70b5e725a50cb5fb0d10bb4f1105b335d26aff78c1

Files

e3195658596b7ab07e896f70b5e725a50cb5fb0d10bb4f1105b335d26aff78c1
.exe windows:4 windows x86 arch:x86

e790e285aadaaf7db8a5149e9f72df8e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WritePrivateProfileStringA
GetPrivateProfileIntA
GlobalLock
FindResourceA
SizeofResource
LoadResource
LockResource
GetTempFileNameA
FreeResource
CreateFileA
FlushFileBuffers
WriteFile
GetCurrentProcess
SetFilePointer
ReadFile
CloseHandle
TerminateProcess
GetACP
GetCPInfo
GetOEMCP
VirtualFree
HeapCreate
VirtualAlloc
RtlUnwind
GetVersion
HeapDestroy
GetLastError
GetLocalTime
FreeEnvironmentStringsA
GetFileAttributesA
SetStdHandle
GetTempPathA
GlobalUnlock
GetFileType
GetStdHandle
GetTimeZoneInformation
HeapAlloc
GetSystemTime
GetCommandLineA
GetStartupInfoA
HeapFree
LoadLibraryA
FreeLibrary
ExitProcess
HeapReAlloc
SetEnvironmentVariableA
CompareStringW
CompareStringA
lstrcpyA
lstrcatA
SetEndOfFile
lstrlenA
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
GlobalAlloc
GetProcAddress
Sleep
GetModuleHandleA
SetHandleCount
WideCharToMultiByte
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
UnhandledExceptionFilter
GetModuleFileNameA
DeleteFileA
GetTickCount
GlobalFree
GetVersionExA

user32

IntersectRect
UnionRect
MessageBoxA
FillRect
GetClientRect
GetDC
InvalidateRect
ReleaseDC
SetRect
DrawTextA
OffsetRect
PtInRect
GetWindowRect
GetDesktopWindow
EndPaint
LoadBitmapA
DialogBoxParamA
PostQuitMessage
BeginPaint
SetTimer
EnableWindow
KillTimer
CheckDlgButton
SetWindowTextA
GetDlgItem
SendDlgItemMessageA
EndDialog
wsprintfA
SetDlgItemTextA
IsDlgButtonChecked
IsWindowEnabled
CharNextA
SendMessageA
LoadIconA
PeekMessageA
FindWindowA
RegisterClassA
GetSystemMetrics
SetForegroundWindow
TranslateMessage
CreateWindowExA
GetMessageA
GetParent
DispatchMessageA
SetCursor
PostMessageA
IsWindow
DefWindowProcA
SystemParametersInfoA
GetForegroundWindow
GetCursorPos

gdi32

SetStretchBltMode
GetDeviceCaps
RealizePalette
BitBlt
GetBitmapBits
GetObjectA
DeleteDC
SetMapMode
GetMapMode
DPtoLP
SelectObject
CreateCompatibleDC
DeleteObject
GetTextExtentPoint32A
SetBkMode
SetTextColor
CreateFontIndirectA
EnumFontsA
GetStockObject
CreateBitmap
PatBlt
SetDIBitsToDevice
SelectPalette
CreateCompatibleBitmap
SetBitmapBits
CreatePalette
SetBkColor
StretchBlt

winmm

mciSendCommandA
waveOutUnprepareHeader
waveOutReset
mmioAscend
waveInGetNumDevs
mmioClose
mmioOpenA
mmioRead
mmioDescend
mmioAdvance
mmioSeek
mmioSetInfo
mmioGetInfo
waveOutPrepareHeader
waveOutWrite
waveOutOpen
waveOutClose

dsound

DirectSoundCreate

ole32

OleUninitialize
OleInitialize

advapi32

RegCloseKey
RegOpenKeyA
RegQueryValueExA

Exports

Exports

ScreenSaverConfigureDialog
ScreenSaverProc

Sections

.text
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e790e285aadaaf7db8a5149e9f72df8e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winmm

dsound

ole32

advapi32

Exports

Exports

Sections

.text Size: 54KB - Virtual size: 54KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 12KB - Virtual size: 1.6MB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 1.8MB - Virtual size: 1.8MB

.text
Size: 54KB - Virtual size: 54KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 12KB - Virtual size: 1.6MB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 1.8MB - Virtual size: 1.8MB