e9a68c417965233d6813bb5afa12882bdf7c4afa5538e898569046ea034431ce

Sharing

Copy URL Twitter E-mail

General

Target

e9a68c417965233d6813bb5afa12882bdf7c4afa5538e898569046ea034431ce
Size

390KB
MD5

9ddf69556da38741a4e22ce010dfa74f
SHA1

ff7715c31baa92badf2b513c0508e58bec71d69d
SHA256

e9a68c417965233d6813bb5afa12882bdf7c4afa5538e898569046ea034431ce
SHA512

143681fad380f340aedc57a01aca5ba837391bc7fbb9def693a9b954466afbcac5501571027f6b0bdb60b71f49faaaba07597143bf782fecf5e35c66f78acf10
SSDEEP

6144:mLYsHMLtQu2uuDRE6tR/3O05vw5pGCPTgY4jIcU:mBHUtQuLu+6tBJ5vwjGMTgRZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e9a68c417965233d6813bb5afa12882bdf7c4afa5538e898569046ea034431ce

Files

e9a68c417965233d6813bb5afa12882bdf7c4afa5538e898569046ea034431ce
.exe windows:5 windows x86 arch:x86

ffe89a49cc0b7b74222ae5cc8ba5ea5a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleOutputW
InterlockedIncrement
EnumCalendarInfoW
GetTimeFormatA
GetModuleHandleW
GetTickCount
GetConsoleAliasesLengthA
GetSystemTimes
SetVolumeMountPointA
FormatMessageW
GetStringTypeExW
FindNextVolumeW
GetConsoleAliasW
SetTimeZoneInformation
SetConsoleTitleA
GetConsoleAliasesW
GetStringTypeA
GetThreadLocale
GetProcAddress
BuildCommDCBW
LoadLibraryA
LocalAlloc
SetConsoleOutputCP
GetModuleFileNameA
GetProcessAffinityMask
FreeEnvironmentStringsW
EnumDateFormatsW
CompareStringA
DeleteCriticalSection
DeleteAtom
OpenFileMappingA
LocalFileTimeToFileTime
SetLastError
GetComputerNameA
MultiByteToWideChar
GetLastError
HeapReAlloc
HeapAlloc
Sleep
ExitProcess
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
HeapFree
HeapCreate
VirtualFree
VirtualAlloc
WriteFile
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetModuleFileNameW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
SetFilePointer
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeW
GetLocaleInfoA
RtlUnwind
HeapSize
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
ReadFile
CreateFileA
CloseHandle
GetModuleHandleA

advapi32

RevertToSelf

winhttp

WinHttpAddRequestHeaders

Sections

.text
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 198KB - Virtual size: 198KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 610KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tobu
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ffe89a49cc0b7b74222ae5cc8ba5ea5a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

winhttp

Sections

.text Size: 56KB - Virtual size: 56KB

.rdata Size: 198KB - Virtual size: 198KB

.data Size: 16KB - Virtual size: 610KB

.tls Size: 14KB - Virtual size: 14KB

.tobu Size: 1024B - Virtual size: 1024B

.rsrc Size: 103KB - Virtual size: 102KB

.text
Size: 56KB - Virtual size: 56KB

.rdata
Size: 198KB - Virtual size: 198KB

.data
Size: 16KB - Virtual size: 610KB

.tls
Size: 14KB - Virtual size: 14KB

.tobu
Size: 1024B - Virtual size: 1024B

.rsrc
Size: 103KB - Virtual size: 102KB