e99d4aed88eea5ac6cea13542323a8e32c1258ef1e1e7ccd3c1b7cf89f39292d

Sharing

Copy URL Twitter E-mail

General

Target

e99d4aed88eea5ac6cea13542323a8e32c1258ef1e1e7ccd3c1b7cf89f39292d
Size

2.7MB
MD5

c6cdff6690d5247fac7a56d13329ecc1
SHA1

d9914fe4d883d7fd7f4371284a78fd24b5356a36
SHA256

e99d4aed88eea5ac6cea13542323a8e32c1258ef1e1e7ccd3c1b7cf89f39292d
SHA512

babb17ae2bbe8640917156836d84bc5d7d1483caebc4ce3ddc7cb4484e01e66f50f7f0d9ee8d0d584cfc18772d68a1d4eab023b7198af621f06aa7d0c5e20569
SSDEEP

49152:1hqNlQ4HvDyVObPOFiEvctnpdg5soq46FTfMILr8u95okPcQ+iXbvCiSyC2sY:1hV4HvDyVxDctglvWF8IoI+iX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e99d4aed88eea5ac6cea13542323a8e32c1258ef1e1e7ccd3c1b7cf89f39292d

Files

e99d4aed88eea5ac6cea13542323a8e32c1258ef1e1e7ccd3c1b7cf89f39292d
.dll windows:5 windows x86 arch:x86

883c63639499e8291e7b8d554ffa2ef7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shell32

SHGetSpecialFolderPathA

rpcrt4

I_RpcBindingIsClientLocal
I_RpcFreeBuffer

netapi32

NetGroupAdd

kernel32

GetModuleFileNameW
OutputDebugStringA
GetUserDefaultLangID
DeleteCriticalSection
GenerateConsoleCtrlEvent
GetConsoleOutputCP
DisconnectNamedPipe
GetNativeSystemInfo
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetOEMCP

ole32

ReleaseStgMedium

advapi32

OpenSCManagerA

wininet

InternetGetConnectedStateExW

gdi32

DescribePixelFormat
ExtEscape
EqualRgn
GetStockObject

oleaut32

LPSAFEARRAY_UserMarshal
CreateErrorInfo

user32

ToUnicode
DragDetect
UpdateWindow
GetShellWindow
SetMenuItemInfoA
GetTopWindow

crypt32

CryptEncryptMessage

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.code
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

883c63639499e8291e7b8d554ffa2ef7

Headers

DLL Characteristics

File Characteristics

Imports

shell32

rpcrt4

netapi32

kernel32

ole32

advapi32

wininet

gdi32

oleaut32

user32

crypt32

Sections

.text Size: 2.5MB - Virtual size: 2.5MB

.rdata Size: 48KB - Virtual size: 45KB

.code Size: 44KB - Virtual size: 44KB

.CRT Size: 4KB - Virtual size: 4B

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 24KB - Virtual size: 22KB

.text
Size: 2.5MB - Virtual size: 2.5MB

.rdata
Size: 48KB - Virtual size: 45KB

.code
Size: 44KB - Virtual size: 44KB

.CRT
Size: 4KB - Virtual size: 4B

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 24KB - Virtual size: 22KB