e6e7eddbc5caaae85b40d6cf4ee7a9fafa1d20d6a56a8f23426818337b1c827c

Sharing

Copy URL

Twitter E-mail

General

Target

e6e7eddbc5caaae85b40d6cf4ee7a9fafa1d20d6a56a8f23426818337b1c827c
Size

677KB
MD5

e5c18dd3003f3146670e1a0d0c7317c0
SHA1

76eb5695d6a33b6c153076872b55e805739ca000
SHA256

e6e7eddbc5caaae85b40d6cf4ee7a9fafa1d20d6a56a8f23426818337b1c827c
SHA512

c17ab69ae19e9a2c2622d115eab7b7645549619cf5bf171c888065678eb9e35c66914db82437ec3e3a3aef466d5556d424a1ea94abfd02fb0bdb9dfb004e048d
SSDEEP

12288:azVlP/3tAZSVZ6LEvFgut0vakieq25TNMdaSBs8tew8dYWQjzMxIbG/Fy/nWfNq9:aZlP1HULEsakievJNMddtFNzFbPvgNq9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e6e7eddbc5caaae85b40d6cf4ee7a9fafa1d20d6a56a8f23426818337b1c827c

Files

e6e7eddbc5caaae85b40d6cf4ee7a9fafa1d20d6a56a8f23426818337b1c827c
.exe windows:6 windows x86 arch:x86

e3c734d3a3846e0048d817b5269ec195

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceW
DecodePointer
RaiseException
InitializeCriticalSectionEx
MultiByteToWideChar
WideCharToMultiByte
FormatMessageA
CreateFileW
FlushFileBuffers
ReadFile
SetEndOfFile
SizeofResource
WriteFile
SetFileTime
LCMapStringW
LockResource
LoadResource
GetModuleHandleW
CreateProcessW
GetExitCodeProcess
WaitForSingleObject
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
SetLastError
CloseHandle
GetFileSizeEx
DeleteFileW
Sleep
SetFileAttributesW
RemoveDirectoryW
GetFileAttributesW
GetTempPathW
FindNextFileW
FindFirstFileW
FindClose
CreateDirectoryW
GetCurrentThreadId
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetLastError
LocalFree
GetModuleFileNameW
GetStringTypeW
GetCurrentProcess
SetFilePointerEx
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetProcAddress
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
OutputDebugStringW
RtlUnwind
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
GetCommandLineA
GetCommandLineW
GetStdHandle
ExitProcess
GetModuleHandleExW
GetConsoleMode
ReadConsoleW
GetFileType
GetConsoleCP
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
WriteConsoleW

advapi32

GetSecurityDescriptorGroup
GetNamedSecurityInfoW
RegCloseKey
SetSecurityDescriptorDacl
MakeSelfRelativeSD
MakeAbsoluteSD
IsValidSid
InitializeSecurityDescriptor
InitializeAcl
GetSecurityDescriptorSacl
GetSecurityDescriptorOwner
GetSecurityDescriptorLength
GetSecurityDescriptorDacl
GetSecurityDescriptorControl
GetLengthSid
GetAclInformation
GetAce
CopySid
AddAce
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW

shell32

SHGetKnownFolderPath

ole32

CoTaskMemFree

crypt32

CryptMsgGetAndVerifySigner
CertNameToStrW
CryptQueryObject
CertFreeCertificateContext
CryptMsgClose

wintrust

WinVerifyTrust

rpcrt4

UuidCreate

Sections

.text
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 463KB - Virtual size: 463KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e3c734d3a3846e0048d817b5269ec195

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

shell32

ole32

crypt32

wintrust

rpcrt4

Sections

.text Size: 156KB - Virtual size: 155KB

.rdata Size: 45KB - Virtual size: 45KB

.data Size: 3KB - Virtual size: 6KB

.rsrc Size: 463KB - Virtual size: 463KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 156KB - Virtual size: 155KB

.rdata
Size: 45KB - Virtual size: 45KB

.data
Size: 3KB - Virtual size: 6KB

.rsrc
Size: 463KB - Virtual size: 463KB

.reloc
Size: 8KB - Virtual size: 7KB