e433263dc9392afab1d2e5113a21078c70c2642af4cec51d493e57ce6796ddfb

Sharing

Copy URL Twitter E-mail

General

Target

e433263dc9392afab1d2e5113a21078c70c2642af4cec51d493e57ce6796ddfb
Size

220KB
MD5

f22939ce61308c6b66e0e605bed242d9
SHA1

c73be09b2c2b56f6a7948660452c644c3c61f8a0
SHA256

e433263dc9392afab1d2e5113a21078c70c2642af4cec51d493e57ce6796ddfb
SHA512

9dfae3f95d0380bd08204e655781a4ef7af2e393f5dc2d71ac51777b8c40a54c11fa3a6392f97043958e45863fd33473af79363157dbed31e6a6b4a247c94bf6
SSDEEP

3072:Kvj3ZybEylV/wO/tR1Br24LmbXxW3wRmkH5Sr4zGP6GbcPABweibpmQ/EUCHh6:KTZybEMB1wBbMlkZSz0qwpbBCh6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e433263dc9392afab1d2e5113a21078c70c2642af4cec51d493e57ce6796ddfb

Files

e433263dc9392afab1d2e5113a21078c70c2642af4cec51d493e57ce6796ddfb
.exe windows:4 windows x86 arch:x86

0e16eb5feb4ba22162a31e23f0291940

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
wsprintfA
MessageBoxA
IsWindow
ReleaseDC
PrintWindow
GetDC
GetWindowRect
GetInputState
MsgWaitForMultipleObjects
SendMessageA

kernel32

SetStdHandle
LCMapStringW
CreateWaitableTimerA
SetWaitableTimer
CloseHandle
RtlMoveMemory
GetExitCodeThread
GetProcessHeap
GetModuleHandleA
HeapAlloc
HeapReAlloc
HeapFree
IsBadReadPtr
GetTickCount
FreeLibrary
GetProcAddress
LoadLibraryA
LCMapStringA
FlushFileBuffers
ExitProcess
FreeEnvironmentStringsA
InterlockedIncrement
InterlockedDecrement
GetStartupInfoA
GetCommandLineA
GetVersion
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetLastError
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
WriteFile
VirtualAlloc
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
SetFilePointer

gdi32

GetObjectA
DeleteDC
DeleteObject
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
GetDIBits

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey

oleaut32

VariantTimeToSystemTime

Sections

.text
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 144KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0e16eb5feb4ba22162a31e23f0291940

Headers

File Characteristics

Imports

user32

kernel32

gdi32

advapi32

oleaut32

Sections

.text Size: 56KB - Virtual size: 56KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 144KB - Virtual size: 152KB

.rsrc Size: 12KB - Virtual size: 10KB

.text
Size: 56KB - Virtual size: 56KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 144KB - Virtual size: 152KB

.rsrc
Size: 12KB - Virtual size: 10KB