e1f60b891005dfd0f6738444406c8e57d644cc3ce0154f8d17454c886637dfbd

Sharing

Copy URL Twitter E-mail

General

Target

e1f60b891005dfd0f6738444406c8e57d644cc3ce0154f8d17454c886637dfbd
Size

148KB
MD5

8b0137c27630238d4484e09614e34a6b
SHA1

38cd7b650d6cfa3b3bbdd77462bc77cec81c3e7b
SHA256

e1f60b891005dfd0f6738444406c8e57d644cc3ce0154f8d17454c886637dfbd
SHA512

8b50aff28fbaca4715139c56c91d3b6361661870d1c36c14495e9786d324cb7ee528fcd6cade38fc07fd305d503910d9099515b384155685139e4a8897bf9899
SSDEEP

3072:RqbvYIHbDHrItpY6QV76ei4cIIZxFtZRrqKWY/svbIbm18Mq:cbvYIL4pY3hi4cLZG8RM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e1f60b891005dfd0f6738444406c8e57d644cc3ce0154f8d17454c886637dfbd

Files

e1f60b891005dfd0f6738444406c8e57d644cc3ce0154f8d17454c886637dfbd
.exe windows:6 windows x86 arch:x86

fe0f3a59ae2294c4975f5eca0d194084

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetKeyboardType
GetCursorPos
GetMenuItemRect
GetFocus
BeginDeferWindowPos

rpcrt4

I_RpcServerSetAddressChangeFn

wininet

InternetOpenUrlW

gdi32

PaintRgn
SetBitmapDimensionEx

kernel32

ReadFile
CancelSynchronousIo
GetCommandLineA
GetSystemTimeAsFileTime
IsProcessInJob
GlobalAlloc
GetTapeStatus
TlsFree
GetLastError
GetTickCount

oleaut32

VarCyFromI1

Sections

.crt
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 4KB - Virtual size: 182B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

WET_J
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

43B
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CODE
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

o
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 456B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fe0f3a59ae2294c4975f5eca0d194084

Headers

DLL Characteristics

File Characteristics

Imports

user32

rpcrt4

wininet

gdi32

kernel32

oleaut32

Sections

.crt Size: 12KB - Virtual size: 11KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 8KB

.text Size: 4KB - Virtual size: 182B

WET_J Size: 36KB - Virtual size: 34KB

43B Size: 28KB - Virtual size: 24KB

CODE Size: 20KB - Virtual size: 16KB

o Size: 28KB - Virtual size: 24KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 456B

.crt
Size: 12KB - Virtual size: 11KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 8KB

.text
Size: 4KB - Virtual size: 182B

WET_J
Size: 36KB - Virtual size: 34KB

43B
Size: 28KB - Virtual size: 24KB

CODE
Size: 20KB - Virtual size: 16KB

o
Size: 28KB - Virtual size: 24KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 456B