ec48edc421513101d04fcf633e97206e929d247b91c74d3a8f49c0d10cc96534

Sharing

Copy URL Twitter E-mail

General

Target

ec48edc421513101d04fcf633e97206e929d247b91c74d3a8f49c0d10cc96534
Size

132KB
MD5

0d85bd6ad04ca215a2eb694d739229a6
SHA1

6953a9ef354590f3debdd3230f7e30eee9b2a30d
SHA256

ec48edc421513101d04fcf633e97206e929d247b91c74d3a8f49c0d10cc96534
SHA512

1cbf4dd5f9c14578e93ede7a0ccb05b904aa9349b198854a5a1e46188df885d0d391603e3acbfa4446bbec41771f95883d56e3df6e9f6eced7413b06cfa3d377
SSDEEP

1536:Urj3Inl21aZSV4q+4k4NEUUfS8PeacXanrALaExOpTzwewaG0o8ZqS2:OIl9Q4q+4zNEfSCbrC5OpTzIaG0o8Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ec48edc421513101d04fcf633e97206e929d247b91c74d3a8f49c0d10cc96534

Files

ec48edc421513101d04fcf633e97206e929d247b91c74d3a8f49c0d10cc96534
.exe windows:4 windows x86 arch:x86

e493342e63990ffae98724d93fa88e95

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime
mciSendCommandA

ddraw

DirectDrawCreateEx

kernel32

GetModuleFileNameA
GetTickCount
GetFileSize
lstrcpyA
GetDriveTypeA
GlobalUnlock
LoadLibraryA
SetEndOfFile
GetVersionExA
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
WriteFile
HeapSize
GetCurrentProcess
TerminateProcess
HeapAlloc
HeapReAlloc
LCMapStringW
LCMapStringA
MultiByteToWideChar
WideCharToMultiByte
GetOEMCP
GetACP
GetCPInfo
GetProcAddress
HeapFree
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
DeleteFileA
GetLastError
RtlUnwind
HeapDestroy
VirtualFree
GlobalFree
GlobalAlloc
GlobalLock
ReadFile
SetFilePointer
HeapCreate
CreateFileA
CloseHandle
VirtualAlloc
SetStdHandle
GetStringTypeW
GetStringTypeA
FlushFileBuffers
SetUnhandledExceptionFilter
IsBadCodePtr
IsBadReadPtr
IsBadWritePtr

user32

SetTimer
KillTimer
SetCursor
PostQuitMessage
PostMessageA
DefWindowProcA
LoadIconA
LoadCursorA
RegisterClassA
LoadAcceleratorsA
CreateWindowExA
ShowWindow
UpdateWindow
LoadStringA
MessageBoxA
PeekMessageA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
WaitMessage
FindWindowA
SendMessageA
CopyRect
IntersectRect
OffsetRect
GetClientRect
ClientToScreen
GetSystemMetrics
SetRect

gdi32

StretchDIBits
SetStretchBltMode

advapi32

RegCloseKey
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA

binkw32

_BinkNextFrame@4
_BinkOpenDirectSound@4
_BinkSetSoundSystem@8
_BinkWait@4
_BinkDoFrame@4
_BinkCopyToBuffer@28
_BinkDDSurfaceType@4
_BinkOpen@8
_BinkGoto@12
_BinkClose@4

dsound

ord1

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e493342e63990ffae98724d93fa88e95

Headers

File Characteristics

Imports

winmm

ddraw

kernel32

user32

gdi32

advapi32

binkw32

dsound

Sections

.text Size: 96KB - Virtual size: 95KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 16KB - Virtual size: 23KB

.rsrc Size: 8KB - Virtual size: 4KB

.text
Size: 96KB - Virtual size: 95KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 16KB - Virtual size: 23KB

.rsrc
Size: 8KB - Virtual size: 4KB