e6ab75fa0d3a786e3b2598c885b724b0N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

e6ab75fa0d3a786e3b2598c885b724b0N.exe
Size

3.2MB
MD5

e6ab75fa0d3a786e3b2598c885b724b0
SHA1

d540e1d2e5d8242554c0e99f48c317d588d90544
SHA256

515adfc11fa7d216328d83a6f84d140e5bacffffed8485128f49144829cfabaf
SHA512

94cdd7c15ab8d2f82cc7230ca39d525dbb57b4f79528269a213d59c8817cf974e75d876174bf09cb77b3a3f1eac6cda09c9fc1e0e7983fa39294c80cef12b7c6
SSDEEP

49152:mli5UXeb6qaDiCi0FZlJVo2iMhXzksODkd+WU/o7T5KS4:sF8tCikJVohXHB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e6ab75fa0d3a786e3b2598c885b724b0N.exe

Files

e6ab75fa0d3a786e3b2598c885b724b0N.exe
.exe windows:6 windows x64 arch:x64

76081510dc0fd5f053c07206e1da29d0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\Dezvoltare\eureka-editor\build\RelWithDebInfo\eureka.pdb

Imports

opengl32

glPushClientAttrib
glPopClientAttrib
wglShareLists
wglMakeCurrent
wglDeleteContext
wglCreateLayerContext
wglCreateContext
glRasterPos2f
glListBase
glGenLists
glDrawPixels
glDeleteLists
glColor3ub
glCallLists
wglUseFontBitmapsW
glReadBuffer
glRasterPos2i
glGetIntegerv
glCopyPixels
glScissor
glFlush
glDrawBuffer
glVertex3f
glTranslated
glReadPixels
glMatrixMode
glLoadMatrixd
glFrustum
glClearColor
glClear
glTexParameteri
glTexImage2D
glPixelStorei
glGenTextures
glDeleteTextures
glViewport
glVertex2i
glTexCoord2f
glRecti
glPointSize
glOrtho
glLoadIdentity
glLineWidth
glEnd
glEnable
glDisable
glColor3f
glBindTexture
glBegin
glRotated
glAlphaFunc

kernel32

CopyFileW
MultiByteToWideChar
WideCharToMultiByte
FormatMessageA
Sleep
GetTickCount
SetCurrentDirectoryW
DeleteFileW
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
GlobalAlloc
GlobalUnlock
GlobalLock
GetLocaleInfoA
SetCurrentDirectoryA
GetCurrentDirectoryA
GetACP
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
GetComputerNameA
GetFileAttributesA
ExitProcess
GetProcAddress
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
GetModuleHandleW
CreateDirectoryW
GetCurrentDirectoryW
FindNextFileW
FindFirstFileW
FindClose
FormatMessageW
LocalFree
GetSystemTime
DeviceIoControl
GetLastError
CloseHandle
GetFullPathNameW
GetFileAttributesExW
CreateFileW
GetLocaleInfoEx
CreateDirectoryExW
GetFileInformationByHandle

user32

GetKeyboardLayout
DestroyIcon
ShowWindow
MessageBoxA
DefWindowProcW
RegisterWindowMessageW
IsWindow
GetDCEx
SetActiveWindow
WindowFromPoint
SetForegroundWindow
FillRect
PostThreadMessageA
GetKeyboardState
GetWindowLongPtrW
CallWindowProcA
SendMessageW
SetRect
SetWindowRgn
MessageBeep
GetSysColor
SystemParametersInfoA
CopyIcon
CreateIconIndirect
LoadIconA
LoadCursorA
GetWindow
GetParent
SetWindowLongA
GetWindowLongA
MapWindowPoints
ClientToScreen
GetCursorPos
SetCursor
AdjustWindowRectEx
GetWindowRect
SetWindowTextW
ValidateRgn
InvalidateRect
GetUpdateRgn
ReleaseDC
GetDC
GetForegroundWindow
GetSystemMetrics
KillTimer
SetTimer
MsgWaitForMultipleObjects
ReleaseCapture
SetCapture
GetAsyncKeyState
GetKeyState
SetFocus
IsClipboardFormatAvailable
EmptyClipboard
GetClipboardData
SetClipboardData
ChangeClipboardChain
SetClipboardViewer
GetClipboardOwner
CloseClipboard
OpenClipboard
BringWindowToTop
IsIconic
SetWindowPos
OpenIcon
DestroyWindow
CreateWindowExW
PostMessageA
CreateWindowExA
SendMessageA
PeekMessageW
TranslateMessage
RegisterClassExW
RegisterClassExA
PeekMessageA
DispatchMessageW
DefWindowProcA

gdi32

DPtoLP
CreateSolidBrush
CreatePalette
ExtCreateRegion
CreatePen
SetPixel
SelectPalette
TextOutW
GetTextMetricsA
SetTextColor
GetCharacterPlacementW
GetTextExtentPoint32W
GetGlyphOutlineW
CreateFontA
GdiFlush
LPtoDP
CreatePolygonRgn
CreateDIBSection
PlayEnhMetaFile
GetEnhMetaFileHeader
UpdateColors
SetTextAlign
SetDIBitsToDevice
GetStockObject
SetPixelFormat
DescribePixelFormat
SwapBuffers
StretchDIBits
Polyline
PolyPolygon
Pie
Arc
ExtCreatePen
GetDIBits
Polygon
MoveToEx
SelectClipRgn
RectInRegion
LineTo
GetRgnBox
EqualRgn
CreateCompatibleDC
DeleteDC
DeleteObject
RestoreDC
SaveDC
SelectObject
GetWorldTransform
SetWorldTransform
ModifyWorldTransform
CombineRgn
CreateBitmap
CreateRectRgn
GetDeviceCaps
CreateDCA
CreateCompatibleBitmap
BitBlt
RealizePalette
SetBkMode

shell32

DragQueryFileW
ShellExecuteW
SHGetMalloc
SHGetPathFromIDListA
SHGetPathFromIDListW
SHBrowseForFolderW
ShellExecuteA
SHGetKnownFolderPath

ole32

OleUninitialize
RegisterDragDrop
DoDragDrop
ReleaseStgMedium
CoTaskMemFree
OleInitialize

comdlg32

GetOpenFileNameW
CommDlgExtendedError
GetSaveFileNameW

advapi32

RegOpenKeyW
RegCloseKey
RegQueryValueExW

msvcp140

?gcount@?$basic_istream@DU?$char_traits@D@std@@@std@@QEBA_JXZ
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEAD_J@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
??7ios_base@std@@QEBA_NXZ
?_Xbad_function_call@std@@YAXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADXZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAPEAD0PEAH001@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?_Pnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBA_JXZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?_Gnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBA_JXZ
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?_Xbad_alloc@std@@YAXXZ
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD0@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?fail@ios_base@std@@QEBA_NXZ
?bad@ios_base@std@@QEBA_NXZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?exceptions@ios_base@std@@QEAAXH@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?width@ios_base@std@@QEAA_J_J@Z
?width@ios_base@std@@QEBA_JXZ
?flags@ios_base@std@@QEBAHXZ
?eof@ios_base@std@@QEBA_NXZ
?good@ios_base@std@@QEBA_NXZ
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?_Xlength_error@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z
?_Syserror_map@std@@YAPEBDH@Z
?_Winerror_map@std@@YAHH@Z
??0_Lockit@std@@QEAA@H@Z
??1_Lockit@std@@QEAA@XZ
?uncaught_exception@std@@YA_NXZ
??Bid@locale@std@@QEAA_KXZ
?always_noconv@codecvt_base@std@@QEBA_NXZ
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ

comctl32

_TrackMouseEvent

vcruntime140

__std_type_info_compare
strstr
strrchr
longjmp
__C_specific_handler
__current_exception
__current_exception_context
__intrinsic_setjmp
strchr
memmove
memcpy
memcmp
memchr
_CxxThrowException
__std_exception_destroy
__std_exception_copy
__std_terminate
_purecall
__std_type_info_destroy_list
memset

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-runtime-l1-1-0

_invalid_parameter_noinfo_noreturn
exit
_initialize_onexit_table
_seh_filter_dll
terminate
abort
_register_thread_local_exe_atexit_callback
raise
_cexit
__p___argv
strerror_s
__p___argc
_exit
_initterm_e
_initterm
_get_initial_narrow_environment
_c_exit
_wsystem
_initialize_narrow_environment
_errno
_configure_narrow_argv
_set_app_type
_seh_filter_exe
strerror
_crt_at_quick_exit
_crt_atexit
_register_onexit_function
_execute_onexit_table

api-ms-win-crt-string-l1-1-0

isupper
isspace
ispunct
strncmp
islower
isalpha
strcmp
tolower
toupper
isprint
isdigit
strncpy
strcspn
wcsncpy
isxdigit
_strdup
_wcsicmp
isalnum
_stricmp

api-ms-win-crt-heap-l1-1-0

calloc
malloc
free
_set_new_mode
realloc
_callnewh

api-ms-win-crt-convert-l1-1-0

strtoul
atoi
atol
wcstombs
strtol
strtod
atof

api-ms-win-crt-stdio-l1-1-0

setvbuf
fwrite
_fseeki64
fsetpos
fclose
_wfopen
fread
_get_stream_buffer_pointers
fputs
_wsopen_dispatch
__stdio_common_vfprintf
fopen
fseek
_set_fmode
ftell
fgets
ferror
rewind
fflush
fputc
fgetpos
__p__commode
_getcwd
fgetc
__stdio_common_vsscanf
__acrt_iob_func
__stdio_common_vsprintf
ungetc

api-ms-win-crt-math-l1-1-0

sin
floorf
floor
cos
ceil
fmod
roundf
hypot
_hypotf
fmax
acos
sqrtf
atan2
pow
tan
log
atan2f
atanf
cosf
tanf
modf
__setusermatherr
ceilf
round
sqrt
frexp
ldexp

api-ms-win-crt-filesystem-l1-1-0

_wchmod
_wunlink
_waccess
_lock_file
_unlock_file
_wrmdir
_wmkdir
remove
_wrename
_wstat64i32

api-ms-win-crt-environment-l1-1-0

getenv
_wgetcwd
_putenv
_wgetenv

api-ms-win-crt-utility-l1-1-0

qsort
bsearch
rand

api-ms-win-crt-locale-l1-1-0

localeconv
_configthreadlocale

api-ms-win-crt-time-l1-1-0

_time64
_gmtime64

api-ms-win-crt-process-l1-1-0

_wexecvp

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 487KB - Virtual size: 487KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 777B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 373B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

76081510dc0fd5f053c07206e1da29d0

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

opengl32

kernel32

user32

gdi32

shell32

ole32

comdlg32

advapi32

msvcp140

comctl32

vcruntime140

vcruntime140_1

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-process-l1-1-0

Sections

.text Size: 2.5MB - Virtual size: 2.5MB

.rdata Size: 487KB - Virtual size: 487KB

.data Size: 41KB - Virtual size: 161KB

.pdata Size: 107KB - Virtual size: 106KB

.idata Size: 27KB - Virtual size: 27KB

.tls Size: 1024B - Virtual size: 777B

.00cfg Size: 512B - Virtual size: 373B

.rsrc Size: 62KB - Virtual size: 62KB

.reloc Size: 17KB - Virtual size: 16KB

.text
Size: 2.5MB - Virtual size: 2.5MB

.rdata
Size: 487KB - Virtual size: 487KB

.data
Size: 41KB - Virtual size: 161KB

.pdata
Size: 107KB - Virtual size: 106KB

.idata
Size: 27KB - Virtual size: 27KB

.tls
Size: 1024B - Virtual size: 777B

.00cfg
Size: 512B - Virtual size: 373B

.rsrc
Size: 62KB - Virtual size: 62KB

.reloc
Size: 17KB - Virtual size: 16KB