e8878f951bd38a641fcdc906bca3a087079683b5e2bf3eee6d26c5becf36b6f7

Sharing

Copy URL Twitter E-mail

General

Target

e8878f951bd38a641fcdc906bca3a087079683b5e2bf3eee6d26c5becf36b6f7
Size

2.0MB
MD5

508ccdf9d43ad401513c949efb0ff68a
SHA1

aee41378a57082bf236fdac923b15d89fe77ee91
SHA256

e8878f951bd38a641fcdc906bca3a087079683b5e2bf3eee6d26c5becf36b6f7
SHA512

fe2eb9ae28d139cdea7cc4cb7bd8dd240708c1013691b20a4057af15961e05b21e47dcb54a2e2908e21ade9eb7306095f0a33c313aa34c9651ec38849a1efe85
SSDEEP

49152:W6+bch5KDiXet0Dep+NWyU8CkyNAANZxucHOqKnFWnE7Z:WNcKDiXet0Dep+4yUdkyNAANHSqKnMnK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e8878f951bd38a641fcdc906bca3a087079683b5e2bf3eee6d26c5becf36b6f7

Files

e8878f951bd38a641fcdc906bca3a087079683b5e2bf3eee6d26c5becf36b6f7
.dll windows:5 windows x86 arch:x86

713eeeaf9362a97d353436f7eb5e726b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

crypt32

CryptQueryObject
CertNameToStrW

kernel32

CompareStringW
CompareStringA
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
GetVolumeNameForVolumeMountPointW
LeaveCriticalSection
CreateSemaphoreW
GetShortPathNameA
GetWindowsDirectoryA
QueryPerformanceCounter
GetSystemDefaultUILanguage
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
IsValidLocale
DuplicateHandle
GlobalDeleteAtom
EnumSystemLocalesA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetLocaleInfoA
OutputDebugStringA
GetModuleFileNameW
GetModuleHandleA
EnumResourceLanguagesW
GlobalMemoryStatusEx
GetEnvironmentStringsW
CreatePipe
GetLocaleInfoW
HeapSize
GetCommandLineA
CloseHandle
CreateFileA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
LoadLibraryA
InterlockedExchange
FreeLibrary
SetConsoleCtrlHandler
VirtualAlloc
HeapReAlloc
HeapAlloc
ReadFile
VirtualFree
HeapDestroy
HeapCreate
GetModuleFileNameA
EnterCriticalSection
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetLastError
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
FlushFileBuffers
FatalAppExitA
Sleep
HeapFree
GetModuleHandleW
GetProcAddress
ExitProcess
SetFilePointer
SetLastError
InitializeCriticalSectionAndSpinCount
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
InterlockedDecrement
GetCurrentThread
RtlUnwind
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
MultiByteToWideChar
SetStdHandle
SetEnvironmentVariableA

urlmon

CreateAsyncBindCtxEx
CoInternetQueryInfo

advapi32

GetSecurityDescriptorControl
SaferSetPolicyInformation
NotifyBootConfigStatus
SaferCreateLevel

wininet

InternetGetCookieW

winscard

SCardConnectW

rasapi32

RasEnumConnectionsW

opengl32

glOrtho

setupapi

SetupDiEnumDeviceInfo

esent

JetSetIndexRange

ole32

CoWaitForMultipleHandles
CoResumeClassObjects

shlwapi

StrFormatKBSizeA

gdi32

SetViewportOrgEx
PolyTextOutA
Polyline
GetKerningPairsA
PlgBlt
TranslateCharsetInfo

shell32

ExtractAssociatedIconW
ShellExecuteExW
Shell_NotifyIconA
SHGetFileInfoW
ExtractAssociatedIconExW

winmm

mmioGetInfo
waveOutGetDevCapsW
waveInGetID

mprapi

MprInfoBlockSet

user32

SendNotifyMessageA
SetRect
FindWindowExW
CreateIcon
SetMenuItemInfoW
SetCursorPos
PtInRect

rpcrt4

UuidCreateNil

lz32

GetExpandedNameW

Exports

Exports

EhckewmiraarldeQnd

Sections

.text
Size: 904KB - Virtual size: 900KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.qdata
Size: 884KB - Virtual size: 881KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 152KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

713eeeaf9362a97d353436f7eb5e726b

Headers

File Characteristics

Imports

crypt32

kernel32

urlmon

advapi32

wininet

winscard

rasapi32

opengl32

setupapi

esent

ole32

shlwapi

gdi32

shell32

winmm

mprapi

user32

rpcrt4

lz32

Exports

Exports

Sections

.text Size: 904KB - Virtual size: 900KB

.qdata Size: 884KB - Virtual size: 881KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 152KB - Virtual size: 159KB

.rsrc Size: 8KB - Virtual size: 4KB

.reloc Size: 32KB - Virtual size: 30KB

.text
Size: 904KB - Virtual size: 900KB

.qdata
Size: 884KB - Virtual size: 881KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 152KB - Virtual size: 159KB

.rsrc
Size: 8KB - Virtual size: 4KB

.reloc
Size: 32KB - Virtual size: 30KB