e99ea92b0e825d6af6489c411c8c2da2aeb715c691507b3e3ff654dbef08d6b2

Sharing

Copy URL Twitter E-mail

General

Target

e99ea92b0e825d6af6489c411c8c2da2aeb715c691507b3e3ff654dbef08d6b2
Size

203KB
MD5

350568ee30ecee2b4ad0c4380ac43c31
SHA1

324179258d2f8f5f00c08b314724555e1357c9e6
SHA256

e99ea92b0e825d6af6489c411c8c2da2aeb715c691507b3e3ff654dbef08d6b2
SHA512

269945aa8f282eb7ecc89ec9b8bc3b334107268146a70fec0e600b6e4d408060725673926d213c6768138a42d75bcf6f9d80acfe815de99db86ec5ca996cdcfc
SSDEEP

6144:9EL1lvsWYuOiMnGNuuF8XcfI2MPO7qhnhF9mD:knksHxyXcfIRhFE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e99ea92b0e825d6af6489c411c8c2da2aeb715c691507b3e3ff654dbef08d6b2

Files

e99ea92b0e825d6af6489c411c8c2da2aeb715c691507b3e3ff654dbef08d6b2
.exe windows:4 windows x86 arch:x86

dec3dee9869bb0d71498fbbf0d597bb9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeResource
MoveFileW
GetLogicalDrives
WinExec
SearchPathW
GetACP
GetModuleHandleA
CreateDirectoryW
CompareStringA
GetEnvironmentStringsA
lstrcmpA
ExpandEnvironmentStringsA
SuspendThread
lstrcmpi
GetHandleInformation
lstrcatA
GetStringTypeW
CreateSemaphoreA
GetProcAddress
EnumTimeFormatsA
GetSystemDefaultLCID
GetNamedPipeInfo
GetCurrentThreadId
GetNumberFormatA
IsBadStringPtrA
GetModuleFileNameA

user32

DrawTextW
GetMessageW
OffsetRect
DialogBoxParamA
SendMessageW
CreateDialogIndirectParamW
LoadBitmapA
SetForegroundWindow
GetDlgItem
MonitorFromPoint
FindWindowW
WaitForInputIdle
CreateWindowExA
MoveWindow
SetWindowTextA
CharUpperA
GetDC
UpdateWindow
UnregisterClassA
GetKeyboardType
ShowWindow
GetClassInfoW
RegisterClassExW
CharNextA
CreateWindowExW
IsDlgButtonChecked
mouse_event
PostMessageA
RegisterClassExA
SetCursorPos
GetMenuItemInfoA
wvsprintfA
CharUpperW
GetCursorPos
GetSystemMetrics
CreateDialogParamA
GetIconInfo
ArrangeIconicWindows
DefWindowProcW
GetClassNameW
GetClassInfoExA

gdi32

BitBlt
GetTextMetricsW
CreateMetaFileW
GetEnhMetaFileA
CreateMetaFileA
EnumFontFamiliesExA
ResizePalette
FlattenPath
CreateFontIndirectW
OffsetClipRgn
GetCharABCWidthsI
SetMapperFlags
RestoreDC
TranslateCharsetInfo
SetBrushOrgEx
GetEnhMetaFileDescriptionA
PtInRegion

advapi32

RegQueryValueW
RegSaveKeyW
RegOpenKeyW
RegRestoreKeyW
RegFlushKey
RegEnumValueA
RegOpenKeyExA
RegCreateKeyExA
RegEnumValueW
RegCreateKeyExW

shlwapi

PathParseIconLocationW
UrlGetLocationW
PathFileExistsW
AssocQueryStringA
UrlCreateFromPathW
PathUndecorateA
StrCmpNIA
PathIsFileSpecW

Sections

.qtJ
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tc
Size: 3KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.VXtI
Size: 3KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.B
Size: 4KB - Virtual size: 235KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 103KB - Virtual size: 418KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.M
Size: 4KB - Virtual size: 479KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dec3dee9869bb0d71498fbbf0d597bb9

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shlwapi

Sections

.qtJ Size: 11KB - Virtual size: 11KB

.tc Size: 3KB - Virtual size: 48KB

.VXtI Size: 3KB - Virtual size: 205KB

.B Size: 4KB - Virtual size: 235KB

.data Size: 103KB - Virtual size: 418KB

.M Size: 4KB - Virtual size: 479KB

.rsrc Size: 72KB - Virtual size: 71KB

.reloc Size: 1024B - Virtual size: 824B

.qtJ
Size: 11KB - Virtual size: 11KB

.tc
Size: 3KB - Virtual size: 48KB

.VXtI
Size: 3KB - Virtual size: 205KB

.B
Size: 4KB - Virtual size: 235KB

.data
Size: 103KB - Virtual size: 418KB

.M
Size: 4KB - Virtual size: 479KB

.rsrc
Size: 72KB - Virtual size: 71KB

.reloc
Size: 1024B - Virtual size: 824B