bb176bc0533489e10957bad0d671a748b4b5b05c7cf82e1b86b4e2acd5823356

Sharing

Copy URL Twitter E-mail

General

Target

bb176bc0533489e10957bad0d671a748b4b5b05c7cf82e1b86b4e2acd5823356
Size

13.8MB
MD5

09d873940c595aa2ae84a3a1b2740085
SHA1

3c0dc2f2930f04c47d689adb50fe63415dc876a0
SHA256

bb176bc0533489e10957bad0d671a748b4b5b05c7cf82e1b86b4e2acd5823356
SHA512

e64bc2e95474f409426aeff3aa778f5e62913e6dae92820ba524e68cf3039a0605253b179f427130ac6896b72c1daf9a9a7090082dadc7678229d37de4893946
SSDEEP

393216:ezFZOqfp4C4qqEZra8+SZQ6N64rOpLgJ:epYo42qt8lZ1U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb176bc0533489e10957bad0d671a748b4b5b05c7cf82e1b86b4e2acd5823356

Files

bb176bc0533489e10957bad0d671a748b4b5b05c7cf82e1b86b4e2acd5823356
.exe windows:5 windows x86 arch:x86

cafefe50e03af782f4d4c6617a1dd5a7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

waveOutWrite

ws2_32

htons

kernel32

GetVersion
GetVersionExA
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

DeleteMenu
CharUpperBuffW

gdi32

ExtSelectClipRgn

winspool.drv

OpenPrinterA

advapi32

RegOpenKeyExA

shell32

Shell_NotifyIconA

ole32

CLSIDFromProgID

oleaut32

VariantCopyInd

comctl32

ImageList_GetImageCount

comdlg32

ChooseColorA

Exports

Exports

e2ee_CacheClear
e2ee_CacheDecr
e2ee_CacheDelete
e2ee_CacheExists
e2ee_CacheGet
e2ee_CacheGetMulti
e2ee_CacheGetMultiText
e2ee_CacheGetText
e2ee_CacheIncr
e2ee_CacheSet
e2ee_CacheSetExpire
e2ee_CacheSetText

Sections

.text
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 593KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.e.3
Size: - Virtual size: 9.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.v[Q
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.2k]
Size: 13.8MB - Virtual size: 13.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cafefe50e03af782f4d4c6617a1dd5a7

Headers

File Characteristics

Imports

winmm

ws2_32

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

comdlg32

Exports

Exports

Sections

.text Size: - Virtual size: 1.3MB

.rdata Size: - Virtual size: 593KB

.data Size: - Virtual size: 1.3MB

.e.3 Size: - Virtual size: 9.9MB

.v[Q Size: 4KB - Virtual size: 2KB

.2k] Size: 13.8MB - Virtual size: 13.8MB

.rsrc Size: 8KB - Virtual size: 4KB

.text
Size: - Virtual size: 1.3MB

.rdata
Size: - Virtual size: 593KB

.data
Size: - Virtual size: 1.3MB

.e.3
Size: - Virtual size: 9.9MB

.v[Q
Size: 4KB - Virtual size: 2KB

.2k]
Size: 13.8MB - Virtual size: 13.8MB

.rsrc
Size: 8KB - Virtual size: 4KB