eba7df179c830bbead2a78934f2bf3e77fcc4aacf90b69c5be49a2fa68adf8b4[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

eba7df179c830bbead2a78934f2bf3e77fcc4aacf90b69c5be49a2fa68adf8b4.exe
Size

363KB
MD5

2a862d97cc67da2511680862033b5228
SHA1

2a7e8253a766bb23ab0659f45e1a15c1b914238b
SHA256

eba7df179c830bbead2a78934f2bf3e77fcc4aacf90b69c5be49a2fa68adf8b4
SHA512

796e14839a523210cf3518b9905b6d28b69c7a6a1f0870ddef6cef8efd1422ac923a961913ab6b1a61b69e28bf46a29c2a5f0096d331d08ac40be206f1c70036
SSDEEP

6144:iq8vMRj++osNEKDuiIsyW1+1W2zHRtnnY9JVwcq3Uv1pAOz3wxd3GN1l:l8b+Hg7satRtY9vWMpRwNk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eba7df179c830bbead2a78934f2bf3e77fcc4aacf90b69c5be49a2fa68adf8b4.exe

Files

eba7df179c830bbead2a78934f2bf3e77fcc4aacf90b69c5be49a2fa68adf8b4.exe
.exe windows:5 windows x86 arch:x86

4a86d6bd6da9a8dd32c68e84b5f90647

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindNextFileW
FindFirstFileExW
WriteConsoleW
FindClose
HeapReAlloc
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetFileType
SetFilePointerEx
GetConsoleCP
HeapSize
SetEndOfFile
lstrlenW
WaitForSingleObject
CloseHandle
WriteFile
CreateFileW
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
DeleteFileW
GetTempFileNameW
GetTempPathW
ExitProcess
MulDiv
GetLastError
CreateMutexW
Sleep
FlushFileBuffers
HeapAlloc
HeapFree
ReadConsoleW
GetConsoleMode
ReadFile
GetACP
GetStdHandle
GetModuleHandleExW
ExitThread
RaiseException
RtlUnwind
LoadLibraryW
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
ReleaseSemaphore
VirtualFree
VirtualProtect
VirtualAlloc
GetVersionExW
LoadLibraryExW
GetModuleHandleA
DuplicateHandle
WaitForSingleObjectEx
GetCurrentProcess
SwitchToThread
GetCurrentThread
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
DeleteCriticalSection
WideCharToMultiByte
QueryPerformanceCounter
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetTickCount
GetModuleHandleW
GetProcAddress
EncodePointer
DecodePointer
MultiByteToWideChar
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
GetCurrentProcessId
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
CreateTimerQueue
SetEvent
SignalObjectAndWait
CreateThread
SetThreadPriority
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
GetThreadTimes
FreeLibrary
FreeLibraryAndExitThread
GetModuleFileNameW

user32

GetMessageW
TranslateMessage
DispatchMessageW
LoadCursorW
RegisterClassW
GetSystemMetrics
MoveWindow
ShowWindow
UpdateWindow
CreateWindowExW
SetLayeredWindowAttributes
GetClientRect
GetDC
ReleaseDC
DefWindowProcW
DestroyWindow
PostQuitMessage
GetKeyState
SetCapture
ReleaseCapture
MessageBoxW
LoadIconW
RegisterClassExW
SetTimer
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard

gdi32

DeleteDC
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
DeleteObject
TextOutW
SetTextColor
SetBkMode
CreateFontW
GetDeviceCaps
Rectangle
CreatePen
SelectObject
CreateSolidBrush
GetStockObject

advapi32

RegSetValueExW
RegCreateKeyExW
RegCloseKey

shell32

ShellExecuteExW
Shell_NotifyIconW

gdiplus

GdipCloneImage
GdipSaveImageToFile
GdiplusShutdown
GdipCreateBitmapFromHBITMAP
GdipGetImageEncodersSize
GdipFree
GdipAlloc
GdiplusStartup
GdipGetImageEncoders
GdipDisposeImage

wininet

HttpQueryInfoW
HttpSendRequestW
HttpAddRequestHeadersW
HttpOpenRequestW
InternetConnectW
InternetCloseHandle
InternetReadFile
InternetOpenUrlW
InternetOpenW

Sections

.text
Size: 231KB - Virtual size: 231KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4a86d6bd6da9a8dd32c68e84b5f90647

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

gdiplus

wininet

Sections

.text Size: 231KB - Virtual size: 231KB

.rdata Size: 85KB - Virtual size: 84KB

.data Size: 9KB - Virtual size: 13KB

.rsrc Size: 36KB - Virtual size: 36KB

.text
Size: 231KB - Virtual size: 231KB

.rdata
Size: 85KB - Virtual size: 84KB

.data
Size: 9KB - Virtual size: 13KB

.rsrc
Size: 36KB - Virtual size: 36KB