e13f8660a04d1c17aa21fd2b757f6afcb6340f62fc5a1db2601e9cc6ba0cb340

Sharing

Copy URL Twitter E-mail

General

Target

e13f8660a04d1c17aa21fd2b757f6afcb6340f62fc5a1db2601e9cc6ba0cb340
Size

810KB
MD5

03620ffeece6f03afbdcf863acf4383a
SHA1

e3a2fc2b6daf12d0cfbbd3352186edf57b60e897
SHA256

e13f8660a04d1c17aa21fd2b757f6afcb6340f62fc5a1db2601e9cc6ba0cb340
SHA512

8584f3689e35e56299df73211f41f0eb6430385cc4f3d8bcca5c7168f32871630ab5ac40bc2f0d5654d785420b37dfb06a32a51616c3f0ee209648ccfbbd6614
SSDEEP

24576:x5vRVC8OJnRJ6eclY0XYxCS+iUYwXqh9Ionn49k:x7VC8Yn0YKYcOvh9Ionnk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e13f8660a04d1c17aa21fd2b757f6afcb6340f62fc5a1db2601e9cc6ba0cb340

Files

e13f8660a04d1c17aa21fd2b757f6afcb6340f62fc5a1db2601e9cc6ba0cb340
.exe windows:6 windows x64 arch:x64

90be6b541e76fe3869ea5ede25908687

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GlobalFree
GlobalLock
WideCharToMultiByte
GlobalUnlock
WaitForMultipleObjects
lstrcpyW
SetEndOfFile
WriteConsoleW
HeapReAlloc
HeapSize
CreateFileW
GetStringTypeW
SetStdHandle
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GlobalAlloc
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
GetFileSizeEx
GetConsoleOutputCP
FlushFileBuffers
LCMapStringW
FlsFree
FlsSetValue
FlsGetValue
QueryPerformanceCounter
FreeLibrary
QueryPerformanceFrequency
MultiByteToWideChar
GetProcAddress
FlsAlloc
HeapFree
HeapAlloc
CloseHandle
LoadLibraryA
CreateEventW
GetModuleHandleA
GetOEMCP
WaitForSingleObject
GetFileType
ReadConsoleW
GetConsoleMode
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
GetModuleHandleW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlUnwindEx
RtlPcToFileHeader
RaiseException
GetLastError
SetLastError
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
ReadFile
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
GetStdHandle
WriteFile
SetFilePointerEx

user32

GetCursorPos
SetCursorPos
ReleaseCapture
IsWindowUnicode
GetClientRect
DefWindowProcW
DestroyWindow
CreateWindowExW
UnregisterClassW
ShowWindow
DispatchMessageW
PeekMessageW
RegisterClassW
TranslateMessage
PostQuitMessage
UpdateWindow
OpenClipboard
CloseClipboard
EmptyClipboard
GetClipboardData
SetClipboardData
GetKeyState
ScreenToClient
GetCapture
ClientToScreen
TrackMouseEvent
GetForegroundWindow
LoadCursorW
SetCapture
SetCursor

d3dcompiler_47

D3DCompile

imm32

ImmSetCompositionWindow
ImmReleaseContext
ImmGetContext
ImmSetCompositionFontW
ImmSetCandidateWindow

d3d12

ord101

dxgi

CreateDXGIFactory1

Sections

.text
Size: 585KB - Virtual size: 584KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 179KB - Virtual size: 178KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

90be6b541e76fe3869ea5ede25908687

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

d3dcompiler_47

imm32

d3d12

dxgi

Sections

.text Size: 585KB - Virtual size: 584KB

.rdata Size: 179KB - Virtual size: 178KB

.data Size: 20KB - Virtual size: 42KB

.pdata Size: 20KB - Virtual size: 20KB

_RDATA Size: 512B - Virtual size: 252B

.rsrc Size: 1024B - Virtual size: 896B

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 585KB - Virtual size: 584KB

.rdata
Size: 179KB - Virtual size: 178KB

.data
Size: 20KB - Virtual size: 42KB

.pdata
Size: 20KB - Virtual size: 20KB

_RDATA
Size: 512B - Virtual size: 252B

.rsrc
Size: 1024B - Virtual size: 896B

.reloc
Size: 2KB - Virtual size: 2KB