b966d1a5547a5fcad01500ac2a1b6bf366c9cd34db75af434c3ad8bd1d56dc24

Sharing

Copy URL Twitter E-mail

General

Target

b966d1a5547a5fcad01500ac2a1b6bf366c9cd34db75af434c3ad8bd1d56dc24
Size

7.1MB
MD5

33dc9309399a11dc263d2d3c0da7dcb4
SHA1

4ab7badef495e9206d09e86c8959fbcac9294f12
SHA256

b966d1a5547a5fcad01500ac2a1b6bf366c9cd34db75af434c3ad8bd1d56dc24
SHA512

0ecc94fb292c893cc7a468683125a8384373c7c4df6595a5fad3b5d3b801bdf1ad2b67673caefdda96cffb666d8e30ad4482a5ffd2ac09ba6de45d7049799028
SSDEEP

196608:f+d7f8qfSbpMJWOlW+lWBxJJ2keTenkUss4:Wd7f8+E+tl7lwxH2k/kUC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b966d1a5547a5fcad01500ac2a1b6bf366c9cd34db75af434c3ad8bd1d56dc24

Files

b966d1a5547a5fcad01500ac2a1b6bf366c9cd34db75af434c3ad8bd1d56dc24
.exe windows:4 windows x86 arch:x86

b4354109c1dd8dd511b6de27b2641f38

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

midiStreamStop

ws2_32

ioctlsocket

rasapi32

RasHangUpA

kernel32

GetCurrentProcess

user32

GetKeyState

gdi32

LineTo

msimg32

GradientFill

winspool.drv

ClosePrinter

advapi32

RegQueryValueExA

shell32

ShellExecuteA

ole32

CoGetClassObject

oleaut32

SysAllocStringLen

comctl32

ImageList_GetIcon

oledlg

ord8

wininet

InternetCanonicalizeUrlA

wldap32

ord29

comdlg32

ChooseColorA

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Exports

Exports

e2ee_CacheClear
e2ee_CacheDecr
e2ee_CacheDelete
e2ee_CacheExists
e2ee_CacheGet
e2ee_CacheGetMulti
e2ee_CacheGetMultiText
e2ee_CacheGetText
e2ee_CacheIncr
e2ee_CacheSet
e2ee_CacheSetExpire
e2ee_CacheSetText

Sections

.text
Size: 6.0MB - Virtual size: 8.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b4354109c1dd8dd511b6de27b2641f38

Headers

File Characteristics

Imports

winmm

ws2_32

rasapi32

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

oledlg

wininet

wldap32

comdlg32

msvcrt

iphlpapi

psapi

Exports

Exports

Sections

.text Size: 6.0MB - Virtual size: 8.0MB

.sedata Size: 1.1MB - Virtual size: 1.1MB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 8KB - Virtual size: 8KB

.sedata Size: 4KB - Virtual size: 4KB

.text
Size: 6.0MB - Virtual size: 8.0MB

.sedata
Size: 1.1MB - Virtual size: 1.1MB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 8KB - Virtual size: 8KB

.sedata
Size: 4KB - Virtual size: 4KB