e9e8c1fc6eb0493ccafa4bd8362662e9dcc1de1191c4e2a348f1283a367f0f41

Sharing

Copy URL

Twitter E-mail

General

Target

e9e8c1fc6eb0493ccafa4bd8362662e9dcc1de1191c4e2a348f1283a367f0f41
Size

461KB
MD5

5e15f4f0710928ceb2445a10aaa48e9a
SHA1

6d737a3936b878bbd28020326e39c14c4b120003
SHA256

e9e8c1fc6eb0493ccafa4bd8362662e9dcc1de1191c4e2a348f1283a367f0f41
SHA512

416d8abdafbcf11d9a42592a853db81eecc14ddca97b5966c4e13cd5130acc25633b7bb95f580790c1063db733bbe61ca2eeed9781fcef960a3853f084a26757
SSDEEP

6144:O3CDRM9sIkrdnvCgUmCeyCQOEHoXwOK0VEppAcpSK8QGS4mBgESFX0A7:Gf9HmdvCKCepXC50VEpG8NnJgE8X04

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e9e8c1fc6eb0493ccafa4bd8362662e9dcc1de1191c4e2a348f1283a367f0f41

Files

e9e8c1fc6eb0493ccafa4bd8362662e9dcc1de1191c4e2a348f1283a367f0f41
.exe windows:6 windows x86 arch:x86

616765ca1e3c367f5f3771d38d13b610

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsValidLocaleName
LCMapStringEx
GetUserDefaultLocaleName
GetLocaleInfoEx
CompareStringEx
GetDateFormatEx
GetTimeFormatEx
EnumSystemLocalesEx
LoadLibraryW
OutputDebugStringW
GetFileAttributesExW
CreateProcessA
GetExitCodeProcess
WaitForSingleObject
WriteConsoleW
SetStdHandle
GetStringTypeW
CreateFileW
SetEnvironmentVariableA
SetEndOfFile
GetNumberOfConsoleInputEvents
PeekConsoleInputA
ReadConsoleInputA
GetStdHandle
HeapSize
SetConsoleCursorPosition
GetTimeZoneInformation
HeapReAlloc
HeapAlloc
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTickCount64
QueryPerformanceCounter
GetLastError
AreFileApisANSI
MultiByteToWideChar
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
ReadFile
EncodePointer
DecodePointer
InterlockedDecrement
ExitProcess
GetModuleHandleExW
GetProcAddress
GetCommandLineA
MoveFileExW
HeapFree
Sleep
UnhandledExceptionFilter
SetUnhandledExceptionFilter
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
GetCurrentProcess
TerminateProcess
GetStartupInfoW
GetModuleHandleW
IsDebuggerPresent
IsProcessorFeaturePresent
SetFilePointer
GetFileType
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
InitOnceExecuteOnce
FatalAppExitA
FlushFileBuffers
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
DeleteFileW
RtlUnwind
ReadConsoleW
SetFilePointerEx
CloseHandle
GetModuleFileNameW
InterlockedExchange
FreeLibrary
LoadLibraryExW
SetConsoleCtrlHandler
InterlockedIncrement
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
SetLastError
GetCurrentThread
GetCurrentThreadId
GetProcessHeap
GetModuleFileNameA
SetConsoleMode

rtm

RtmBlockConvertRoutesToStatic
RtmIsRoute
MgmRegisterMProtocol

user32

GetDC
DestroyIcon
GetKeyboardLayoutNameA
EnableWindow
CharUpperA
UserHandleGrantAccess
InSendMessage
GrayStringW

oleaut32

VarR4FromBool
VarCyMul
VarI1FromUI1
VarI4FromR4

setupapi

SetupFindFirstLineW
SetupQueueDeleteW
SetupDiGetDeviceInfoListDetailA
SetupInstallFileExW
SetupAddInstallSectionToDiskSpaceListW

imm32

ImmDisableIME
ImmGetDescriptionW
ImmSetCompositionWindow
ImmReleaseContext
ImmGetCompositionWindow
ImmSetOpenStatus
ImmGetConversionStatus
ImmGetIMCCSize
ImmGetCompositionStringA
ImmGetGuideLineW

mscms

CreateProfileFromLogColorSpaceW
GetPS2ColorSpaceArray
GetColorProfileFromHandle
UninstallColorProfileA
GetColorDirectoryW
TranslateColors

Sections

.text
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

616765ca1e3c367f5f3771d38d13b610

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

rtm

user32

oleaut32

setupapi

imm32

mscms

Sections

.text Size: 145KB - Virtual size: 145KB

.rdata Size: 20KB - Virtual size: 20KB

.data Size: 5KB - Virtual size: 12KB

.rsrc Size: 117KB - Virtual size: 116KB

.reloc Size: 11KB - Virtual size: 10KB

.text
Size: 145KB - Virtual size: 145KB

.rdata
Size: 20KB - Virtual size: 20KB

.data
Size: 5KB - Virtual size: 12KB

.rsrc
Size: 117KB - Virtual size: 116KB

.reloc
Size: 11KB - Virtual size: 10KB