e5b0ad83b91bbfbddd2ce98d4467cb70N

Sharing

Copy URL Twitter E-mail

General

Target

e5b0ad83b91bbfbddd2ce98d4467cb70N
Size

278KB
MD5

e5b0ad83b91bbfbddd2ce98d4467cb70
SHA1

6dd8fd757a4bff01c39e88b1fd408d2e92ea3245
SHA256

6433acf37ac9d8443108de7f31af4f103d8934f47fadb7eefb07be04a88a8b36
SHA512

01877ec4e234604c821eb3e4e8da73fae8060d53dd7bf59802d4debb77d7dc112a06986f62a163a1781aee514b178134b93a3c37a07a9161711b27529447bedf
SSDEEP

6144:TFVVCwO0KargxyFPPUtdPdUIUrsZq+cC47VHylS:TRCwOSsxyp6x8rsZAx7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e5b0ad83b91bbfbddd2ce98d4467cb70N

Files

e5b0ad83b91bbfbddd2ce98d4467cb70N
.exe windows:4 windows x86 arch:x86

997b2b74d93ee234ead0d4ba53255509

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteA

rpcrt4

UuidToStringA
RpcStringFreeA

atl

ord23
ord17
ord18
ord57
ord16
ord32
ord30
ord58
ord20

kernel32

lstrcmpiA
GetCommandLineA
GetModuleFileNameA
LeaveCriticalSection
EnterCriticalSection
GetTickCount
GetLastError
GetCurrentProcess
GetCurrentThread
lstrlenW
CreateIoCompletionPort
PostQueuedCompletionStatus
GetQueuedCompletionStatus
GetSystemDirectoryA
GetProcAddress
GetComputerNameA
FreeLibrary
ReadFile
InitializeCriticalSection
DeleteCriticalSection
GetLocalTime
OpenFile
DeleteFileA
CreateThread
CloseHandle
GetPrivateProfileSectionNamesA
GetPrivateProfileStringA
LocalFree
InterlockedDecrement
InterlockedIncrement
lstrlenA
MultiByteToWideChar
LoadLibraryA
GetCurrentThreadId
CreateDirectoryA
FindFirstFileA
FindNextFileA
FindClose
Sleep
SetUnhandledExceptionFilter
WriteFile
GetFileType
SetEndOfFile
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
CreateFileA
FlushFileBuffers
SetStdHandle
SetFilePointer
IsBadCodePtr
IsBadReadPtr
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetOEMCP
GetACP
GetCPInfo
HeapSize
TerminateProcess
IsBadWritePtr
WideCharToMultiByte
RtlUnwind
HeapFree
HeapReAlloc
HeapAlloc
GetModuleHandleA
GetStartupInfoA
GetVersion
ExitProcess
RaiseException
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc

user32

PostThreadMessageA
CharNextA
KillTimer
DispatchMessageA
GetMessageA
SetTimer
LoadStringA
CharUpperA
MessageBoxA

advapi32

OpenProcessToken
GetTokenInformation
OpenThreadToken
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
GetLengthSid
CopySid
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
StartServiceCtrlDispatcherA
ControlService
DeleteService
CreateServiceA
RegDeleteValueA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
SetServiceStatus
RegisterServiceCtrlHandlerA
RegisterEventSourceA
ReportEventA
DeregisterEventSource
OpenSCManagerA
OpenServiceA
CloseServiceHandle

ole32

CoCreateInstance
CoCreateInstanceEx
CLSIDFromProgID
OleRun
CoMarshalInterThreadInterfaceInStream
CoUninitialize
CoGetInterfaceAndReleaseStream
CoInitialize
CoInitializeSecurity
CoCreateGuid
CoInitializeEx

oleaut32

LoadRegTypeLi
VariantTimeToSystemTime
SystemTimeToVariantTime
VariantChangeType
SysStringLen
SysStringByteLen
SysAllocStringByteLen
SysAllocString
VariantInit
SysFreeString
VariantClear
VariantCopy
GetErrorInfo

Sections

.text
Size: 140KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.erdata
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

997b2b74d93ee234ead0d4ba53255509

Headers

File Characteristics

Imports

shell32

rpcrt4

atl

kernel32

user32

advapi32

ole32

oleaut32

Sections

.text Size: 140KB - Virtual size: 137KB

.rdata Size: 24KB - Virtual size: 21KB

.data Size: 12KB - Virtual size: 14KB

.rsrc Size: 16KB - Virtual size: 53KB

.erdata Size: 80KB - Virtual size: 80KB

.text
Size: 140KB - Virtual size: 137KB

.rdata
Size: 24KB - Virtual size: 21KB

.data
Size: 12KB - Virtual size: 14KB

.rsrc
Size: 16KB - Virtual size: 53KB

.erdata
Size: 80KB - Virtual size: 80KB