e7003b074e8fe07dbe432bf40dafb66bf03d9f2896cae22cd10637943b087b11

Sharing

Copy URL Twitter E-mail

General

Target

e7003b074e8fe07dbe432bf40dafb66bf03d9f2896cae22cd10637943b087b11
Size

2.4MB
MD5

20f43c47c594863e142023709d9a2216
SHA1

980ef68a535b5539c40577c92d679e53099cbbdd
SHA256

e7003b074e8fe07dbe432bf40dafb66bf03d9f2896cae22cd10637943b087b11
SHA512

e3be392c3623e0fc7e4bddc9805876f5ce9dee546c5f7ae7113209e7736cab75eb37bbaafc4f75c2f52c9ccae9444ca4c4b6ab36588efefad0abca9e88fd97fe
SSDEEP

49152:Ki/Od/rKIqm97j12hGvXdNwI8MNtSx0meDshpV16UNsCtQ:O/r8sfMhG/rOedUN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e7003b074e8fe07dbe432bf40dafb66bf03d9f2896cae22cd10637943b087b11

Files

e7003b074e8fe07dbe432bf40dafb66bf03d9f2896cae22cd10637943b087b11
.dll windows:5 windows x86 arch:x86

62c490b791d12dd3699b3dc2c220ee29

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mprapi

MprConfigInterfaceEnum
MprAdminIsServiceRunning

user32

TileWindows
SetTimer

shlwapi

StrChrIA
StrChrIW
SHSetValueA

gdi32

Pie
Ellipse

netapi32

NetSessionDel

rpcrt4

NdrGetUserMarshalInfo
UuidEqual

oleaut32

SysStringLen

kernel32

GetModuleFileNameA
GetFileTime
GetModuleHandleW
GlobalMemoryStatus
GetProcessTimes
SetDllDirectoryW
GetModuleHandleExW

Exports

Exports

EenohaaieciOoossuenh

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.CRT
Size: 4KB - Virtual size: 498B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt0
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

fWps
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

X
Size: 260KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

m7U|F
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

LlZkfrt
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

62c490b791d12dd3699b3dc2c220ee29

Headers

File Characteristics

Imports

mprapi

user32

shlwapi

gdi32

netapi32

rpcrt4

oleaut32

kernel32

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 8KB

.CRT Size: 4KB - Virtual size: 498B

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 52KB - Virtual size: 54KB

.crt0 Size: 40KB - Virtual size: 36KB

fWps Size: 64KB - Virtual size: 61KB

X Size: 260KB - Virtual size: 256KB

m7U|F Size: 1.8MB - Virtual size: 1.8MB

LlZkfrt Size: 100KB - Virtual size: 97KB

.rsrc Size: 4KB - Virtual size: 1008B

.reloc Size: 20KB - Virtual size: 19KB

.text
Size: 12KB - Virtual size: 8KB

.CRT
Size: 4KB - Virtual size: 498B

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 52KB - Virtual size: 54KB

.crt0
Size: 40KB - Virtual size: 36KB

fWps
Size: 64KB - Virtual size: 61KB

X
Size: 260KB - Virtual size: 256KB

m7U|F
Size: 1.8MB - Virtual size: 1.8MB

LlZkfrt
Size: 100KB - Virtual size: 97KB

.rsrc
Size: 4KB - Virtual size: 1008B

.reloc
Size: 20KB - Virtual size: 19KB