5cb70499ca94408d321ab9b7a0a4c05cfc08f753fa9a2e8e4f68a6d705af4a94

Sharing

Copy URL Twitter E-mail

General

Target

5cb70499ca94408d321ab9b7a0a4c05cfc08f753fa9a2e8e4f68a6d705af4a94
Size

15.5MB
MD5

87b1aadc88b3e460b26739cae931c702
SHA1

56b4aea4bf9868c2f5a225a21631c705aeab869e
SHA256

5cb70499ca94408d321ab9b7a0a4c05cfc08f753fa9a2e8e4f68a6d705af4a94
SHA512

8567d53c47081016d9317f6d1df8b5f9f43af5a2a46fbc85fb863d3888d5d80eb3138c210cd31777d612f23640c107c0248a2deddc719477ac43c8dabbf99089
SSDEEP

393216:oiTfvQfPhu4IJhTR7U89s9SxX5V4ldvVTvDlFSKR:oiTEpu4IJhTR7W9SxQZvDmK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5cb70499ca94408d321ab9b7a0a4c05cfc08f753fa9a2e8e4f68a6d705af4a94

Files

5cb70499ca94408d321ab9b7a0a4c05cfc08f753fa9a2e8e4f68a6d705af4a94
.exe windows:5 windows x86 arch:x86

407e7b7aa732152cee63dab5ff4ba9d3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

midiStreamStop

ws2_32

socket

msvfw32

DrawDibDraw

avifil32

AVIStreamInfoA

rasapi32

RasHangUpA

kernel32

GetVersion
GetVersionExA
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

SetMenuItemBitmaps
CharUpperBuffW

gdi32

GetStretchBltMode

msimg32

GradientFill

winspool.drv

OpenPrinterA

comdlg32

GetFileTitleA

advapi32

RegEnumValueA

shell32

SHGetMalloc

ole32

CLSIDFromProgID

oleaut32

VariantChangeType

comctl32

ImageList_Create

wldap32

ord29

wsock32

shutdown

wininet

InternetCloseHandle

Exports

Exports

e2ee_CacheClear
e2ee_CacheDecr
e2ee_CacheDelete
e2ee_CacheExists
e2ee_CacheGet
e2ee_CacheGetMulti
e2ee_CacheGetMultiText
e2ee_CacheGetText
e2ee_CacheIncr
e2ee_CacheSet
e2ee_CacheSetExpire
e2ee_CacheSetText

Sections

T-VMP
Size: - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

T-VMP
Size: - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

T-VMP
Size: - Virtual size: 5.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

T-VMP
Size: - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

T-VMP
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

T-VMP
Size: - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

T-VMP
Size: - Virtual size: 7.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

T-VMP
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

T-VMP
Size: 13.3MB - Virtual size: 13.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

T-VMP
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

T-VMP
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

T-VMP
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

T-VMP
Size: 552KB - Virtual size: 550KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

T-VMP
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

407e7b7aa732152cee63dab5ff4ba9d3

Headers

File Characteristics

Imports

winmm

ws2_32

msvfw32

avifil32

rasapi32

kernel32

user32

gdi32

msimg32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

wldap32

wsock32

wininet

Exports

Exports

Sections

T-VMP Size: - Virtual size: 1.9MB

T-VMP Size: - Virtual size: 34KB

T-VMP Size: - Virtual size: 5.2MB

T-VMP Size: - Virtual size: 1.6MB

T-VMP Size: - Virtual size: 1KB

T-VMP Size: - Virtual size: 22KB

T-VMP Size: - Virtual size: 7.1MB

T-VMP Size: 4KB - Virtual size: 3KB

T-VMP Size: 13.3MB - Virtual size: 13.3MB

T-VMP Size: 8KB - Virtual size: 7KB

T-VMP Size: 1.7MB - Virtual size: 1.7MB

T-VMP Size: 4KB - Virtual size: 4KB

T-VMP Size: 552KB - Virtual size: 550KB

T-VMP Size: 8KB - Virtual size: 7KB

T-VMP
Size: - Virtual size: 1.9MB

T-VMP
Size: - Virtual size: 34KB

T-VMP
Size: - Virtual size: 5.2MB

T-VMP
Size: - Virtual size: 1.6MB

T-VMP
Size: - Virtual size: 1KB

T-VMP
Size: - Virtual size: 22KB

T-VMP
Size: - Virtual size: 7.1MB

T-VMP
Size: 4KB - Virtual size: 3KB

T-VMP
Size: 13.3MB - Virtual size: 13.3MB

T-VMP
Size: 8KB - Virtual size: 7KB

T-VMP
Size: 1.7MB - Virtual size: 1.7MB

T-VMP
Size: 4KB - Virtual size: 4KB

T-VMP
Size: 552KB - Virtual size: 550KB

T-VMP
Size: 8KB - Virtual size: 7KB