ec95c30c909740df54da4a9e9aac97010207ed26485a5299553447880b3399a7

Sharing

Copy URL

Twitter E-mail

General

Target

ec95c30c909740df54da4a9e9aac97010207ed26485a5299553447880b3399a7
Size

218KB
MD5

0066d71843d36a1fd1141ec209e716a1
SHA1

ea1ef7dc9e22c23ef4dcf85dcb484a6a9b2f5791
SHA256

ec95c30c909740df54da4a9e9aac97010207ed26485a5299553447880b3399a7
SHA512

caaa3aa5bec684886c062ecf41f6104a8633af0c1ff3ed7ff167b262ea42257a82909fe395a18ef8021eeeb27677f9876baa643c49a1d7c913641fabf65b5aee
SSDEEP

6144:KEQBDdO1z7L/EIhZDE9oLfFWlMZT7+DGaMwIC:KEGDdQNHEwWlMxYG/wI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ec95c30c909740df54da4a9e9aac97010207ed26485a5299553447880b3399a7

Files

ec95c30c909740df54da4a9e9aac97010207ed26485a5299553447880b3399a7
.exe windows:4 windows x86 arch:x86

2e5df9fb7e893bd2efa286b6326edce6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
EnumCalendarInfoA
DisconnectNamedPipe
MoveFileA
lstrcpyn
GetCommandLineA
GetSystemDirectoryW
GetEnvironmentVariableA
IsBadStringPtrA
FindAtomW
ReadDirectoryChangesW
GetFullPathNameW
GetFileAttributesA
ExitThread
LoadLibraryA
lstrlenA
lstrlen
FindResourceA
FindResourceW
GetTempPathW
GetFullPathNameA
OpenMutexW
SearchPathW
GetProcAddress
EnumTimeFormatsW
GetLocaleInfoW
EnumTimeFormatsA
GetCPInfo
OpenMutexA
GetThreadPriority
LoadResource
CreateFileMappingA
GetNamedPipeInfo
lstrcpynW
CompareStringW
OpenFile
IsBadCodePtr
GetDiskFreeSpaceA
GetTimeFormatW
FindAtomA
GlobalGetAtomNameW
MultiByteToWideChar
CreateMailslotW

user32

LoadMenuIndirectW
GetDC
SetCursorPos
OpenClipboard
CreateAcceleratorTableA
OffsetRect
IsDlgButtonChecked
LoadMenuIndirectA
GetMessageW
WinHelpA
UpdateWindow
IsMenu
GetKeyState
UnregisterClassA
DestroyIcon
ShowWindow
SetFocus
TrackPopupMenuEx

gdi32

GetLogColorSpaceW
EnumFontFamiliesW
CreateICW
OffsetClipRgn
SetRectRgn
SetTextColor
PlayEnhMetaFile
CreateFontIndirectExW
GetOutlineTextMetricsW
GetBrushOrgEx
SetEnhMetaFileBits
StartDocW
GetObjectA

advapi32

RegQueryInfoKeyW
RegOpenKeyExA
RegQueryValueW
RegReplaceKeyW
RegOpenKeyExA
RegQueryInfoKeyA
RegDeleteKeyA
RegQueryValueA
RegDeleteValueA
RegOpenKeyExW
RegReplaceKeyA
RegRestoreKeyW

shell32

SHGetDataFromIDListA
SHGetFileInfoA

shlwapi

StrStrW
SHOpenRegStream2A
StrToIntA
PathParseIconLocationA
PathSkipRootW
StrToIntExA
PathCreateFromUrlA
StrCmpNIW
StrChrNIW
UrlIsOpaqueA

ole32

CoGetCurrentProcess
CLSIDFromString

winmm

midiOutSetVolume
mxd32Message
mmioClose
mciSendStringW
mmioSendMessage
mixerGetLineControlsW
mmTaskBlock

Sections

.ma
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.obptK
Size: 5KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Wv
Size: 2KB - Virtual size: 341KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.UeARA
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rddrej
Size: 3KB - Virtual size: 396KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.roXfGq
Size: 3KB - Virtual size: 458KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.BOJdrg
Size: 3KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.IU
Size: 3KB - Virtual size: 473KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.y
Size: 512B - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 109KB - Virtual size: 332KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.kzG
Size: 1KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cMrd
Size: 512B - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 634B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2e5df9fb7e893bd2efa286b6326edce6

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

shlwapi

ole32

winmm

Sections

.ma Size: 6KB - Virtual size: 6KB

.obptK Size: 5KB - Virtual size: 197KB

.Wv Size: 2KB - Virtual size: 341KB

.UeARA Size: 9KB - Virtual size: 9KB

.rddrej Size: 3KB - Virtual size: 396KB

.roXfGq Size: 3KB - Virtual size: 458KB

.BOJdrg Size: 3KB - Virtual size: 37KB

.IU Size: 3KB - Virtual size: 473KB

.y Size: 512B - Virtual size: 148KB

.data Size: 109KB - Virtual size: 332KB

.kzG Size: 1KB - Virtual size: 205KB

.cMrd Size: 512B - Virtual size: 162KB

.rsrc Size: 68KB - Virtual size: 68KB

.reloc Size: 1024B - Virtual size: 634B

.ma
Size: 6KB - Virtual size: 6KB

.obptK
Size: 5KB - Virtual size: 197KB

.Wv
Size: 2KB - Virtual size: 341KB

.UeARA
Size: 9KB - Virtual size: 9KB

.rddrej
Size: 3KB - Virtual size: 396KB

.roXfGq
Size: 3KB - Virtual size: 458KB

.BOJdrg
Size: 3KB - Virtual size: 37KB

.IU
Size: 3KB - Virtual size: 473KB

.y
Size: 512B - Virtual size: 148KB

.data
Size: 109KB - Virtual size: 332KB

.kzG
Size: 1KB - Virtual size: 205KB

.cMrd
Size: 512B - Virtual size: 162KB

.rsrc
Size: 68KB - Virtual size: 68KB

.reloc
Size: 1024B - Virtual size: 634B