e98a9a77b2df6548a329df5e3e1508764d84db061e06e8119b4998db80efdcae[.]exe

General

Target

e98a9a77b2df6548a329df5e3e1508764d84db061e06e8119b4998db80efdcae.exe
Size

216KB
MD5

d1388e8e8a4d6ac414af4f71e4a925e9
SHA1

d663e96c5c3145d785ff7ec234956e15a6a0721d
SHA256

e98a9a77b2df6548a329df5e3e1508764d84db061e06e8119b4998db80efdcae
SHA512

627607d8d525cb9f475f41dedeb9baf9193f8ccd06ed0645ff0388521c1ffd20506bacbfd20bd03c59fb30511250133eb0c2488436e507718e1670282f170a7b
SSDEEP

3072:Zmrd+eMBRz0hQLBvBt0M1qCWzJP0ruTTBaClHpspom7ffrAmph:Zmrd+eaKeLBf0dJ5TTBZbspom7bXH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e98a9a77b2df6548a329df5e3e1508764d84db061e06e8119b4998db80efdcae.exe

Files

e98a9a77b2df6548a329df5e3e1508764d84db061e06e8119b4998db80efdcae.exe
.exe windows:4 windows x86 arch:x86

985dd21d203841230bccb09e881584b1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
GetCurrentDirectoryW
LocalFree
HeapCreate
LoadLibraryExW
GetTickCount
LocalUnlock
GetTimeFormatW
GetCommandLineW
GetModuleHandleA
ResetEvent
GetSystemTime
Sleep
SetLastError
FindVolumeClose
lstrlenA
CloseHandle
GetComputerNameA
UnmapViewOfFile
CreateFileA

user32

GetDlgItem
CallWindowProcA
GetComboBoxInfo
IsWindow
DrawEdge
DispatchMessageA
SetFocus
CheckRadioButton
GetDC
DrawMenuBar
GetKeyState
CreateWindowExA
FillRect

cryptui

WizardFree
CryptUIDlgSelectCA
CryptUIDlgSelectStoreA
CryptUIDlgCertMgr
LocalEnroll

hdwwiz.cpl

AddHardwareWizard

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pjimviw
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 162KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

985dd21d203841230bccb09e881584b1

Headers

File Characteristics

Imports

kernel32

user32

cryptui

hdwwiz.cpl

Sections

.text Size: 6KB - Virtual size: 5KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 32KB - Virtual size: 33KB

pjimviw Size: - Virtual size: 4KB

.text Size: 162KB - Virtual size: 164KB

.text
Size: 6KB - Virtual size: 5KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 32KB - Virtual size: 33KB

pjimviw
Size: - Virtual size: 4KB

.text
Size: 162KB - Virtual size: 164KB