e65c2d73322c5050d543a03d4d3adef2

Sharing

Copy URL

Twitter E-mail

General

Target

e65c2d73322c5050d543a03d4d3adef2
Size

297KB
MD5

e65c2d73322c5050d543a03d4d3adef2
SHA1

7282a8c8d03191a7697f1c25913d49fadb4d077f
SHA256

413ed99dbd7e392382fe4b74f10477f2941941a1d274a698a7dbd1a810e3c93c
SHA512

d474ae8b4278c80f4609916fc1ec3439a0e2dac8123d32ece9d345d8eaf2f4a6ec7a4520ee4f7b22c6946ee4712349fd80cd97cdb53a7e275a6c1ac007b354f3
SSDEEP

3072:QQYdWhgyAvpH+nNNQeKkTK+hRto2ZcX55dHe3d5gSYZd5ByEXvSJwcPmL+m:0UsHmNNQeKx+bt855d+A3Zd5ByahVqm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e65c2d73322c5050d543a03d4d3adef2

Files

e65c2d73322c5050d543a03d4d3adef2
.exe windows:5 windows x86 arch:x86

199e0c6f8d297285d5889eb5572e7ddf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDefaultCommConfigW
WriteConsoleOutputW
CreateProcessW
GetConsoleAliasA
InterlockedDecrement
GetEnvironmentStringsW
GetTimeFormatA
FreeEnvironmentStringsA
GetModuleHandleW
EnumTimeFormatsA
GetDateFormatA
GetVolumePathNameW
GetEnvironmentStrings
GlobalAlloc
FatalAppExitW
LeaveCriticalSection
DebugActiveProcessStop
DeactivateActCtx
GetLongPathNameW
SetLastError
MoveFileW
SetComputerNameA
GetAtomNameA
LoadLibraryA
InterlockedExchangeAdd
AddAtomW
FoldStringA
OpenFileMappingW
VirtualProtect
Module32Next
DeleteTimerQueueTimer
TlsFree
ResumeThread
SearchPathW
MoveFileExA
GetStartupInfoW
SetVolumeLabelA
GetLastError
HeapFree
MultiByteToWideChar
HeapReAlloc
HeapAlloc
Sleep
GetProcAddress
ExitProcess
GetCommandLineA
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
VirtualFree
DeleteCriticalSection
EnterCriticalSection
VirtualAlloc
GetCPInfo
InterlockedIncrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
GetCurrentThreadId
WriteFile
GetStdHandle
GetModuleFileNameA
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsW
WideCharToMultiByte
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetFilePointer
GetConsoleCP
GetConsoleMode
RtlUnwind
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
CreateFileA
CloseHandle
ReadFile
GetModuleHandleA

gdi32

GetBitmapBits

advapi32

OpenThreadToken

Sections

.text
Size: 154KB - Virtual size: 153KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 435KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

199e0c6f8d297285d5889eb5572e7ddf

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

advapi32

Sections

.text Size: 154KB - Virtual size: 153KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 22KB - Virtual size: 435KB

.rsrc Size: 111KB - Virtual size: 110KB

.text
Size: 154KB - Virtual size: 153KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 22KB - Virtual size: 435KB

.rsrc
Size: 111KB - Virtual size: 110KB