93f51844050a75caba2826356[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

93f51844050a75caba2826356.exe
Size

321KB
MD5

93f51844050a75caba282635624d9cb7
SHA1

8149aeab53a7344c0c27bf66f56440701e279048
SHA256

0f01971fcbe3a469d0bc8b09743a765696ebe8a6a8fa0166c39cef761105be92
SHA512

d5515e73b20c1aeee110cff5d70cc137b516f754c39585a2b520c3a9a7f41cb5f87b263d0a97e6f7693d9b810d58a99f4e0069cf8f54d2a34b5a4d64ef55fa1a
SSDEEP

6144:S/ji2HtZcrWFoWdN46Vd6VWxtoloBj5rbx:CNZcyNdN9VsVJ6Bj5rbx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
93f51844050a75caba2826356.exe

Files

93f51844050a75caba2826356.exe
.exe windows x64

02a84429b024f8e8b499d5d5730c3f0a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

gdi32

DPtoLP
CreateFontIndirectW
SelectObject
DeleteObject
RestoreDC
CreateCompatibleDC
CreateCompatibleBitmap
CreateSolidBrush
SetWindowOrgEx
SetBkMode
SetTextColor
GetStockObject
GetObjectA
GetObjectW
DeleteDC
CreateBitmap
SetLayout
SetViewportOrgEx
ModifyWorldTransform
SetGraphicsMode
SaveDC
BitBlt
GetDeviceCaps

user32

SetWindowLongPtrW
DefWindowProcW
GetWindowLongPtrW
PostMessageW
PostQuitMessage
SendMessageW
SetWindowTextW
ShowWindow
UpdateWindow
GetMessageW
TranslateMessage
DispatchMessageW
FindWindowExW
IsWindow
CallWindowProcW
RegisterClassExW
GetClassInfoExW
LoadCursorW
CreateWindowExW
CharNextW
RegisterWindowMessageW
LoadIconW
LoadImageW
GetSystemMetrics
PeekMessageW
MsgWaitForMultipleObjectsEx
DestroyIcon
KillTimer
LoadStringW
GetDC
ReleaseDC
SetForegroundWindow
UnregisterClassA
SetTimer
GetCursorPos
CreatePopupMenu
AppendMenuW
SetMenuItemInfoW
SetMenuDefaultItem
TrackPopupMenu
DestroyMenu
BringWindowToTop
GetSysColor
SystemParametersInfoW
GetWindowRect
MapWindowPoints
FillRect
GetAncestor
IsIconic
GetLastActivePopup
BeginPaint
EndPaint
MoveWindow
InvalidateRect
GetWindowLongW
GetWindowTextW
GetWindowTextLengthW
DrawTextW
IsWindowEnabled
GetParent
TrackMouseEvent
SetRect
ScreenToClient
GetDlgItem
SetFocus
DestroyWindow
GetScrollInfo
SetScrollInfo
ScrollWindowEx
GetScrollPos
SetScrollPos
ScrollWindow
GetFocus
DrawIcon
EnableWindow
IsWindowVisible
SendNotifyMessageW
GetKeyState
GetClientRect

msvcrt

free
swprintf_s
memcpy_s
memmove_s
malloc
_vscwprintf
wcsncpy_s
vswprintf_s
_wtof
wcstol
towupper
wcsstr
wcschr
iswspace
_resetstkoflw
wcscat_s
_vsnwprintf
memcmp
__CxxFrameHandler3
_onexit
_lock
__dllonexit
memset
_errno
realloc
??1type_info@@UEAA@XZ
?terminate@@YAXXZ
__set_app_type
_fmode
_commode
__setusermatherr
_amsg_exit
_initterm
_wcmdln
exit
_cexit
_exit
_XcptFilter
__wgetmainargs
_callnewh
_CxxThrowException
??0exception@@QEAA@AEBV0@@Z
??1exception@@UEAA@XZ
?what@exception@@UEBAPEBDXZ
??0exception@@QEAA@AEBQEBDH@Z
wcscpy_s
__C_specific_handler
_unlock
memcpy

ntdll

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
EtwUnregisterTraceGuids
EtwRegisterTraceGuidsW
EtwGetTraceEnableFlags
EtwGetTraceEnableLevel
EtwGetTraceLoggerHandle
EtwTraceMessage

api-ms-win-security-base-l1-1-0

CheckTokenMembership
FreeSid
AllocateAndInitializeSid

gdiplus

GdiplusShutdown
GdipAddPathArcI
GdipClosePathFigure
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetSmoothingMode
GdipCreateLineBrushFromRectI
GdipDeleteBrush
GdipFree
GdipDrawPath
GdipDrawImageRectI
GdipCreateBitmapFromHICON
GdipFillPath
GdipDeletePath
GdipCreatePath
GdipDeletePen
GdipCreatePen1
GdipCreateSolidFill
GdipCreateLineBrushFromRectWithAngleI
GdipMeasureString
GdipDeleteStringFormat
GdipCreateStringFormat
GdipDeleteFont
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipDrawImageRectRectI
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipCloneImage
GdipLoadImageFromFile
GdipFillRectangleI
GdipAlloc
GdiplusStartup

comctl32

ord344

kernel32

VirtualAlloc
InterlockedPopEntrySList
VirtualFree
HeapSize
HeapReAlloc
HeapDestroy
GetVersionExA
DelayLoadFailureHook
LoadLibraryExA
GetSystemTimeAsFileTime
LocalFree
MoveFileExW
WriteFile
CreateFileW
GetTempFileNameW
GetTempPathW
GetSystemDefaultLangID
DeleteFileW
GetTimeFormatW
InterlockedPushEntrySList
FileTimeToSystemTime
FileTimeToLocalFileTime
CheckElevationEnabled
GetUserPreferredUILanguages
SetProcessWorkingSetSize
GetLocaleInfoW
RegQueryValueExW
FindResourceExW
WaitForSingleObject
CreateThread
GlobalFree
GetCommandLineW
CreateProcessW
FormatMessageW
SetEvent
CreateMutexW
CreateEventW
CloseHandle
LoadLibraryExW
MultiByteToWideChar
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
lstrcmpiW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
GetModuleHandleW
LoadLibraryW
GetProcAddress
FreeLibrary
DeleteCriticalSection
InitializeCriticalSection
GetLastError
HeapSetInformation
FindResourceW
LoadResource
LockResource
SizeofResource
GetUserDefaultUILanguage
HeapFree
GetProcessHeap
HeapAlloc
RaiseException
SetLastError
lstrlenW
GetModuleFileNameW
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
FlushInstructionCache
GetCurrentProcess
Sleep
GetStartupInfoW
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetDateFormatW
TerminateProcess
UnhandledExceptionFilter
OutputDebugStringA
GetCurrentProcessId

Sections

.text
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 138KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 632B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

02a84429b024f8e8b499d5d5730c3f0a

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

user32

msvcrt

ntdll

api-ms-win-security-base-l1-1-0

gdiplus

comctl32

kernel32

Sections

.text Size: 125KB - Virtual size: 125KB

.rdata Size: 37KB - Virtual size: 36KB

.data Size: 9KB - Virtual size: 9KB

.pdata Size: 9KB - Virtual size: 8KB

.rsrc Size: 138KB - Virtual size: 140KB

.reloc Size: 1024B - Virtual size: 632B

.text
Size: 125KB - Virtual size: 125KB

.rdata
Size: 37KB - Virtual size: 36KB

.data
Size: 9KB - Virtual size: 9KB

.pdata
Size: 9KB - Virtual size: 8KB

.rsrc
Size: 138KB - Virtual size: 140KB

.reloc
Size: 1024B - Virtual size: 632B