120d32325ba10eexeexeexeex[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

120d32325ba10eexeexeexeex.exe
Size

432KB
MD5

120d32325ba10ef4b28a64e5b0620272
SHA1

8f4aa9d9926c7ae8824dd4a93041fd5ca23c0410
SHA256

0d29c0239ddf37eb2e61907c63d7ddc8669184238335f88e1df662ded372abfa
SHA512

13b0f8b221939209f61138faf85e276042bbc20e36fa2bd055aa083f0edc420c9eb601cd89d8f0cceeae5b99a8c5ec614a6232ed23f3d7aa007709d4e3085af8
SSDEEP

12288:Lkotc2fI2q000fEn5JwVdKpeXvCwOSOtYd:gotVgJ00r3UdnXhOSOt0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
120d32325ba10eexeexeexeex.exe

Files

120d32325ba10eexeexeexeex.exe
.exe windows x86

96dc7fccc21b4af7b1fb4ce0150f83cc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OutputDebugStringA
VirtualQuery
GetModuleFileNameW
WideCharToMultiByte
CreateFileA
GetFileSizeEx
GetCommandLineW
GetLocalTime
CreateDirectoryA
DeleteFileA
GetLastError
LoadLibraryW
GetProcAddress
CreateDirectoryW
WritePrivateProfileStringW
GetModuleHandleW
lstrcmpiW
GetPrivateProfileStringW
GetTickCount
MultiByteToWideChar
SetFileAttributesW
FreeLibrary
CreateThread
FindFirstFileW
FindNextFileW
FindClose
MoveFileExW
GetCurrentProcess
GetVersionExW
SizeofResource
LockResource
LoadResource
GetTempPathW
FindResourceExW
CreateFileW
GetFileType
SetFilePointer
ReadFile
SystemTimeToFileTime
GetCurrentDirectoryW
DosDateTimeToFileTime
WriteFile
SetFileTime
InitializeCriticalSection
SetEnvironmentVariableA
CompareStringW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetStringTypeW
LCMapStringW
WriteConsoleW
GetLocaleInfoW
InterlockedExchange
RtlUnwind
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
FlushFileBuffers
IsValidCodePage
GetOEMCP
ReleaseMutex
WaitForSingleObject
CloseHandle
FindResourceW
CreateMutexW
GetACP
GetCPInfo
GetConsoleMode
GetConsoleCP
SetStdHandle
ExitProcess
Sleep
SetEndOfFile
GetTimeZoneInformation
GetStdHandle
SetHandleCount
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InterlockedDecrement
InterlockedIncrement
HeapCreate
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
HeapSetInformation
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetSystemTimeAsFileTime
EncodePointer
DecodePointer
GetTimeFormatA
GetDateFormatA

user32

LoadIconW
BeginPaint
EndPaint
SetTimer
MessageBoxW
InvalidateRect
FindWindowW
LoadStringW
LoadAcceleratorsW
GetMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
PostQuitMessage
KillTimer
LoadCursorW
RegisterClassExW
CreateWindowExW
DefWindowProcW
ShowWindow
PostMessageW
UpdateWindow

advapi32

RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
RegCloseKey

shell32

CommandLineToArgvW
SHGetFolderPathA
SHGetFolderPathW
ShellExecuteW

shlwapi

PathFileExistsA

libglog

?InitGoogleLogging@google@@YAXPBD@Z
?SetLogFileName@google@@YAX_N@Z
?SetLogDestination@google@@YAXHPBD@Z
??0LogMessage@google@@QAE@PBDH@Z
?FlushLogFiles@google@@YAXH@Z
?stream@LogMessage@google@@QAEAAV?$basic_ostream@DU?$char_traits@D@std@@@std@@XZ
??1LogMessage@google@@QAE@XZ

wininet

InternetReadFile
InternetOpenA
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA
InternetQueryDataAvailable

dulib

WindowManager_Attach
LoadStyleW
ReleaseStyle
GetPluginByName

Sections

.text
Size: 187KB - Virtual size: 186KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 184KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

96dc7fccc21b4af7b1fb4ce0150f83cc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

shlwapi

libglog

wininet

dulib

Sections

.text Size: 187KB - Virtual size: 186KB

.rdata Size: 39KB - Virtual size: 38KB

.data Size: 7KB - Virtual size: 22KB

.rsrc Size: 184KB - Virtual size: 184KB

.reloc Size: 14KB - Virtual size: 13KB

.text
Size: 187KB - Virtual size: 186KB

.rdata
Size: 39KB - Virtual size: 38KB

.data
Size: 7KB - Virtual size: 22KB

.rsrc
Size: 184KB - Virtual size: 184KB

.reloc
Size: 14KB - Virtual size: 13KB