nssy[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

nssy.exe
Size

111KB
MD5

b2a36a4eebf52ee039270a6268fdd32c
SHA1

a40f430f75b00dd900fac6e50bf8bc25a2aa5160
SHA256

6c54b02a45bd5a3ecd592b2e949e5e764a87d96083d51e7edf4d9d64b35d8fd1
SHA512

1e918fe203ca467ba28c7c30e395b936b23e794b4db7e8a6e1ed93e031111c922887d8aa4efc0d13e7d7f74fe52a02fd34a2d0131fdc62bcdef05e68f33c06c7
SSDEEP

1536:fyjPq79ZXcmA5glvMxpediWymgHTbVXV9QfWRmWsRKjQo6yiBvQR+HMVKNR:f1ZZXNADxkgHTbJVuDWiKp6yiGqbX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
nssy.exe

Files

nssy.exe
.exe windows:5 windows x86

79816339b53ffe40dc34edbae4af71e4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileStringW
WritePrivateProfileStringW
MoveFileW
MultiByteToWideChar
WideCharToMultiByte
GetFileSize
GetTickCount
GetModuleFileNameW
GetCommandLineW
SetEnvironmentVariableW
GetTempPathW
SetErrorMode
GetCurrentProcess
ExitProcess
GetVersion
GetWindowsDirectoryW
CopyFileW
GetDiskFreeSpaceW
CreateThread
lstrlenA
GlobalUnlock
lstrcpynW
lstrlenW
CreateDirectoryW
CreateFileW
GetTempFileNameW
RemoveDirectoryW
WriteFile
GetLastError
CreateProcessW
GetSystemDirectoryW
GetModuleHandleA
GetProcAddress
lstrcmpiA
lstrcpyA
lstrcpyW
lstrcatW
MoveFileExW
lstrcmpiW
lstrcmpW
MulDiv
GlobalFree
GlobalAlloc
LoadLibraryExW
GetModuleHandleW
FreeLibrary
GetExitCodeProcess
Sleep
WaitForSingleObject
CloseHandle
SetFileTime
SetFilePointer
SetFileAttributesW
ReadFile
GetShortPathNameW
ExpandEnvironmentStringsW
GetFullPathNameW
GetFileAttributesW
FindNextFileW
FindFirstFileW
FindClose
DeleteFileW
CompareFileTime
SearchPathW
SetCurrentDirectoryW
GlobalLock

user32

EndDialog
CheckDlgButton
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
IsWindowEnabled
GetSystemMetrics
GetSystemMenu
CreatePopupMenu
EnableMenuItem
AppendMenuW
TrackPopupMenu
GetWindowRect
SetCursor
ScreenToClient
GetSysColor
GetWindowLongW
SetClassLongW
DialogBoxParamW
LoadCursorW
SystemParametersInfoW
wsprintfA
DispatchMessageW
PeekMessageW
SetDlgItemTextW
GetDlgItemTextW
CharNextA
CharPrevW
MessageBoxIndirectW
GetMessagePos
CharNextW
ExitWindowsEx
SetWindowTextW
SetTimer
CreateDialogParamW
DestroyWindow
LoadImageW
FindWindowExW
IsWindowVisible
SetWindowPos
CreateWindowExW
GetClassInfoW
RegisterClassW
LoadBitmapW
CallWindowProcW
SetWindowLongW
ReleaseDC
GetDC
SetForegroundWindow
EnableWindow
GetDlgItem
ShowWindow
IsWindow
PostQuitMessage
SendMessageTimeoutW
SendMessageW
wsprintfW
FillRect
GetClientRect
EndPaint
BeginPaint
DrawTextW
DefWindowProcW
InvalidateRect

gdi32

SetBkColor
GetDeviceCaps
SetTextColor
SetBkMode
SelectObject
DeleteObject
CreateFontIndirectW
CreateBrushIndirect

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
SHFileOperationW
ShellExecuteW
SHGetSpecialFolderLocation

advapi32

RegEnumKeyW
RegQueryValueExW
RegOpenKeyExW
RegEnumValueW
SetFileSecurityW
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenProcessToken
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW

comctl32

ImageList_Create
ImageList_Destroy
ord17
ImageList_AddMasked

ole32

OleInitialize
OleUninitialize
CoTaskMemFree
CoCreateInstance

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 112KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

79816339b53ffe40dc34edbae4af71e4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

Sections

.text Size: 27KB - Virtual size: 26KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 170KB

.ndata Size: - Virtual size: 112KB

.rsrc Size: 47KB - Virtual size: 47KB

.text
Size: 27KB - Virtual size: 26KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 170KB

.ndata
Size: - Virtual size: 112KB

.rsrc
Size: 47KB - Virtual size: 47KB