nconvert[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

nconvert.exe
Size

1.5MB
MD5

8cc90c895e175d99eac07d711ead2245
SHA1

99da782ded285e7cb8a71485b83c5c560f68dc31
SHA256

be5bd968857ca36335429d818108ab8abbf6787846d02e5c59b0746c45b8b3af
SHA512

490281dd44849c35f9a8d176d4056d80ddcb77a786523aafc0f5f7bcda6a61ab43b913c23fbb5075268050216c1b928746cb048d585640b8883aa6d004eaa132
SSDEEP

24576:FbC/huMQQf1wIxuvFc+J+1xdoI0U48tj7ehO6vMMdaypk6+WVRORtgPan9ZO68ay:BQhu0wI8v3QpFVQqOVRB0D7qCH8xT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
nconvert.exe

Files

nconvert.exe
.exe windows:4 windows x86

2dc8308b524dec6f4975cdb7b6cd6a24

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadConsoleInputA
SetConsoleMode
GetConsoleMode
PeekConsoleInputA
GetNumberOfConsoleInputEvents
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
GetCurrentDirectoryA
lstrlenA
GlobalSize
CreateFileA
WaitForSingleObject
CreateMutexA
ReleaseMutex
GetTempFileNameA
GetTempPathA
GetFullPathNameA
FreeLibrary
GetProcAddress
LoadLibraryA
GetShortPathNameA
GetFileAttributesA
MulDiv
GetFileSize
MapViewOfFile
CreateFileMappingA
UnmapViewOfFile
GetVersion
EnumResourceNamesA
LoadLibraryExA
SizeofResource
LockResource
LoadResource
FindResourceA
FatalAppExitA
GetFileTime
FindNextFileA
FindFirstFileA
LocalFree
LocalUnlock
LocalLock
GetModuleFileNameA
GetModuleHandleA
ExitProcess
TerminateProcess
GetCurrentProcess
HeapAlloc
HeapFree
HeapReAlloc
InterlockedDecrement
InterlockedIncrement
GetTimeZoneInformation
GetSystemTime
GetLocalTime
EnterCriticalSection
LeaveCriticalSection
GetLastError
MoveFileA
DeleteFileA
GetCommandLineA
Sleep
RtlUnwind
InitializeCriticalSection
DeleteCriticalSection
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
RaiseException
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
ReadFile
WriteFile
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
FlushFileBuffers
GetStringTypeA
GetStringTypeW
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
SetStdHandle
GetCurrentProcessId
LCMapStringA
LCMapStringW
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetExitCodeProcess
CreateProcessA
SetEndOfFile
GetLocaleInfoW
CloseHandle
SetFileTime
MultiByteToWideChar
WideCharToMultiByte
GlobalReAlloc
GlobalAlloc
GlobalLock
GlobalUnlock
FindClose
GlobalFree

user32

DrawIconEx
CreateIconFromResource
GetDesktopWindow
DrawTextA
CreateIconFromResourceEx
DestroyIcon
GetIconInfo
EmptyClipboard
SetClipboardData
OpenClipboard
RegisterClipboardFormatA
GetClipboardData
FillRect
CloseClipboard
GetDC
ReleaseDC
MessageBoxA

gdi32

SetDIBitsToDevice
CreateEnhMetaFileA
CloseEnhMetaFile
GetEnhMetaFileA
GetEnhMetaFileHeader
CreatePen
BeginPath
PlayEnhMetaFile
FillPath
StrokePath
CreateFontIndirectA
CreateSolidBrush
SetTextColor
SetBkColor
SetBkMode
GetCharABCWidthsFloatA
CreateDCA
CreateCompatibleDC
DeleteEnhMetaFile
EndPath
SetWinMetaFileBits
CreateCompatibleBitmap
CreateDIBSection
DeleteObject
CreatePalette
GetSystemPaletteEntries
GetDeviceCaps
GetDIBits
RealizePalette
SelectPalette
GetStockObject
GetObjectA
DeleteDC
PlayMetaFile
SetBoundsRect
SetViewportOrgEx
SetViewportExtEx
SetWindowOrgEx
SetWindowExtEx
SetMapMode
SelectObject

advapi32

RegOpenKeyExA
RegEnumKeyA
RegQueryValueExA
RegCloseKey

shell32

ExtractIconExA

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 156KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 168KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2dc8308b524dec6f4975cdb7b6cd6a24

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 156KB - Virtual size: 154KB

.data Size: 168KB - Virtual size: 188KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 156KB - Virtual size: 154KB

.data
Size: 168KB - Virtual size: 188KB