996E[.]exe | Triage

General

Target

996E.exe
Size

31KB
MD5

6fdb77e5acf2be3cbf843cd901ec33ba
SHA1

16546e3adaed7b55a22c9d22f218b311f44c5bf4
SHA256

8a0b1c1fd99a3770cc48e3b49d87b361b3b3066ea9c63c422b02dae4c5869dbf
SHA512

a2ac8631c9a4565f482300f007a0d0197817cbe3970074c57f0d8619ea2b565adee31f67324cbd8091f1891606cd9a9115a0e928b615f866eafda6e974218354
SSDEEP

768:aqSVtFHU6HhITuUr7FBJf+d0BJB+WFUdobLgqrMy:antU6H+97jJy0BJsWMobLgLy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
996E.exe

Files

996E.exe
.exe windows:4 windows x86

e7c1165de6b2b9b112a7249fc551879d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAllocEx
GetTickCount
SetEvent
GetStartupInfoA
LoadLibraryA
GetTempFileNameA
CreateMutexA
MultiByteToWideChar
lstrcmpiA
GetACP
lstrcpyW
GetDateFormatA
QueryPerformanceCounter
GetCommandLineW
LocalFree
lstrcpyA
GetLogicalDriveStringsW
GetLocalTime
GetAtomNameA
FatalAppExitA
CreatePipe
CompareStringW
lstrcmpi
GetModuleHandleA
GetModuleHandleW
GetLongPathNameW

user32

SetMenu
FindWindowA
CheckMenuItem
EnumWindows
GetCapture
CreateMenu
InvalidateRgn
GetMenuState
GetClassInfoExW
GetScrollRange
DeleteMenu
ScreenToClient
CharLowerW
GetFocus
EnumChildWindows
ShowCursor
GetClientRect
GetMessageA
WinHelpA

gdi32

StretchDIBits
CreateDCW
ExtTextOutA
FillPath
CreateEllipticRgn

advapi32

RegEnumValueW
RegDeleteValueA

comdlg32

GetOpenFileNameW
ChooseFontW
PrintDlgExA
ReplaceTextA
PrintDlgW

shell32

ShellExecuteExA

ole32

CoGetDefaultContext

version

VerQueryValueA
VerQueryValueW
VerLanguageNameA
VerFindFileA

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e7c1165de6b2b9b112a7249fc551879d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

comdlg32

shell32

ole32

version

Sections

.text Size: 12KB - Virtual size: 12KB

.idata Size: 2KB - Virtual size: 1KB

.data Size: 10KB - Virtual size: 9KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 12KB - Virtual size: 12KB

.idata
Size: 2KB - Virtual size: 1KB

.data
Size: 10KB - Virtual size: 9KB

.rsrc
Size: 5KB - Virtual size: 5KB