c46abd692953c7786c56f7f7bec7a97b[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

c46abd692953c7786c56f7f7bec7a97b.exe
Size

212KB
MD5

c46abd692953c7786c56f7f7bec7a97b
SHA1

18a74ed9d1e75efe2055bd63bf0af8f597b2a1b2
SHA256

d4039ed88487854e283e92c05e787a86232eeb4ae05bba7464c10cb3702915ab
SHA512

b5acab590f4864b5d6ebb83b0bfbb74aa1c128f7e7df66c0b3b28090c894ed4810e8fe4dce7e6d4f4cc63d4ac639fbbd4725d14be7aac52187b203683a670594
SSDEEP

3072:oXi+1IfIwFs7ZbxrAerbWu7s3BLbOyYkW8/1HSG9VRfqXlzcM8tKog8vCa30+Z:oXMwwW7Z1rAeXT8bOcdHd9yrpoBv8+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c46abd692953c7786c56f7f7bec7a97b.exe

Files

c46abd692953c7786c56f7f7bec7a97b.exe
.exe windows:4 windows x86 arch:x86

398b036aefb0145ed1ec7104382f5198

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVolumeInformationA
CreateNamedPipeA
GetModuleHandleA
QueryPerformanceCounter
CreateThread
EnumTimeFormatsA
SetCurrentDirectoryW
FindAtomW
GetFullPathNameA
CreateEventA
ExpandEnvironmentStringsA
EnumDateFormatsA
GetProcAddress
SetEvent
FindResourceW
GetStringTypeW
IsBadWritePtr
GlobalDeleteAtom
MultiByteToWideChar
ConnectNamedPipe
GetMailslotInfo
GetPriorityClass
FindAtomA
GetShortPathNameW
WinExec
lstrcmpA
IsBadStringPtrW
lstrcatA
GetVersionExA
GetLogicalDrives
GetExitCodeThread
WaitForMultipleObjects
lstrcmpW
lstrcmpiA
CreateMailslotA
GetFileTime
GetExitCodeProcess

user32

wvsprintfW
SetForegroundWindow
CascadeWindows
EnumWindows
SetDlgItemTextA
SetWindowLongA
SendMessageW
EnumDesktopsW
CharLowerW
UpdateLayeredWindow
wsprintfW
DialogBoxIndirectParamW
OpenClipboard
SetWindowPos
GetClassNameA
GetClassInfoExW
CheckMenuRadioItem
DestroyMenu
LoadImageA
GetMenuInfo
CheckRadioButton
GetMenuItemRect
LoadMenuA
EnumChildWindows
GetMenuItemInfoW
AppendMenuA
CreateAcceleratorTableA
LoadImageW
GetDCEx
DestroyCursor
IsIconic
UpdateWindow
GetTopWindow

gdi32

SelectClipRgn
CreateRoundRectRgn
SetMapMode
StretchDIBits
SetWindowExtEx
GetNearestPaletteIndex
SetTextJustification
GetPixel
GetEnhMetaFilePaletteEntries
SetArcDirection
OffsetWindowOrgEx
GetLogColorSpaceW
RestoreDC
InvertRgn
PlayEnhMetaFile

advapi32

RegCreateKeyExA
RegCreateKeyExA
RegDeleteValueA
RegDeleteValueW

shlwapi

UrlCanonicalizeW
StrPBrkA
SHRegDeleteEmptyUSKeyA
ColorHLSToRGB
UrlIsW
StrSpnA
SHRegWriteUSValueW

setupapi

SetupDiSetClassInstallParamsA
CMP_GetServerSideDeviceInstallFlags
CM_Set_HW_Prof_FlagsW
SetupDiInstallDriverFiles
SetupDiCreateDeviceInterfaceW

oledlg

OleUIChangeIconA
OleUIObjectPropertiesA
OleUIBusyW
OleUIPasteSpecialA
OleUIPromptUserW
OleUIPromptUserA
OleUIPasteSpecialW
OleUIChangeSourceA
OleUIUpdateLinksA

crypt32

CryptCreateKeyIdentifierFromCSP
CertFindCertificateInStore
CryptMemFree
CertCompareCertificateName
CertGetValidUsages
CertFreeCRLContext
CryptDecryptAndVerifyMessageSignature
CryptFindOIDInfo
CertEnumCRLsInStore
CertVerifyCertificateChainPolicy
CryptMsgCountersignEncoded
CryptEncodeObject
I_CertSrvProtectFunction
I_CryptFlushLruCache
CertDuplicateCertificateContext

Sections

.PHTPjq
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.M
Size: 512B - Virtual size: 237KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.XeM
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.pL
Size: 2KB - Virtual size: 486KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Ire
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.DtwwV
Size: 2KB - Virtual size: 242KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.K
Size: 4KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rZUbM
Size: 3KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.NT
Size: 1024B - Virtual size: 403KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 616B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

398b036aefb0145ed1ec7104382f5198

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shlwapi

setupapi

oledlg

crypt32

Sections

.PHTPjq Size: 3KB - Virtual size: 3KB

.M Size: 512B - Virtual size: 237KB

.XeM Size: 8KB - Virtual size: 8KB

.pL Size: 2KB - Virtual size: 486KB

.Ire Size: 4KB - Virtual size: 5KB

.DtwwV Size: 2KB - Virtual size: 242KB

.K Size: 4KB - Virtual size: 116KB

.rZUbM Size: 3KB - Virtual size: 276KB

.data Size: 105KB - Virtual size: 169KB

.NT Size: 1024B - Virtual size: 403KB

.rsrc Size: 74KB - Virtual size: 74KB

.reloc Size: 1024B - Virtual size: 616B

.PHTPjq
Size: 3KB - Virtual size: 3KB

.M
Size: 512B - Virtual size: 237KB

.XeM
Size: 8KB - Virtual size: 8KB

.pL
Size: 2KB - Virtual size: 486KB

.Ire
Size: 4KB - Virtual size: 5KB

.DtwwV
Size: 2KB - Virtual size: 242KB

.K
Size: 4KB - Virtual size: 116KB

.rZUbM
Size: 3KB - Virtual size: 276KB

.data
Size: 105KB - Virtual size: 169KB

.NT
Size: 1024B - Virtual size: 403KB

.rsrc
Size: 74KB - Virtual size: 74KB

.reloc
Size: 1024B - Virtual size: 616B