02942404bf30e8fc96b048d1293b765f[.]exe

General

Target

02942404bf30e8fc96b048d1293b765f.exe
Size

368KB
MD5

02942404bf30e8fc96b048d1293b765f
SHA1

47e1574e0c920e33b1711e24590b993d64a63aec
SHA256

06b211bec3d2d8de9ffb73dd2717dffb5006bdad2e8111b5c5e438b12478a4b6
SHA512

3f44a832a70d3a8db0629640a7e5c42f2775663fb0cf50e49392edcaecc45a2d671f89583fb42d43f511d081aef2a49afa9f206810dd12040576319022b1e226
SSDEEP

6144:ENO8MYyIzAljz6TWrrFTFPKDfFUj/WTOgdHKQPXNX9tLIaA6jSKFz0oLBXB3w6y:EU80IEl/64TFPKij/GOghP9XTc/62KGt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02942404bf30e8fc96b048d1293b765f.exe

Files

02942404bf30e8fc96b048d1293b765f.exe
.exe windows:4 windows x86 arch:x86

5e17ca40a4f6f1a4ec2d05984fc1876a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
GetProcessHeap
CreateFileA
SetFileTime
GetCommandLineA
LocalFileTimeToFileTime
DosDateTimeToFileTime
CreateDirectoryA
GetLastError
GetProcAddress
LoadLibraryA
HeapAlloc
RemoveDirectoryA
CreateEventA
ReadFile
WriteFile
FormatMessageA
GetFileAttributesA
DeleteFileA
MoveFileExA
TerminateProcess
ExitProcess
SetEnvironmentVariableA
GetEnvironmentVariableA
WideCharToMultiByte
GetCurrentProcess
CreateThread
WaitForSingleObject
GetSystemDirectoryA
GetDriveTypeA
GetDiskFreeSpaceA
GetSystemTime
SystemTimeToFileTime
GetCurrentDirectoryA
CloseHandle
CreateProcessA
GetExitCodeProcess
HeapFree
SetFilePointer
SetEvent

user32

SendDlgItemMessageA
EndDialog
LoadStringA
SendMessageA
ShowWindow
DialogBoxParamA
MessageBoxA

comctl32

ord17

advapi32

CryptAcquireContextA
CryptGenRandom
SetSecurityDescriptorDacl
GetLengthSid
AddAccessAllowedAce
InitializeAcl
InitializeSecurityDescriptor
CryptReleaseContext
GetTokenInformation
OpenProcessToken
AllocateAndInitializeSid

shell32

SHBrowseForFolderA
SHGetPathFromIDListA

ntdll

_allmul
strstr
sprintf

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 340KB - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5e17ca40a4f6f1a4ec2d05984fc1876a

Headers

File Characteristics

Imports

kernel32

user32

comctl32

advapi32

shell32

ntdll

Sections

.text Size: 20KB - Virtual size: 19KB

.data Size: 512B - Virtual size: 66KB

.rsrc Size: 340KB - Virtual size: 344KB

.text
Size: 20KB - Virtual size: 19KB

.data
Size: 512B - Virtual size: 66KB

.rsrc
Size: 340KB - Virtual size: 344KB