110d610b0c44a659723e16ad315edacc[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

110d610b0c44a659723e16ad315edacc.exe
Size

257KB
MD5

110d610b0c44a659723e16ad315edacc
SHA1

ab9a95f01a782a7bfafe49dab9803d92f6b97796
SHA256

68a90e128e079f29248a21886f1122d47e325b07f413cba31de57fd391e5630f
SHA512

f9434b93f833e209be13dcba204bdbcbfebf290e3559adb422791d64da2e45e985b594a243ec16983fe5d86e0b995ffcbb3a6d3891573eddaac666490175f42a
SSDEEP

6144:0tIGO635Nht1MEUKy0ZrGSosRoOMp0ZdEQ6b1u33UaS5:xGl3dYu1XlR/61uHUt5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
110d610b0c44a659723e16ad315edacc.exe

Files

110d610b0c44a659723e16ad315edacc.exe
.exe windows:4 windows x86 arch:x86

d8ab85665373bd3ad3df0c3cf9ed53d6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetExitCodeThread
SetEvent
LoadLibraryA
OpenMutexA
GetCurrentProcessId
CompareFileTime
GetComputerNameA
FileTimeToSystemTime
WaitForMultipleObjects
GetModuleFileNameA
GetModuleHandleA
GetLocalTime
GetCurrentThreadId
GetCurrentDirectoryA
FreeLibrary
Sleep
GetLastError
CreateEventA
CreateMutexA
WaitForSingleObject
GetVersionExA
SystemTimeToFileTime
ExitProcess
GetFileAttributesA
RaiseException
GetCurrentProcess
QueryPerformanceCounter
GetTickCount
HeapCreate
IsBadWritePtr
GetACP
GetOEMCP
GetCPInfo
TlsAlloc
MultiByteToWideChar
SetUnhandledExceptionFilter
GetStartupInfoA
GetEnvironmentStringsW
InitializeCriticalSection
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetSystemInfo
IsBadReadPtr
IsBadCodePtr
GetVersion
GetProcAddress

user32

wsprintfA
GetKeyboardLayout
PostMessageW
SetWindowPos
GetSystemMetrics
LoadCursorA
CheckMenuItem
GetCapture
RegisterClassExA
ShowCaret
InsertMenuItemW
EnableMenuItem
AppendMenuW
UnregisterClassA
GetMenuInfo
LoadImageA
CharLowerA
SetWindowTextW
LoadMenuA
SetDlgItemInt
InsertMenuA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey
GetUserNameA
InitializeSecurityDescriptor
GetSidLengthRequired
InitializeAcl
InitializeSid
GetSidSubAuthority
AddAccessAllowedAce
SetSecurityDescriptorDacl
IsValidSecurityDescriptor

ole32

CoInitializeEx
CoUninitialize
CoCreateInstance

oleaut32

SysFreeString
SysAllocStringByteLen

cfgmgr32

CM_Free_Log_Conf
CM_Next_Range

gdi32

CreateEllipticRgn
SelectBrushLocal
CreateFontIndirectA
RemoveFontResourceA
CreatePen
AddFontResourceW
CreateScalableFontResourceA
UpdateICMRegKeyA
CreateBitmap
CreateICW

Sections

CODE
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

CODE
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rWYfm
Size: 104KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 282KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ATgjp
Size: 113KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d8ab85665373bd3ad3df0c3cf9ed53d6

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

cfgmgr32

gdi32

Sections

CODE Size: 7KB - Virtual size: 6KB

CODE Size: 14KB - Virtual size: 16KB

.rdata Size: 3KB - Virtual size: 3KB

.rWYfm Size: 104KB - Virtual size: 108KB

.data Size: 6KB - Virtual size: 282KB

.ATgjp Size: 113KB - Virtual size: 129KB

.rsrc Size: 9KB - Virtual size: 8KB

CODE
Size: 7KB - Virtual size: 6KB

CODE
Size: 14KB - Virtual size: 16KB

.rdata
Size: 3KB - Virtual size: 3KB

.rWYfm
Size: 104KB - Virtual size: 108KB

.data
Size: 6KB - Virtual size: 282KB

.ATgjp
Size: 113KB - Virtual size: 129KB

.rsrc
Size: 9KB - Virtual size: 8KB