64e4c375c00901b424f18902f81526ea[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

64e4c375c00901b424f18902f81526ea.exe
Size

4.8MB
MD5

64e4c375c00901b424f18902f81526ea
SHA1

68183187fa95cd132432875b11c6112e715faefa
SHA256

7862e92e1e3be8eb269fa8aeb3cc6fd18da1318cefc3226463534edaf96081fb
SHA512

a2cdbf0b7162c5d432b51e7bd2d059e288586629e6a6f01b4cba405409132cc7ab3f0c887502eb268d40dda9f593e746675007e4593ce71bd597dd40cf24c87e
SSDEEP

98304:8tiHqiUGUEYcE/c6SXFWtsan2Ni4HuhH70Y9AW5Sf9D:8tiHqDlXcur+Omi4gHb9AWG9D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
64e4c375c00901b424f18902f81526ea.exe

Files

64e4c375c00901b424f18902f81526ea.exe
.exe windows:4 windows x86 arch:x86

6942d7ef463d4dcc55583b5988ce3f5d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

imagehlp

CheckSumMappedFile

kernel32

GetCurrentProcess
LocalAlloc
OpenProcess
GetCurrentProcessId
ResumeThread
TerminateProcess
FlushFileBuffers
ReleaseSemaphore
CreateSemaphoreA
OpenSemaphoreA
DeviceIoControl
SetLastError
LockResource
LoadResource
SizeofResource
FindResourceA
GetWindowsDirectoryA
SetFileAttributesA
GetProcessHeap
GetComputerNameW
GetShortPathNameA
GetLocaleInfoA
WaitForSingleObject
CreateProcessA
GetExitCodeProcess
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
FormatMessageA
GetConsoleMode
GetConsoleCP
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapSize
GetFileType
SetHandleCount
GetStringTypeW
GetStringTypeA
GetStdHandle
ExitProcess
HeapReAlloc
VirtualAlloc
VirtualFree
LCMapStringW
LCMapStringA
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
GetCPInfo
GetStartupInfoA
GetCommandLineA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RaiseException
CreateThread
ExitThread
RtlUnwind
GetSystemTimeAsFileTime
LocalFree
GetACP
GetTimeZoneInformation
HeapDestroy
HeapCreate
HeapFree
HeapAlloc
FindFirstFileA
FindNextFileA
FindClose
RemoveDirectoryA
InterlockedIncrement
lstrlenA
WideCharToMultiByte
SetEnvironmentVariableA
InterlockedDecrement
GlobalLock
GlobalUnlock
GetModuleHandleA
GetCurrentThreadId
OutputDebugStringA
DeleteCriticalSection
CreateDirectoryA
SetEndOfFile
GetFileTime
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
MoveFileA
CopyFileA
GetComputerNameA
DeleteFileA
GetModuleFileNameA
GetSystemDirectoryA
GetVersion
GetLastError
GetCurrentDirectoryA
SetCurrentDirectoryA
GetDriveTypeA
LoadLibraryA
GetProcAddress
FreeLibrary
GetVersionExA
GetTempPathA
GetTempFileNameA
GetSystemTime
SystemTimeToFileTime
SetFileTime
GetTickCount
MultiByteToWideChar
CreateFileMappingA
MapViewOfFile
GetFileSize
UnmapViewOfFile
WriteFile
CreateFileA
Sleep
ReadFile
SetFilePointer
CloseHandle
VirtualProtect
CompareStringA
CompareStringW

user32

ExitWindowsEx
EnumDisplaySettingsA
wsprintfW
GetKeyNameTextA
SetWindowsHookExA
LoadIconA
RegisterClassA
DefWindowProcA
LoadCursorA
SetCursor
PeekMessageA
CallNextHookEx
EnumChildWindows
GetDlgCtrlID
DrawFrameControl
GetSystemMetrics
FillRect
DrawTextA
DrawFocusRect
PostQuitMessage
IsWindow
GetMessageA
EndDialog
DestroyWindow
SetPropA
RemovePropA
GetPropA
SetForegroundWindow
CreateDesktopA
IsDialogMessageA
TranslateMessage
DispatchMessageA
MapVirtualKeyExA
GetKeyboardLayout
MapVirtualKeyA
EnumThreadWindows
GetClassNameA
CreateWindowExA
UpdateWindow
GetWindowThreadProcessId
CloseDesktop
LoadStringA
PostMessageA
GetWindowTextA
GetWindowLongA
SetWindowLongA
CallWindowProcA
GetParent
OpenClipboard
GetClipboardData
CloseClipboard
SendMessageA
MessageBeep
SetFocus
GetDlgItemTextA
SetWindowTextA
GetDlgItem
wsprintfA
GetForegroundWindow
MessageBoxA
CreateDialogParamA
ShowWindow
DialogBoxParamA
UnhookWindowsHookEx

gdi32

DeleteObject
SetTextColor
GetTextExtentPoint32A
GetStockObject
SetBkColor
CreateSolidBrush

advapi32

InitiateSystemShutdownA
RegEnumKeyExA
RegDeleteKeyA
RegSetKeySecurity
RegGetKeySecurity
GetTokenInformation
GetSecurityInfo
SetEntriesInAclA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
OpenSCManagerA
OpenServiceA
CloseServiceHandle
DeleteService
RegQueryValueExA
GetUserNameA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegEnumValueA
RegDeleteValueA
RegCloseKey

shell32

SHGetFolderPathA

ole32

CoUninitialize
CoCreateGuid
CoTaskMemFree
StringFromCLSID
CoCreateInstance
CoInitialize

oleaut32

VariantInit
SysAllocString
VariantClear
SysAllocStringLen
SysFreeString

rpcrt4

RpcServerUseProtseqEpA
RpcServerUnregisterIf
RpcMgmtStopServerListening
NdrServerCall2
RpcServerListen
RpcServerRegisterIf

Sections

.text
Size: 280KB - Virtual size: 276KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.3MB - Virtual size: 4.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6942d7ef463d4dcc55583b5988ce3f5d

Headers

File Characteristics

Imports

comctl32

imagehlp

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

rpcrt4

Sections

.text Size: 280KB - Virtual size: 276KB

.rdata Size: 144KB - Virtual size: 143KB

.data Size: 12KB - Virtual size: 27KB

.rsrc Size: 4.3MB - Virtual size: 4.3MB

.text
Size: 280KB - Virtual size: 276KB

.rdata
Size: 144KB - Virtual size: 143KB

.data
Size: 12KB - Virtual size: 27KB

.rsrc
Size: 4.3MB - Virtual size: 4.3MB