560eb95b4954b4c6fef0f6d3ef817fa913ca8c2e7262c296fa53a47ffed44444[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

560eb95b4954b4c6fef0f6d3ef817fa913ca8c2e7262c296fa53a47ffed44444.exe
Size

6.3MB
MD5

0f79504653691e7a8199f552dd9ae763
SHA1

7e9feff72908f344c19a893e3c06458e3d7ba92b
SHA256

560eb95b4954b4c6fef0f6d3ef817fa913ca8c2e7262c296fa53a47ffed44444
SHA512

234938fae68efe3d1bfa71ee02a20c630e9b4647f2e8c5e74c73a752a66a1fd98508386ee2a07cb0a3b0a00a433e41386963b992cbc992ba2eb3eafbd516c27a
SSDEEP

196608:hIhIQrcaoeoYSeyT6vnKCD25kvmeh6vFF//aFcPezA:OIscYSGvKCBtwF+s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
560eb95b4954b4c6fef0f6d3ef817fa913ca8c2e7262c296fa53a47ffed44444.exe

Files

560eb95b4954b4c6fef0f6d3ef817fa913ca8c2e7262c296fa53a47ffed44444.exe
.exe windows:5 windows x86 arch:x86

cb2f8861ae9e888fc248b97ed817726f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

y:\Browser\Blockchain\browser\socket\n\c\x86\hashing\e6t.pdb

Imports

comctl32

ord17

kernel32

SizeofResource
GetStdHandle
WriteFile
FindClose
MulDiv
GetSystemTimeAsFileTime
CompareFileTime
lstrcmpW
lstrcmpiA
lstrcmpiW
lstrlenA
lstrlenW
LoadLibraryA
GetModuleHandleW
GetEnvironmentVariableW
ExpandEnvironmentStringsW
FindResourceExA
CreateDirectoryW
RemoveDirectoryW
GetFileAttributesW
DeleteFileW
FindFirstFileW
FindNextFileW
MultiByteToWideChar
WideCharToMultiByte
GetLocaleInfoW
SetThreadLocale
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GetSystemDefaultLCID
GetVersion
SetProcessWorkingSetSize
GetCurrentProcess
GetExitCodeProcess
CreateIoCompletionPort
GetQueuedCompletionStatus
ResumeThread
CloseHandle
GetModuleFileNameW
CreateProcessW
GetStartupInfoW
GetCommandLineW
SetEnvironmentVariableW
GetDriveTypeW
GetSystemDirectoryA
GetTempPathW
SetCurrentDirectoryW
CreateFileW
GetVersionExW
CreateJobObjectW
AssignProcessToJobObject
SetInformationJobObject
InitializeCriticalSection
SetEvent
ResetEvent
CreateEventW
LocalFree
GetCurrentThreadId
TerminateThread
SuspendThread
FormatMessageW
lstrcpyW
GetSystemDirectoryW
IsBadReadPtr
EnterCriticalSection
LoadResource
DeleteCriticalSection
VirtualAlloc
VirtualFree
GetFileSize
ReadFile
SetEndOfFile
SetFilePointer
SetFileTime
GetFileInformationByHandle
WaitForMultipleObjects
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetStringTypeW
LCMapStringW
LoadLibraryW
OutputDebugStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameA
GetFileType
GetProcessHeap
TlsFree
TlsSetValue
WriteConsoleW
TlsGetValue
TlsAlloc
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
InterlockedIncrement
IsDebuggerPresent
HeapSize
GetModuleHandleExW
ExitProcess
InterlockedDecrement
IsProcessorFeaturePresent
GetCommandLineA
HeapReAlloc
HeapAlloc
HeapFree
RaiseException
RtlUnwind
LoadLibraryExW
ExitThread
DecodePointer
GlobalFree
GlobalAlloc
GetProcAddress
LockResource
SetFileAttributesW
GetDiskFreeSpaceExW
SystemTimeToFileTime
GetLocalTime
Sleep
SetLastError
WaitForSingleObject
GetLastError
GetExitCodeThread
CreateThread
LeaveCriticalSection
EncodePointer

user32

EndDialog
SendMessageW
wsprintfW
wsprintfA
SystemParametersInfoW
DrawIconEx
LoadImageW
LoadIconW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindow
SetWindowLongW
PtInRect
ClientToScreen
MessageBeep
GetClientRect
GetDC
DrawTextW
EnableMenuItem
GetSystemMenu
GetSystemMetrics
EnableWindow
SetFocus
GetDlgItem
DialogBoxIndirectParamW
ShowWindow
IsWindow
CreateWindowExA
CallWindowProcW
DefWindowProcW
MessageBoxA
GetKeyState
CopyImage
GetClassNameA
GetParent
GetWindowLongW
GetSysColor
ScreenToClient
GetWindowRect
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
ReleaseDC
GetWindowDC
GetMenu
KillTimer
SetTimer
CharUpperW
SetWindowPos
DestroyWindow
CreateWindowExW
DispatchMessageW
GetMessageW
wvsprintfW

gdi32

CreateFontIndirectW
GetObjectW
SetStretchBltMode
StretchBlt
SelectObject
GetDeviceCaps
GetCurrentObject
DeleteDC
CreateCompatibleDC
CreateCompatibleBitmap
DeleteObject

advapi32

AllocateAndInitializeSid
CheckTokenMembership
FreeSid

shell32

SHGetFileInfoW
SHGetSpecialFolderPathW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetMalloc
ShellExecuteExW
ShellExecuteW

ole32

CoCreateInstance
CoInitialize
CreateStreamOnHGlobal

oleaut32

SysFreeString
OleLoadPicture
SysAllocString
VariantClear
SysAllocStringLen

Sections

.text
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cb2f8861ae9e888fc248b97ed817726f

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

comctl32

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 141KB - Virtual size: 140KB

.rdata Size: 34KB - Virtual size: 34KB

.data Size: 5KB - Virtual size: 29KB

.rsrc Size: 2.3MB - Virtual size: 2.3MB

.reloc Size: 14KB - Virtual size: 13KB

.text
Size: 141KB - Virtual size: 140KB

.rdata
Size: 34KB - Virtual size: 34KB

.data
Size: 5KB - Virtual size: 29KB

.rsrc
Size: 2.3MB - Virtual size: 2.3MB

.reloc
Size: 14KB - Virtual size: 13KB