8db75a5fec6cc5652bf1cc822bdd5eeda1a9971a174310a4eb576ed52060698a[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

8db75a5fec6cc5652bf1cc822bdd5eeda1a9971a174310a4eb576ed52060698a.exe
Size

18.7MB
MD5

b351502c659f142d7c79f959a5fcaf99
SHA1

34ebb03290a9d86764437670c27a45bc2f4d6368
SHA256

8db75a5fec6cc5652bf1cc822bdd5eeda1a9971a174310a4eb576ed52060698a
SHA512

140bba152af14b38472e3959eab4633b62c2e3deb6fe8f40b9feab920d859cf58c8f4efcc6b6fdcfe0e9cf82ba6b2121c8cf81e91aa3fc0b241491113abdf0b7
SSDEEP

393216:6RuumLZECschv73FvTkSsbfQQc6XukOcjVPPTj/Puve:qaEIhv7VvTHSu32VjPuve

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8db75a5fec6cc5652bf1cc822bdd5eeda1a9971a174310a4eb576ed52060698a.exe

Files

8db75a5fec6cc5652bf1cc822bdd5eeda1a9971a174310a4eb576ed52060698a.exe
.exe windows:4 windows x86 arch:x86

3cd385cbf72952d9412ff1bb77cc134a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mpr

WNetGetUniversalNameA

kernel32

WritePrivateProfileStringA
FreeResource
LockResource
LoadResource
FindResourceA
GlobalReAlloc
GetVersion
OpenFile
SizeofResource
ResumeThread
SetPriorityClass
GetCurrentThread
SetThreadPriority
WriteFile
GetModuleFileNameA
FileTimeToDosDateTime
GetSystemTimeAsFileTime
SetEvent
GetPrivateProfileStringA
WaitForSingleObjectEx
CreateEventA
SetEnvironmentVariableA
CompareStringW
CompareStringA
LCMapStringW
LCMapStringA
FlushFileBuffers
RtlUnwind
GetEnvironmentStringsW
MultiByteToWideChar
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
GetOEMCP
GetACP
GetCPInfo
SetStdHandle
GetStdHandle
SetHandleCount
SetEndOfFile
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetCommandLineA
GetStartupInfoA
GetLocalTime
GetSystemTime
GetTimeZoneInformation
GetDiskFreeSpaceA
CreateDirectoryA
ExitProcess
RemoveDirectoryA
HeapReAlloc
SetFilePointer
ReadFile
GetFileType
HeapFree
HeapAlloc
GetVersionExA
GetFileTime
CompareFileTime
GetSystemDirectoryA
MoveFileExA
GetWindowsDirectoryA
GetShortPathNameA
FindClose
DeleteFileA
MoveFileA
GetTempPathA
GetTempFileNameA
_llseek
_lread
CreateProcessA
GetExitCodeProcess
FindFirstFileA
FindNextFileA
CopyFileA
SetErrorMode
GetFileAttributesA
lstrcatA
SetLastError
Sleep
TerminateProcess
GetCurrentProcess
DuplicateHandle
CreateRemoteThread
WaitForSingleObject
GetLastError
OpenProcess
WideCharToMultiByte
GetModuleHandleA
_lopen
_lwrite
_lclose
lstrlenA
lstrcpyA
LoadLibraryA
GetProcAddress
FreeLibrary
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetDriveTypeA
CreateFileA
DosDateTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
CloseHandle
SetFileAttributesA
GetEnvironmentStrings

user32

PostQuitMessage
LoadImageA
CheckDlgButton
BeginPaint
EndPaint
EnableWindow
GetClassLongA
LoadBitmapA
GetSysColor
DefWindowProcA
IsChild
GetFocus
MessageBoxA
DestroyWindow
GetWindowLongA
IsDlgButtonChecked
GetWindowTextA
EndDialog
SetWindowLongA
PtInRect
DestroyIcon
wsprintfA
SendMessageA
GetMessageA
CreateWindowExA
RegisterClassA
LoadCursorA
LoadIconA
InvalidateRect
SetTimer
ReleaseDC
GetDC
KillTimer
CharPrevA
CheckRadioButton
GetParent
CallWindowProcA
OpenClipboard
GetClipboardData
GetWindowThreadProcessId
EnumWindows
PostMessageA
BringWindowToTop
CloseClipboard
IsDialogMessageA
DialogBoxParamA
CreateDialogParamA
ExitWindowsEx
CreateIconFromResourceEx
CreateIconFromResource
CharUpperA
ShowWindow
GetDlgItem
DrawTextA
GetSysColorBrush
FillRect
SetDlgItemTextA
SetWindowTextA
OffsetRect
GetSystemMetrics
PeekMessageA
TranslateMessage
DispatchMessageA
GetWindowRect
GetClientRect
MoveWindow
GetWindow
GetClassNameA
GetDesktopWindow
ScreenToClient
CharLowerA
IsWindow
SendMessageTimeoutA
SetForegroundWindow
SetClassLongA

gdi32

CreateFontA
CreateFontIndirectA
GetTextExtentPointA
StretchBlt
SetBkMode
DeleteObject
GetObjectA
RealizePalette
SelectPalette
CreatePalette
StretchDIBits
DeleteDC
BitBlt
SelectObject
CreateCompatibleBitmap
GetDeviceCaps
CreateCompatibleDC
PatBlt
CreateSolidBrush
GetTextMetricsA
AddFontResourceA
GetStockObject
SetTextColor
GetDIBits

advapi32

RegOpenKeyA
RegCloseKey
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
OpenThreadToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
RegOpenKeyExA
RegDeleteValueA
OpenSCManagerA
CreateServiceA
OpenServiceA
ControlService
QueryServiceStatus
DeleteService
CloseServiceHandle
RegSetValueExA
RegCreateKeyA
RegQueryValueExA

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
SHFileOperationA
SHChangeNotify
SHGetMalloc
SHGetSpecialFolderLocation
SHGetDesktopFolder
FindExecutableA
ShellExecuteA
SHGetFileInfoA

ole32

CoInitialize
CoUninitialize
CoCreateInstance
OleUninitialize
OleInitialize

comctl32

PropertySheetA
ImageList_Destroy
ImageList_Create
ImageList_ReplaceIcon

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 140KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18.5MB - Virtual size: 18.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3cd385cbf72952d9412ff1bb77cc134a

Headers

File Characteristics

Imports

mpr

kernel32

user32

gdi32

advapi32

shell32

ole32

comctl32

version

Sections

.text Size: 140KB - Virtual size: 136KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 16KB - Virtual size: 41KB

.rsrc Size: 18.5MB - Virtual size: 18.5MB

.text
Size: 140KB - Virtual size: 136KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 16KB - Virtual size: 41KB

.rsrc
Size: 18.5MB - Virtual size: 18.5MB