6d23cdec447a925c8ea8b72517043520a5229e6c0227fee238b17126f4f1c5a3[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

6d23cdec447a925c8ea8b72517043520a5229e6c0227fee238b17126f4f1c5a3.exe
Size

8.2MB
MD5

b8c987e6520a21fccb4f98bacfdcc35a
SHA1

2ec408a482631f715797cb0df90f2035248283b8
SHA256

6d23cdec447a925c8ea8b72517043520a5229e6c0227fee238b17126f4f1c5a3
SHA512

30244d77eb6d19600a81864905fc2e9028b0bf518737833320f47f85e55282ed7375d2f6cea172a9c2bf722c34c9850f70dd2258b3a8a7a4a38cfb4ba436eb22
SSDEEP

196608:76/McsyM4vvf8iF4O7NADtV6v+EFRo6dVVVigtSv3mZ:2/pvUiB7RFRo6dVVV+m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6d23cdec447a925c8ea8b72517043520a5229e6c0227fee238b17126f4f1c5a3.exe

Files

6d23cdec447a925c8ea8b72517043520a5229e6c0227fee238b17126f4f1c5a3.exe
.exe windows:6 windows x86 arch:x86

7274e457478b19a4053d334286625689

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\stash\nero-swiftmirror-windows\Installer\bin\Release\Installer.pdb

Imports

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

wininet

InternetGetConnectedState
HttpQueryInfoW
HttpSendRequestW
HttpAddRequestHeadersW
HttpOpenRequestW
InternetSetStatusCallbackW
InternetGetLastResponseInfoW
InternetSetOptionW
InternetQueryDataAvailable
InternetSetFilePointer
InternetReadFile
InternetConnectW
InternetCloseHandle
InternetOpenW
InternetCanonicalizeUrlW
InternetCrackUrlW
InternetWriteFile

kernel32

GetDateFormatW
ReadConsoleW
GetConsoleMode
SetFilePointerEx
GetStdHandle
QueryPerformanceFrequency
HeapQueryInformation
GetFileType
SetStdHandle
FreeLibraryAndExitThread
ExitThread
GetCommandLineW
GetCommandLineA
LCMapStringW
ExitProcess
VirtualQuery
VirtualAlloc
GetSystemInfo
RtlUnwind
GetCPInfo
GetStringTypeW
LCMapStringEx
RaiseException
GetTimeFormatW
IsValidLocale
EnumSystemLocalesW
GetModuleHandleExW
WriteConsoleW
SizeofResource
LockResource
LoadResource
GetConsoleOutputCP
FindResourceW
GetLastError
Sleep
MultiByteToWideChar
WTSGetActiveConsoleSessionId
WaitForSingleObject
GetExitCodeProcess
CloseHandle
GetModuleFileNameW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
CreateDirectoryW
DeleteFileW
GetPrivateProfileStringW
GetPrivateProfileIntW
RemoveDirectoryW
lstrlenW
lstrcmpiW
OpenProcess
TerminateProcess
CopyFileW
VerSetConditionMask
VerifyVersionInfoW
CreateFileW
WriteFile
GetWindowsDirectoryW
lstrcpyW
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSectionEx
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
CreateMutexW
CreateThread
OutputDebugStringW
GetDriveTypeW
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
HeapFree
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
WaitForSingleObjectEx
ResetEvent
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetUserDefaultLCID
GetTempFileNameW
FindResourceExW
HeapSize
HeapReAlloc
HeapAlloc
GetTimeZoneInformation
GetProfileIntW
GetTickCount64
SearchPathW
GetTempPathW
VirtualProtect
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetCurrentDirectoryW
GlobalFlags
SetErrorMode
GlobalGetAtomNameW
GetFileTime
GetFileSizeEx
GetFileAttributesExW
GetFileAttributesW
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
ResumeThread
SetThreadPriority
CreateEventW
SetEvent
WritePrivateProfileStringW
lstrcmpA
GetVersionExW
GetCurrentThread
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
GetSystemDirectoryW
EncodePointer
GetCurrentThreadId
GetCurrentProcessId
FindNextFileW
FileTimeToLocalFileTime
GetThreadLocale
LoadLibraryA
GetCurrentProcess
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
FindFirstFileW
FindClose
WideCharToMultiByte
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
LocalAlloc
LoadLibraryW
LoadLibraryExW
GetProcAddress
GetModuleHandleW
GetModuleHandleA
FreeLibrary
InitializeCriticalSectionAndSpinCount
OutputDebugStringA
SetLastError
FormatMessageW
MulDiv
LocalFree
GlobalSize
GetProcessHeap
DeleteCriticalSection
DecodePointer

user32

CharUpperBuffW
RegisterClipboardFormatW
CreateAcceleratorTableW
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
GetUpdateRect
SetClassLongW
DestroyAcceleratorTable
ModifyMenuW
CopyIcon
GetIconInfo
GetDoubleClickTime
LockWindowUpdate
BringWindowToTop
SetCursorPos
SetParent
LoadImageW
DestroyIcon
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
GetNextDlgGroupItem
SetRect
InvalidateRgn
CopyAcceleratorTableW
CharNextW
WaitMessage
CopyImage
MonitorFromPoint
UnionRect
EnableScrollBar
UpdateLayeredWindow
SetMenuDefaultItem
GetMenuDefaultItem
CreatePopupMenu
NotifyWinEvent
WindowFromPoint
MessageBeep
DeleteMenu
ReleaseCapture
SetCapture
GetAsyncKeyState
IsZoomed
TrackMouseEvent
RealChildWindowFromPoint
EnumDisplayMonitors
GetMenuItemInfoW
DestroyMenu
SetRectEmpty
SendDlgItemMessageA
SetCursor
ShowOwnedPopups
GetMessageW
DrawIconEx
IsRectEmpty
OffsetRect
DrawFocusRect
GetSysColorBrush
TranslateAcceleratorW
DrawEdge
MapDialogRect
SetWindowContextHelpId
PostQuitMessage
LoadMenuW
MapVirtualKeyW
GetKeyNameTextW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IntersectRect
IsDialogMessageW
SetWindowTextW
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
GetClassInfoExW
CreateWindowExW
PeekMessageW
TranslateMessage
DispatchMessageW
GetWindow
GetTopWindow
GetClassLongW
EqualRect
MapWindowPoints
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
GetClassInfoW
ScrollWindow
ValidateRect
SetForegroundWindow
GetForegroundWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
PostThreadMessageW
SubtractRect
IsClipboardFormatAvailable
IsCharLowerW
MapVirtualKeyExW
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
GetComboBoxInfo
GetKeyState
SetFocus
HideCaret
InvertRect
CreateMenu
DestroyCursor
GetWindowRgn
DrawFrameControl
IsMenu
IsChild
SetWindowPos
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
IsWindowVisible
GetDlgCtrlID
RegisterClassW
CallWindowProcW
DefWindowProcW
GetWindowRect
SetWindowRgn
SendMessageW
GetClientRect
GetWindowDC
ReleaseDC
EnableWindow
FillRect
SetWindowLongW
GetWindowLongW
SetLayeredWindowAttributes
BeginPaint
EndPaint
InvalidateRect
FrameRect
LoadIconW
GetSystemMenu
AppendMenuW
IsIconic
GetSystemMetrics
DrawIcon
LoadBitmapW
KillTimer
RedrawWindow
SystemParametersInfoW
PostMessageW
SetTimer
GetMessageTime
IsWindow
LoadCursorW
UpdateWindow
CopyRect
DrawTextW
InflateRect
UnregisterClassW
GetMenuStringW
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
RemoveMenu
GetDesktopWindow
CharUpperW
DrawStateW
GetClassNameW
DrawTextExW
GrayStringW
SetScrollPos
TabbedTextOutW
GetDC
ClientToScreen
ScreenToClient
GetSysColor
IsWindowEnabled
MessageBoxW
GetParent
GetWindowThreadProcessId
GetLastActivePopup
DestroyWindow
CreateDialogIndirectParamW
EndDialog
GetDlgItem
GetNextDlgTabItem
GetActiveWindow
SetActiveWindow
GetFocus
GetCursorPos
PtInRect
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
RegisterWindowMessageW
GetMessagePos

gdi32

CreateHatchBrush
CreatePatternBrush
CreateRectRgn
Escape
GetClipBox
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkColor
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
CreateBitmap
ScaleViewportExtEx
ScaleWindowExtEx
CombineRgn
CreateFontIndirectW
CreateRectRgnIndirect
GetMapMode
SetRectRgn
DPtoLP
CreateEllipticRgn
Ellipse
GetBkColor
GetTextColor
CreatePolygonRgn
Polygon
Polyline
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
GetRgnBox
RealizePalette
SetPixel
OffsetRgn
CreatePalette
GetPaletteEntries
EnumFontFamiliesExW
GetNearestPaletteIndex
GetSystemPaletteEntries
LPtoDP
ExtFloodFill
SetPaletteEntries
FrameRgn
GetBoundsRect
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
SetPixelV
GetTextFaceW
BitBlt
GetDeviceCaps
AddFontResourceW
SelectObject
GetTextExtentPoint32W
CreateRoundRectRgn
CreateSolidBrush
FillRgn
DeleteObject
DeleteDC
StretchBlt
GetDIBColorTable
CreateCompatibleDC
GetStockObject
PatBlt
SetDIBColorTable
GetObjectW
CreateDIBSection
CreatePen
Rectangle
GetTextMetricsW
SetBkMode
SetTextColor
RoundRect
CopyMetaFileW
OffsetWindowOrgEx
ExcludeClipRect
CreateDCW

msimg32

TransparentBlt
AlphaBlend

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

AllocateAndInitializeSid
RegOpenKeyExW
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegDeleteValueW
RegDeleteKeyW
FreeSid
CheckTokenMembership
GetUserNameW
CryptCreateHash
CryptAcquireContextW
CryptHashData
CryptReleaseContext
CryptDestroyHash
CryptGetHashParam
RegCreateKeyExW
RegSetValueExW
RegCloseKey
RegQueryValueExW

shell32

SHGetSpecialFolderPathW
ShellExecuteExW
SHGetFileInfoW
ShellExecuteW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetMalloc
SHGetSpecialFolderLocation
SHGetDesktopFolder
DragFinish
DragQueryFileW
SHAppBarMessage
SHGetKnownFolderPath

comctl32

InitCommonControlsEx

shlwapi

UrlUnescapeW
PathIsUNCW
PathStripToRootW
PathFileExistsW
PathFindFileNameW
StrFormatKBSizeW
PathRemoveFileSpecW
PathFindExtensionW

uxtheme

IsAppThemed
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
GetWindowTheme
DrawThemeText
DrawThemeParentBackground
GetCurrentThemeName
GetThemeColor
DrawThemeBackground
CloseThemeData
OpenThemeData

ole32

OleFlushClipboard
OleTranslateAccelerator
IsAccelerator
CoRevokeClassObject
CoRegisterMessageFilter
CoInitializeEx
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
DoDragDrop
OleIsCurrentClipboard
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CreateStreamOnHGlobal
CoUninitialize
CoCreateInstance
CoInitialize
OleCreateMenuDescriptor
OleDestroyMenuDescriptor

oleaut32

SysAllocStringLen
VariantInit
VariantClear
VariantChangeType
LoadTypeLi
SystemTimeToVariantTime
VariantTimeToSystemTime
SysAllocString
VariantCopy
VarBstrFromDate
OleCreateFontIndirect
SysStringLen
SysAllocStringByteLen
SysFreeString
SafeArrayDestroy

oledlg

OleUIBusyW

gdiplus

GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdipGetImagePalette
GdipDrawImageRectI
GdipBitmapLockBits
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipCreateFromHDC
GdipGetImagePaletteSize
GdiplusShutdown
GdipDrawImageI
GdipBitmapUnlockBits
GdipSetInterpolationMode
GdipCloneImage
GdipAlloc
GdipFree
GdipDisposeImage
GdipGetImageGraphicsContext
GdipDeleteGraphics

wtsapi32

WTSQuerySessionInformationW

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 381KB - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6.2MB - Virtual size: 6.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7274e457478b19a4053d334286625689

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

version

wininet

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

wtsapi32

oleacc

imm32

winmm

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 381KB - Virtual size: 384KB

.data Size: 25KB - Virtual size: 44KB

.rsrc Size: 6.2MB - Virtual size: 6.2MB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 381KB - Virtual size: 384KB

.data
Size: 25KB - Virtual size: 44KB

.rsrc
Size: 6.2MB - Virtual size: 6.2MB