dnw[.]exe | Triage

Resubmissions

22-04-2024 09:23

240422-lch6raaa5s 3

22-04-2024 08:19

240422-j74ptshd8v 3

22-04-2024 08:04

240422-jyhe8shc28 3

Sharing

Copy URL

Twitter E-mail

General

Target

dnw.exe
Size

52KB
MD5

00c15c23096cdc06ca5df95b9f483c33
SHA1

0360aad1b106e100277bbaa1e56211f0308cb78f
SHA256

102e1be1cc3218e068e5ad7acd0c75773240d4252ced6ebfa862dba8e516cf5d
SHA512

0f3b6b92ec9d3b2b1b74132b9a3895b871f9110d52512f45b783ec95a7594ace75d4359e4738bf432c665effd501e9f7b6595d769fa9d6d59cdb10750ac7ffd6
SSDEEP

768:8hVpOm/LcSITgcX3oPPL4kTz55IaRU9jQUkhHcoN1:8hVg+ITL84kTLYUU1oN1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dnw.exe

Files

dnw.exe
.exe windows:4 windows x86 arch:x86

68e67c672407c07e41ebbcd4712061c3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
WriteFile
lstrlenA
SetCommState
GetCommState
SetCommTimeouts
PurgeComm
SetupComm
SetCommMask
CreateEventA
Sleep
EscapeCommFunction
ClearCommError
GetOverlappedResult
WaitCommEvent
GetLastError
DeviceIoControl
GetFileSize
FlushFileBuffers
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
SetStdHandle
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
InterlockedIncrement
InterlockedDecrement
SetFilePointer
ReadFile
CloseHandle
lstrcpyA
lstrcatA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
HeapFree
HeapAlloc
ResumeThread
CreateThread
TlsSetValue
ExitThread
HeapReAlloc
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapDestroy
HeapCreate
VirtualFree
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
VirtualAlloc
GetCurrentThreadId
TlsAlloc
SetLastError
TlsGetValue
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
RtlUnwind
GetModuleFileNameA
FreeEnvironmentStringsA

user32

GetMessageA
MoveWindow
KillTimer
PostQuitMessage
SetTimer
DefWindowProcA
CreateWindowExA
ShowWindow
UpdateWindow
DestroyWindow
LoadCursorA
RegisterClassExA
LoadIconA
TranslateMessage
IsDialogMessageA
DispatchMessageA
DialogBoxParamA
CreateDialogParamA
MessageBoxA
EndDialog
CheckRadioButton
GetDlgItem
SendMessageA
SetWindowTextA

gdi32

GetStockObject
GetObjectA
CreateFontIndirectA
DeleteObject

comdlg32

GetOpenFileNameA

setupapi

SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailA

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

68e67c672407c07e41ebbcd4712061c3

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

setupapi

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 32KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 32KB

.rsrc
Size: 4KB - Virtual size: 2KB