3cdc61ea61bd84256c07158f5afc4e70N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

3cdc61ea61bd84256c07158f5afc4e70N.exe
Size

33KB
MD5

3cdc61ea61bd84256c07158f5afc4e70
SHA1

2129e32ef8e1cd5636774a08287199085791b83d
SHA256

e7e4d3d973af0935fae138f8c8e3615e59877b362d096999119a4c7964b8b54a
SHA512

b6348a73fbf5a4e0d7be3fed568f5c1d2d855dd8712e6a913d4a4b9b5492d253e4ea725acc5cc11188c71cdeeff9b7f90c21b33b2c8aec1a22f7891a1841077a
SSDEEP

768:CrsnVMSFSqi3+5mIJvarwNP/LODYiLxz:lnWz3wmmyMN6DYiLxz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3cdc61ea61bd84256c07158f5afc4e70N.exe

Files

3cdc61ea61bd84256c07158f5afc4e70N.exe
.exe windows:5 windows x64 arch:x64

6db18725e75f75b13cadc823a9d18f30

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

comctl32

InitCommonControlsEx

hid

HidD_SetFeature
HidD_GetFeature
HidD_GetHidGuid
HidD_FreePreparsedData
HidP_GetSpecificValueCaps
HidP_GetCaps
HidD_GetPreparsedData

setupapi

SetupDiGetClassImageIndex
SetupDiEnumDeviceInfo
SetupDiOpenDevRegKey
SetupDiGetClassDevsW
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces
SetupDiDestroyClassImageList
SetupDiGetClassImageList

msvcrt

memcpy
??2@YAPEAX_K@Z
??3@YAXPEAX@Z
wcstol
_snwprintf
atoi
swscanf
_vsnwprintf
logf
expf
wcschr

kernel32

GetTickCount
GetModuleHandleW
GetProfileStringW
MulDiv
GetStartupInfoW
lstrcatW
AddAtomW
lstrlenW
GetCommModemStatus
EscapeCommFunction
lstrcmpW
Sleep
GetProcAddress
lstrlenA
LoadLibraryA
GetVersion
CreateFileW
DeviceIoControl
FreeLibrary
CloseHandle

user32

MessageBoxW
GetDlgItemTextW
SendMessageW
SetFocus
GetDlgItem
CheckDlgButton
IsDlgButtonChecked
SetDlgItemTextW
PostMessageW
DispatchMessageW
TranslateMessage
PeekMessageW
SetWindowTextW
GetWindowTextW
GetParent
DdeCreateStringHandleW
DdeCmpStringHandles
InvalidateRect
RemovePropW
SetPropW
GetPropW
DdeCreateDataHandle
GetDlgItemTextA
DdeNameService
DdeInitializeW
DdeUninitialize
GetWindowPlacement
SetTimer
KillTimer
SendDlgItemMessageW
EndDialog
SetWindowLongPtrW
GetWindowLongPtrW
DialogBoxParamW
IsIconic
DdePostAdvise
GetDlgCtrlID
ShowWindow
SetWindowPos
SetClassLongPtrW
LoadIconW
LoadStringW

gdi32

DeleteObject
SetBkMode
CreateFontW
GetObjectW
CreateSolidBrush

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegSetValueW
RegSetValueExW
RegDeleteValueW
RegCloseKey

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 812B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 780B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6db18725e75f75b13cadc823a9d18f30

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

hid

setupapi

msvcrt

kernel32

user32

gdi32

advapi32

Sections

.text Size: 18KB - Virtual size: 18KB

.data Size: - Virtual size: 812B

.pdata Size: 1024B - Virtual size: 780B

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 18KB - Virtual size: 18KB

.data
Size: - Virtual size: 812B

.pdata
Size: 1024B - Virtual size: 780B

.rsrc
Size: 12KB - Virtual size: 12KB