0ecafece1bb30b7c27a9a03701076990N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

0ecafece1bb30b7c27a9a03701076990N.exe
Size

1.5MB
MD5

0ecafece1bb30b7c27a9a03701076990
SHA1

52b35d0d240e20cbb577199834ec922ecdecfe4a
SHA256

75ddf83f73699537f52aaefa3609ee723171686be74b79b2a2f701f21c4e0286
SHA512

faf15c35e68e49d937d655266380957100a1d758bb37da7701fe8b53e268a6e4423147135a94ccf1cf37e6d19da57de20bb69a102309489a6da207a54a82adf6
SSDEEP

49152:ukZ1amEtZ4BrwEeLR20nzhx96S7k1YwM6u:ulmE0EGM6u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ecafece1bb30b7c27a9a03701076990N.exe

Files

0ecafece1bb30b7c27a9a03701076990N.exe
.exe windows:4 windows x86 arch:x86

0ded791f98f829675bd8e6fdb889e2bb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToSystemTime
CreateFileA
GetProcAddress
LeaveCriticalSection
GetSystemDirectoryA
FreeLibrary
LoadLibraryA
MulDiv
GetTickCount
GetFileTime
EnterCriticalSection
CloseHandle
GlobalUnlock
FindClose
GlobalAlloc
CreateMutexA
GetCurrentThreadId
FindFirstFileA
OutputDebugStringA
GetCommandLineA
MultiByteToWideChar
GetLastError
SetThreadPriority
Sleep
GetVersionExA
GlobalLock
GetCurrentThread
GetModuleFileNameA
GlobalFree
FindNextFileA
GetModuleHandleA
DeleteFileA
GetCurrentProcess
VirtualProtect
QueryPerformanceCounter
InitializeCriticalSection
QueryPerformanceFrequency
IsBadWritePtr
DeleteCriticalSection
GetThreadPriority
VirtualQuery
SetErrorMode
SetUnhandledExceptionFilter
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte
InterlockedExchange
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
RaiseException
RtlUnwind
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoA
GetLocalTime
GetSystemTimeAsFileTime
ExitThread
ResumeThread
CreateThread
ExitProcess
GetDriveTypeA
GetFullPathNameA
CreateDirectoryA
HeapReAlloc
LCMapStringA
LCMapStringW
GetCPInfo
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
WriteFile
GetStdHandle
GetACP
GetOEMCP
IsValidCodePage
HeapSize
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GetConsoleCP
GetConsoleMode
FlushFileBuffers
ReadFile
SetFilePointer
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTimeZoneInformation
GetCurrentDirectoryA
SetCurrentDirectoryA
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
CreateFileW
SetEndOfFile
GetCurrentProcessId
CreateFileMappingA
GetFileSize
MapViewOfFile
RemoveDirectoryA

shell32

ShellExecuteA
SHGetFolderPathA

winmm

timeGetTime
timeBeginPeriod
mixerGetControlDetailsA
mixerOpen
mixerGetLineControlsA
mixerClose
mixerGetLineInfoA
mixerGetDevCapsA
mixerSetControlDetails
PlaySoundA
timeEndPeriod

wsock32

send
socket
WSACleanup
__WSAFDIsSet
closesocket
inet_ntoa
gethostbyname
WSAGetLastError
connect
ioctlsocket
WSAStartup
select
htons
recv

user32

EmptyClipboard
ReleaseCapture
SystemParametersInfoA
RegisterClassA
PeekMessageA
SetCursor
LoadCursorA
MessageBoxW
CreateWindowExA
MessageBoxA
GetActiveWindow
GetWindowRect
LoadIconA
ScreenToClient
OpenClipboard
EnumWindows
CreateCursor
SetWindowLongA
WindowFromPoint
SetTimer
DialogBoxIndirectParamA
BeginPaint
DestroyCursor
AdjustWindowRect
DestroyWindow
SetClipboardData
TranslateMessage
DispatchMessageA
ShowWindow
DefWindowProcA
GetCursorPos
RegisterWindowMessageA
ChangeDisplaySettingsA
EndDialog
GetWindowTextA
GetClipboardData
EnumDisplaySettingsA
EndPaint
GetDlgItem
GetWindowLongA
SendMessageA
SetWindowTextA
SetForegroundWindow
CloseClipboard
GetMessageA
CreateWindowExW
GetSysColorBrush
SetCaretPos
HideCaret
DestroyCaret
CreateCaret
ShowCaret
GetClientRect
AdjustWindowRectEx
DrawTextExA
OffsetRect
GetSystemMetrics
IsWindowVisible
IsIconic
PostMessageA
DefWindowProcW
SetFocus
GetWindowPlacement
GetDC
FillRect
ReleaseDC
ClientToScreen
GetWindowInfo
SetCapture
MoveWindow

gdi32

CreateCompatibleDC
DeleteObject
TextOutA
SelectObject
DeleteDC
GetTextExtentPoint32A
CreateDIBSection
CreateFontA
GetDeviceCaps
CreateFontIndirectA
GetTextMetricsA
IntersectClipRect
GetObjectA
GetStockObject
SetTextColor
SetBkMode

advapi32

RegCreateKeyExA
RegCloseKey
RegSetValueExA
RegDeleteValueA
RegQueryValueExA
RegOpenKeyA
RegOpenKeyExA

ole32

CoInitialize

oleaut32

VariantClear

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 236KB - Virtual size: 234KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 253KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0ded791f98f829675bd8e6fdb889e2bb

Headers

File Characteristics

Imports

kernel32

shell32

winmm

wsock32

user32

gdi32

advapi32

ole32

oleaut32

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 236KB - Virtual size: 234KB

.data Size: 28KB - Virtual size: 253KB

.rsrc Size: 40KB - Virtual size: 36KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 236KB - Virtual size: 234KB

.data
Size: 28KB - Virtual size: 253KB

.rsrc
Size: 40KB - Virtual size: 36KB