191ef5c17a4a08c01191cadb403020c0N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

191ef5c17a4a08c01191cadb403020c0N.exe
Size

2.7MB
MD5

191ef5c17a4a08c01191cadb403020c0
SHA1

137fb87c7d32dcf9dec5d12371ab0aaaa0cea911
SHA256

0adb337a5211ba673bcc7bca402940d78d7be417508e2df01e838f144f872f89
SHA512

dd16d5b14298ad19f53f570d11cfd3c3e6aaf9e93cbd32d158a0e2370e612621373539dd7bf183b2fedff9efc842362a76dd9519eeb1c7b29a742a524a80630f
SSDEEP

24576:I71jrAZ+pn07mEMC2xZm6fAfhK3Hwi+1Jaa8S2UDUtVr8:IZO+KRQE8pUDsVg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
191ef5c17a4a08c01191cadb403020c0N.exe

Files

191ef5c17a4a08c01191cadb403020c0N.exe
.exe windows:4 windows x86 arch:x86

c767663f726871e69dd9a06fd8cf7dda

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

netapi32

Netbios

wsock32

select
getsockopt
ioctlsocket
gethostbyname
htons
WSAStartup
socket
inet_ntoa
closesocket
WSACleanup
send
recv
connect
WSAGetLastError

kernel32

GetStringTypeA
GetConsoleMode
GetConsoleCP
GetLocaleInfoA
CompareStringW
CompareStringA
GetTimeZoneInformation
HeapSize
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCurrentDirectoryA
SetEnvironmentVariableA
GetCommandLineA
GlobalFree
GlobalAlloc
GlobalReAlloc
GetStringTypeW
LocalFree
FormatMessageA
MapViewOfFile
GetLastError
CreateFileMappingA
CloseHandle
WaitForSingleObject
OpenProcess
GetProcAddress
LoadLibraryA
GetVersion
GetComputerNameA
GetVersionExA
GetCurrentThreadId
GetCurrentProcessId
GetModuleHandleA
FreeLibrary
TerminateProcess
GetTickCount
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableW
CreateMutexA
QueryPerformanceCounter
HeapCreate
HeapDestroy
InterlockedDecrement
GetFileType
SetFilePointer
WriteFile
LeaveCriticalSection
EnterCriticalSection
GetFileAttributesA
ReadFile
SetEndOfFile
Sleep
InterlockedExchange
DuplicateHandle
GetCurrentThread
GetCurrentProcess
TlsSetValue
TlsGetValue
TlsAlloc
TlsFree
SystemTimeToFileTime
GetLocalTime
FileTimeToLocalFileTime
ReleaseMutex
VirtualQuery
GetStdHandle
IsDebuggerPresent
GetThreadLocale
SetEvent
CreateEventA
ExitThread
InitializeCriticalSection
CreateThread
DeleteCriticalSection
TerminateThread
VirtualFree
VirtualAlloc
SetLastError
DeleteFileA
SetThreadPriority
CreateProcessA
GetFileInformationByHandle
CreateFileA
GetTempFileNameA
GetTempPathA
GetFullPathNameA
GetACP
SetErrorMode
SetConsoleCtrlHandler
FlushFileBuffers
GetExitCodeProcess
GetSystemDirectoryA
HeapFree
HeapAlloc
GetProcessHeap
ExitProcess
MultiByteToWideChar
GetDriveTypeA
WideCharToMultiByte
RaiseException
RtlUnwind
GetSystemTimeAsFileTime
ResumeThread
GetTimeFormatA
GetDateFormatA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapReAlloc
SetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStartupInfoA
InterlockedIncrement

user32

MessageBoxA

advapi32

RegQueryValueExA
RegCloseKey
LookupAccountNameA
IsValidSid
GetSidSubAuthorityCount
GetSidSubAuthority
RegOpenKeyExA

imagehlp

StackWalk
SymInitialize
SymCleanup

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 240KB - Virtual size: 237KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.0MB - Virtual size: 5.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 4KB - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c767663f726871e69dd9a06fd8cf7dda

Headers

File Characteristics

Imports

netapi32

wsock32

kernel32

user32

advapi32

imagehlp

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 240KB - Virtual size: 237KB

.data Size: 1.0MB - Virtual size: 5.8MB

_RDATA Size: 4KB - Virtual size: 48B

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 240KB - Virtual size: 237KB

.data
Size: 1.0MB - Virtual size: 5.8MB

_RDATA
Size: 4KB - Virtual size: 48B