23fd6ec2a5c5243246ebee4177d4f0f0N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

23fd6ec2a5c5243246ebee4177d4f0f0N.exe
Size

3.0MB
MD5

23fd6ec2a5c5243246ebee4177d4f0f0
SHA1

0ea7e385076cc53e86e6a90e3cc6ba45175a6b44
SHA256

558daee15c501bfc57d75ee81768de61e1d35e595e3b3574c9d913944392f757
SHA512

47df7f6d1fb22095960da1187e0613436290d0ec9e6ab9fd0031b0c12fc2ddd366ee0e52dd34ab1812c695adaa54779198ab942b316423db959578d6338a8452
SSDEEP

49152:JAO1WDU/Y5uZYQj284gGSk8vUHzBwDLkvSVmpEv0soD+GVRQkQ/qoLEw:ZrNXXdk8MNckvnsoDbyqo4w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
23fd6ec2a5c5243246ebee4177d4f0f0N.exe

Files

23fd6ec2a5c5243246ebee4177d4f0f0N.exe
.exe windows:4 windows x86 arch:x86

4059da174bb7b2b8bee44c3a4adc2681

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

t:\graph\x86\ship\0\graph.pdb

Imports

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExA
RegOpenKeyExA
RegQueryValueExW

gdi32

DeleteObject
SelectObject
CreateFontIndirectW
GetNearestColor
GetStockObject
CreateSolidBrush
SetWindowExtEx
SetViewportExtEx
SetWindowOrgEx
DPtoLP
LPtoDP
SetMapMode
GetTextMetricsW
SetTextColor
SetBkColor
SaveDC
RestoreDC
ExcludeClipRect
IntersectClipRect
GetClipBox
GetPaletteEntries
GetNearestPaletteIndex
GetTextFaceW
SetBkMode
SetROP2
SetBrushOrgEx
CreateCompatibleBitmap
GetObjectW
GetDIBits
GetBkColor
GetTextColor
EnumFontFamiliesW
GetViewportExtEx
GetWindowExtEx
GetMapMode
GetRgnBox
CombineRgn
SetRectRgn
CreatePatternBrush
SetBitmapBits
CreateDIBPatternBrush
BitBlt
CreateBitmap
CreateBrushIndirect
CreateHatchBrush
CreatePen
ExtCreatePen
DeleteMetaFile
DeleteEnhMetaFile
MoveToEx
GetCurrentPositionEx
LineTo
PatBlt
Polygon
Ellipse
Arc
Pie
GetWindowOrgEx
DeleteDC
CreateCompatibleDC
StretchBlt
CreatePolygonRgn
Escape
CreateRectRgn
CreateRectRgnIndirect
SetMetaFileBitsEx
GetWinMetaFileBits
GetEnhMetaFileHeader
SetWinMetaFileBits
GetMetaFileBitsEx
GdiComment
SetPixel
GetPixel
GetBitmapBits
Polyline
GdiFlush
RealizePalette
SelectPalette
CreatePalette
GetSystemPaletteEntries
SetDIBits
CreateDIBSection
RoundRect
Rectangle
OffsetRgn
CreateRoundRectRgn
GetTextExtentPointA
GetCharWidthA
SetTextAlign
GetTextAlign
GetCurrentObject
SetMapperFlags
EnumObjects
StretchDIBits
SetStretchBltMode
ExtEscape
CreateICW
InvertRgn
GetEnhMetaFileBits
SetEnhMetaFileBits
GetObjectType
CopyEnhMetaFileW
CopyMetaFileW
CreateDIBitmap
GetOutlineTextMetricsW
ExtTextOutW
ExtTextOutA
UnrealizeObject
GetTextCharsetInfo
SelectClipRgn
GetDeviceCaps
EnumFontsW
GetCharacterPlacementA
CreateFontA
GetTextMetricsA

kernel32

GetLastError
SetLastError
GetModuleFileNameW
OutputDebugStringA
GetCurrentProcessId
GetUserDefaultLCID
GetVersionExA
GetCurrentThreadId
GetSystemDefaultLCID
MulDiv
GlobalFree
GetVersionExW
GlobalUnlock
GlobalLock
GlobalAlloc
IsDBCSLeadByte
IsDBCSLeadByteEx
GetACP
GetFileSize
GlobalSize
GetVolumeInformationW
LockFile
UnlockFile
GetCurrentDirectoryW
MoveFileW
DeleteFileW
SetFilePointer
SetFileAttributesW
FindNextFileW
FindFirstFileW
FindClose
WriteFile
SearchPathW
CloseHandle
ReadFile
GlobalReAlloc
SetEnvironmentVariableW
SetCurrentDirectoryW
GetTickCount
LoadResource
FindResourceW
GetLocalTime
FreeLibrary
LCMapStringW
GetStringTypeW
GetOEMCP
Sleep
GlobalCompact
GetWindowsDirectoryW
LoadLibraryExW
IsValidCodePage
VirtualFree
VirtualAlloc
GetSystemTime
LoadLibraryA
LockResource
SizeofResource
SetErrorMode
EnumCalendarInfoW
GetFullPathNameW
HeapAlloc
GetProcessHeap
HeapReAlloc
HeapFree
IsBadWritePtr
TerminateProcess
GetCurrentProcess
QueryPerformanceCounter
SystemTimeToTzSpecificLocalTime
lstrcmpW
LocalAlloc
LocalFree
GetLocaleInfoW
InitializeCriticalSection
DeleteCriticalSection
RaiseException
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetFileAttributesW
GetSystemDirectoryA
GetStringTypeExA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStartupInfoA
InterlockedCompareExchange
InterlockedExchange
GetTempPathA
GetTempFileNameA
CreateProcessA
GetSystemTimeAsFileTime
VirtualProtect
FormatMessageA
GetSystemDirectoryW
LoadLibraryW
GetVersion

ole32

CoRevokeClassObject
ReadClassStg
CoGetMalloc
CoFreeUnusedLibraries
OleTranslateAccelerator
GetRunningObjectTable
CreateStreamOnHGlobal
CoRegisterClassObject
CreateOleAdviseHolder
OleQueryCreateFromData
CoUninitialize
CoRegisterMessageFilter
GetHGlobalFromILockBytes
OleIsCurrentClipboard
OleSetClipboard
OleGetClipboard
OleCreateLinkFromData
WriteFmtUserTypeStg
CreateBindCtx
MkParseDisplayName
OleLoad
ProgIDFromCLSID
OleSave
OleIsRunning
OleFlushClipboard
CoDisconnectObject
OleGetIconOfClass
CreateItemMoniker
ReleaseStgMedium
WriteClassStg
StgIsStorageFile
CoCreateInstance
ReadClassStm
OleRegGetUserType
CreateDataAdviseHolder
CoLockObjectExternal
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoTaskMemFree
CoInitialize
StringFromGUID2
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
OleQueryLinkFromData

user32

SetCapture
ReleaseCapture
GetCapture
SetFocus
EnableWindow
IsWindowEnabled
UpdateWindow
DispatchMessageW
FlashWindow
GetClassLongW
GetFocus
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetParent
ClientToScreen
GetUpdateRect
UnionRect
AdjustWindowRectEx
ShowCaret
HideCaret
RegisterClassExW
BeginPaint
IsWindowVisible
GetSystemMenu
GetScrollInfo
PeekMessageW
GetActiveWindow
IsChild
DestroyWindow
IsWindow
InSendMessage
VkKeyScanW
GetClassNameW
GetQueueStatus
GetKeyState
GetAsyncKeyState
GetInputState
SetTimer
KillTimer
PostQuitMessage
GetCursorPos
MapVirtualKeyW
TranslateMessage
WaitMessage
RegisterClipboardFormatW
SetCursor
ShowCursor
MessageBeep
GetWindowThreadProcessId
EnumDisplayMonitors
CreateMenu
DestroyMenu
DrawMenuBar
GetMenuItemID
GetMenuItemCount
GetSubMenu
EnableMenuItem
SetScrollPos
CallWindowProcW
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollInfo
GetWindowWord
SetWindowWord
EnumThreadWindows
CloseClipboard
EmptyClipboard
SetCaretPos
SetClipboardData
GetClipboardData
OpenClipboard
GetClipboardOwner
IsClipboardFormatAvailable
CreateCaret
DestroyCaret
GetCaretPos
RegisterWindowMessageA
GetMessageExtraInfo
OffsetRect
InflateRect
GetKeyboardLayout
CloseDesktop
GetUserObjectInformationW
OpenInputDesktop
GetThreadDesktop
IsCharUpperW
SetWindowTextA
IsWindowUnicode
DispatchMessageA
CallNextHookEx
GetMessageTime
RegisterWindowMessageW
IsZoomed
MoveWindow
SetParent
PostMessageW
GetMenu
GetMessageW
SetKeyboardState
GetKeyboardState
SetCursorPos
DrawFocusRect
CharUpperBuffW
GetIconInfo
GetCursor
WindowFromPoint
DefWindowProcW
GetKeyboardLayoutList
DrawIcon
MessageBoxW
SetActiveWindow
MapWindowPoints
DestroyAcceleratorTable
GetDesktopWindow
GetDoubleClickTime
MessageBoxA
MonitorFromWindow
MonitorFromPoint
MonitorFromRect
GetMonitorInfoW
IsRectEmpty
IntersectRect
SetWindowsHookExW
UnhookWindowsHookEx
PtInRect
GetSystemMetrics
LoadCursorW
LoadIconW
GetDC
ReleaseDC
CreateWindowExW
RegisterClassW
GetWindowLongW
GetWindow
IsIconic
GetWindowPlacement
SetWindowPlacement
SetWindowLongW
GetClientRect
FillRect
SendMessageW
GetSysColor
SystemParametersInfoW
GetWindowRect
ScreenToClient
SetWindowPos
DeferWindowPos
ShowWindow
SetForegroundWindow
UnregisterClassA
ValidateRect
InvalidateRgn
GetUpdateRgn
EndPaint
InvalidateRect
EnumClipboardFormats
SetRect

msvcr80

_CxxThrowException
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
_invoke_watson
_crt_debugger_hook
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_acmdln
_ismbblead
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
_decode_pointer
_onexit
_lock
__dllonexit
_encode_pointer
_unlock
_except_handler4_common
fopen_s
fwprintf_s
fclose
vsprintf_s
wcscpy_s
vswprintf_s
wcsrchr
free
tolower
toupper
printf
_controlfp_s
_seh_longjmp_unwind4
memcpy
longjmp
_setjmp3
memmove
memset
exit

winspool.drv

ord203

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 119KB - Virtual size: 670KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 672KB - Virtual size: 676KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4059da174bb7b2b8bee44c3a4adc2681

Headers

File Characteristics

PDB Paths

Imports

advapi32

gdi32

kernel32

ole32

user32

msvcr80

winspool.drv

Sections

.text Size: 2.0MB - Virtual size: 2.0MB

.data Size: 119KB - Virtual size: 670KB

.rsrc Size: 160KB - Virtual size: 160KB

.reloc Size: 672KB - Virtual size: 676KB

.text
Size: 2.0MB - Virtual size: 2.0MB

.data
Size: 119KB - Virtual size: 670KB

.rsrc
Size: 160KB - Virtual size: 160KB

.reloc
Size: 672KB - Virtual size: 676KB