1612c15ebaf12a6fb4fb2dbc3f4bccd0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

1612c15ebaf12a6fb4fb2dbc3f4bccd0N.exe
Size

2.4MB
MD5

1612c15ebaf12a6fb4fb2dbc3f4bccd0
SHA1

5f18a15259b5894206cb54717f9f8852a492ee59
SHA256

550b4a1f7b2fd3648723e714d33b6056b3a1e4785962794cad0ceeb8d5e5dde1
SHA512

58a1e3b9395e5a455e320fa3c6186892f51f8502f59e021a7ee53ad5c89cd8a8bb07f38356c1f5b8520cebe36bf15839e2bbe27695fe622a4be59ad07b5b7afb
SSDEEP

49152:Tmrox6UMNGOK+AmNYWLOJOvACJT8UbwYEb8A2eC250J+:x3MNGOdOvgqdYEYAFC2e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1612c15ebaf12a6fb4fb2dbc3f4bccd0N.exe

Files

1612c15ebaf12a6fb4fb2dbc3f4bccd0N.exe
.exe windows:5 windows x86 arch:x86

a362d898d8bd7bd8eaf96f51eeabffb5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\WinMount\WinMount3_new_interface31\bin\WinMount.pdb

Imports

kernel32

GetConsoleOutputCP
GetProcessHeap
CreateFileA
SetEnvironmentVariableA
SetStdHandle
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetSystemTimeAsFileTime
QueryPerformanceCounter
VirtualFree
HeapCreate
GetStartupInfoA
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
HeapSize
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
CreateThread
HeapReAlloc
ExitProcess
RaiseException
RtlUnwind
HeapFree
HeapAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
GetFileTime
GetFileSizeEx
LocalSize
OpenProcess
LoadLibraryExW
LoadLibraryExA
EnumResourceTypesW
EnumResourceNamesW
GetExitCodeThread
TerminateThread
ResetEvent
FileTimeToLocalFileTime
SetErrorMode
GetFullPathNameW
GetVolumeInformationW
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
FileTimeToSystemTime
GetThreadLocale
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
GlobalFlags
lstrlenA
GlobalGetAtomNameW
CreateEventW
SetEvent
ResumeThread
SetThreadPriority
GetModuleHandleA
GetTickCount
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
FormatMessageW
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
MultiByteToWideChar
GetVersionExA
FreeResource
GetVersion
LocalUnlock
LocalLock
MulDiv
WriteFile
WideCharToMultiByte
GetCurrentProcessId
GetCurrentThreadId
OutputDebugStringW
lstrcmpW
SetFilePointer
ReadFile
CreateFileW
DeleteFileW
FreeConsole
GetStdHandle
WriteConsoleW
InterlockedDecrement
InterlockedIncrement
LocalFree
LocalAlloc
GetCurrentProcess
GetCurrentThread
ExpandEnvironmentStringsW
GetFileAttributesW
GlobalLock
GlobalAlloc
GlobalFree
GlobalUnlock
lstrcpynW
GetLongPathNameW
GetPrivateProfileIntW
lstrcmpiW
FindClose
FindNextFileW
FindFirstFileW
GetModuleHandleW
SetLastError
GetCurrentDirectoryW
OpenFileMappingW
Sleep
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetLastError
CreateMutexW
GetVersionExW
lstrlenW
FindResourceW
LoadResource
LockResource
SizeofResource
WinExec
GetModuleFileNameA
GetCommandLineW
GetProcAddress
LoadLibraryW
CreateProcessW
lstrcpyW
CloseHandle
WaitForSingleObject
GetModuleFileNameW
FreeLibrary
lstrcatW
WritePrivateProfileStringW
WriteConsoleA

user32

RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
GetDlgCtrlID
DefWindowProcW
LockWindowUpdate
GetDCEx
WindowFromPoint
UnregisterClassW
CallWindowProcW
GetMenu
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetDesktopWindow
SetActiveWindow
IsWindowEnabled
GetNextDlgTabItem
EndDialog
IsWindowVisible
CreateMenu
DestroyWindow
PostQuitMessage
GetClassInfoW
TranslateMessage
MapWindowPoints
PeekMessageW
CreateDialogIndirectParamW
GetWindow
GetAsyncKeyState
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetWindowTextW
WinHelpW
SetWindowTextW
SetWindowPos
GetMessageTime
UnhookWindowsHookEx
GetTopWindow
EndDeferWindowPos
BeginDeferWindowPos
GetForegroundWindow
GetWindowTextLengthW
RemovePropW
GetPropW
SetPropW
GetClassLongW
CallNextHookEx
CheckDlgButton
EnableMenuItem
GetClassInfoExW
CreateWindowExW
GetScrollPos
SetScrollPos
SetMenu
GetKeyState
TrackPopupMenu
TrackPopupMenuEx
WaitMessage
UnionRect
SetParent
wsprintfW
EnableWindow
SendMessageW
IsWindow
GetWindowRect
SetForegroundWindow
LoadCursorW
GetFocus
SetFocus
IsZoomed
GetClientRect
MoveWindow
ShowWindow
SetWindowsHookExW
SendDlgItemMessageA
IsDialogMessageW
SendDlgItemMessageW
LoadMenuW
CreatePopupMenu
GetMenuItemCount
GetMenuStringW
GetMenuItemID
InsertMenuW
GetSubMenu
DestroyMenu
GetSystemMetrics
IsIconic
LoadIconW
PostMessageW
SystemParametersInfoW
RegisterWindowMessageW
BringWindowToTop
GetWindowDC
OffsetRect
FrameRect
ReleaseDC
MessageBoxW
CheckMenuItem
GetMenuState
ModifyMenuW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
RegisterClipboardFormatW
GetWindowThreadProcessId
MapDialogRect
SetWindowContextHelpId
TabbedTextOutW
DrawTextExW
GrayStringW
ClientToScreen
GetDC
ValidateRect
ShowOwnedPopups
TranslateAcceleratorW
InsertMenuItemW
LoadAcceleratorsW
ReuseDDElParam
UnpackDDElParam
GetMenuItemInfoW
GetKeyNameTextW
MapVirtualKeyW
GetSysColorBrush
DeleteMenu
PostThreadMessageW
CharNextW
CopyAcceleratorTableW
IsRectEmpty
InvalidateRgn
GetNextDlgGroupItem
CharUpperW
PtInRect
GetSystemMenu
GetParent
CharUpperBuffW
SetRectEmpty
DrawIconEx
GetCursorPos
LoadBitmapW
GetSysColor
RedrawWindow
KillTimer
SetTimer
InvalidateRect
UpdateWindow
SetCursor
GetMessagePos
ScreenToClient
CopyRect
SetRect
DrawFrameControl
GetClassNameW
SetWindowLongW
FillRect
GetDlgItem
DestroyIcon
LoadStringW
GetDialogBaseUnits
EndPaint
GetWindowLongW
DrawIcon
BeginPaint
MessageBeep
GetLastActivePopup
GetActiveWindow
InflateRect
DispatchMessageW
ReleaseCapture
GetMessageW
SetCapture
GetCapture
IsChild
DrawTextW
DrawStateW
IsClipboardFormatAvailable
DrawFocusRect
GetMenuDefaultItem
GetWindowRgn
IsMenu
ShowCaret
HideCaret
InvertRect
GetIconInfo
CopyIcon
CreateIconIndirect
CreateIconFromResourceEx
LoadImageW
SetWindowRgn
LookupIconIdFromDirectoryEx
GetCursor
SetCursorPos
ToUnicodeEx
GetKeyboardState
GetKeyboardLayoutList
IsCharLowerW
MapVirtualKeyExW
GetKeyboardLayout
SetClassLongW
SetWindowLongA
GetWindowLongA
IsWindowUnicode
SendMessageTimeoutW
GetDoubleClickTime
DrawEdge
EnumWindows
EnableScrollBar
CallWindowProcA
DefWindowProcA
DefFrameProcA
DefFrameProcW
DefDlgProcA
DefDlgProcW
DefMDIChildProcA
DefMDIChildProcW
RegisterClassA
DrawMenuBar
SetMenuDefaultItem
GetTabbedTextExtentA
TranslateMDISysAccel

gdi32

PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
PolyBezierTo
ExtSelectClipRgn
GetPixel
SelectPalette
GetObjectType
CreatePen
PatBlt
SetRectRgn
CombineRgn
GetMapMode
DPtoLP
GetTextMetricsW
GetBkColor
GetTextColor
GetRgnBox
GetCharWidthW
GetViewportExtEx
StretchDIBits
CreatePatternBrush
GetWindowExtEx
CreateRectRgn
GetClipRgn
SelectClipRgn
MoveToEx
IntersectClipRect
ExcludeClipRect
SetMapMode
SetStretchBltMode
SetBkMode
RestoreDC
SaveDC
GetDeviceCaps
CreateBitmap
GetClipBox
SetTextColor
SetBkColor
Polygon
SetPixel
GetCurrentObject
CreateDIBSection
PtInRegion
GetDIBits
GetWindowOrgEx
CreatePolygonRgn
RoundRect
EnumFontFamiliesExW
GetBitmapBits
ExtCreateRegion
Polyline
GetViewportOrgEx
OffsetRgn
GetTextCharsetInfo
SetBrushOrgEx
CreatePalette
CreateDIBitmap
Ellipse
GetTextAlign
GetTextExtentPoint32A
StrokePath
FillPath
StrokeAndFillPath
EndPath
CloseFigure
BeginPath
DeleteDC
SelectObject
CreateDCW
CreateCompatibleBitmap
GetTextExtentPoint32W
CreateRectRgnIndirect
LineTo
BitBlt
DeleteObject
GetObjectW
CreateSolidBrush
CreateCompatibleDC
StretchBlt
GetStockObject
CreateFontW
CreateFontIndirectW

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

FreeSid
RegQueryValueExW
RegCloseKey
RegOpenKeyW
RegSetValueExW
RegCreateKeyExW
RegDeleteValueW
ImpersonateSelf
OpenThreadToken
OpenProcessToken
AllocateAndInitializeSid
InitializeSecurityDescriptor
GetLengthSid
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyExW
RevertToSelf
AccessCheck
IsValidSecurityDescriptor
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
AddAccessAllowedAce
InitializeAcl

shell32

DragQueryFileW
DragFinish
SHGetFileInfoW
Shell_NotifyIconW
SHCreateDirectoryExW
SHGetFolderPathW
ShellExecuteW
CommandLineToArgvW
SHChangeNotify
ShellExecuteExW

comctl32

InitCommonControlsEx
_TrackMouseEvent
ImageList_GetImageCount
ImageList_GetIconSize
ImageList_DrawEx
ImageList_GetBkColor
ImageList_GetImageInfo
ImageList_DrawIndirect
ImageList_Destroy
FlatSB_GetScrollProp

shlwapi

PathIsUNCW
PathStripToRootW
StrCmpNIW
PathAddBackslashW
PathFileExistsW
PathFindFileNameA
PathFindExtensionW
StrCmpIW
PathAppendW
PathFindFileNameW

oledlg

OleUIBusyW
OleUIAddVerbMenuW

ole32

StgOpenStorageOnILockBytes
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CoGetClassObject
CoDisconnectObject
CLSIDFromString
CLSIDFromProgID
OleInitialize
StgCreateDocfileOnILockBytes
CoFreeUnusedLibraries
OleUninitialize
CoTaskMemAlloc
CoTaskMemFree
StringFromGUID2
CreateILockBytesOnHGlobal
CoCreateInstance
CoInitialize
CreateStreamOnHGlobal

oleaut32

OleLoadPicturePath
SafeArrayDestroy
OleCreateFontIndirect
LoadTypeLi
VariantCopy
SysStringByteLen
SysAllocStringByteLen
SysStringLen
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SysAllocString
SysFreeString

gdiplus

GdipSetImageAttributesColorMatrix
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipDrawImageRect
GdipCloneImage
GdipCreateBitmapFromStream
GdipDisposeImage
GdipFree
GdipGetImageWidth
GdipGetImageHeight
GdipDrawImageRectRect
GdipDeleteGraphics
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipAlloc

winmm

PlaySoundW

imagehlp

ImageDirectoryEntryToData

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 335KB - Virtual size: 335KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 588KB - Virtual size: 588KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 153KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a362d898d8bd7bd8eaf96f51eeabffb5

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

gdiplus

winmm

imagehlp

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 335KB - Virtual size: 335KB

.data Size: 32KB - Virtual size: 52KB

.rsrc Size: 588KB - Virtual size: 588KB

.reloc Size: 153KB - Virtual size: 153KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 335KB - Virtual size: 335KB

.data
Size: 32KB - Virtual size: 52KB

.rsrc
Size: 588KB - Virtual size: 588KB

.reloc
Size: 153KB - Virtual size: 153KB