07c77a4b1eab8d5ffb7d7fe49a373300N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

07c77a4b1eab8d5ffb7d7fe49a373300N.exe
Size

192KB
MD5

07c77a4b1eab8d5ffb7d7fe49a373300
SHA1

ac871cb7522c283536feed9aca02db522955350b
SHA256

e5bb00d10a5f6362b0c05083b9e4578d30ae60ed3c325ef303ffbdf86ec49f48
SHA512

a40d4297b8019a4021f764ce72feb8f2c0dd3f3c8e3139330742b8e5298b56b515f339ab2826fe80ef4da78fab657a7353a6c32adb153671b89d87d2b0381d02
SSDEEP

3072:TO/coGiXPliuAjGVX+8dA5o1rYoOehJxzY:yeWyyVrA+txz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07c77a4b1eab8d5ffb7d7fe49a373300N.exe

Files

07c77a4b1eab8d5ffb7d7fe49a373300N.exe
.dll windows:4 windows x86 arch:x86

5c6d0485514e775f0f380122d5bbe84e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentProcess
CreateFileA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
GetTimeZoneInformation
GetSystemTime
GetLocalTime
RtlUnwind
GetOEMCP
RaiseException
HeapAlloc
HeapFree
GetACP
HeapReAlloc
HeapSize
ExitProcess
TerminateProcess
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
SetUnhandledExceptionFilter
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
SetStdHandle
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetCPInfo
CloseHandle
LoadLibraryA
FreeLibrary
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
GetProcAddress
GetVersion
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetModuleFileNameA
GlobalFlags
lstrcmpiA
lstrcmpA
GetLastError
SetLastError
GlobalFree
GlobalAlloc
lstrcpyA
lstrcpynA
FormatMessageA
LocalFree
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte
GlobalLock
GlobalUnlock
lstrlenA
MultiByteToWideChar
FindFirstFileA
FindNextFileA
FindClose
WaitForSingleObject
GetExitCodeThread
CreateThread
ExitThread
GetCommandLineA
DeleteFileA

user32

DispatchMessageA
PeekMessageA
MapWindowPoints
LoadIconA
GetNextDlgTabItem
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
LoadBitmapA
GetMenuCheckMarkDimensions
PostQuitMessage
DestroyMenu
GetClientRect
CopyRect
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetKeyState
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GrayStringA
DrawTextA
TabbedTextOutA
SetWindowPos
SetWindowLongA
GetDlgItem
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
LoadCursorA
GetSystemMetrics
PostMessageA
GetMenuItemID
GetSubMenu
GetMenuStringA
GetMenuItemCount
GetMenu
UnhookWindowsHookEx
GetLastActivePopup
IsWindowEnabled
MessageBoxA
EnableWindow
SetFocus
RemovePropA
AdjustWindowRectEx
GetWindowTextA
GetMenuState
LoadStringA
GetClassNameA
GetWindowLongA
PtInRect
GetWindowRect
GetDlgCtrlID
GetWindow
ClientToScreen
SetWindowTextA
SendMessageA
GetFocus
GetParent

oleaut32

VariantCopy
SysAllocString
SysAllocStringByteLen
VariantChangeType
VariantClear

comctl32

ord17

gdi32

DeleteObject
RestoreDC
SelectObject
GetStockObject
SaveDC
DeleteDC
GetDeviceCaps
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetObjectA
CreateBitmap
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetTextColor
SetBkColor

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

ole32

CoUninitialize
CoInitialize
CoGetClassObject

Exports

Exports

GetFileRecordCount
GetFileRecordsCounted
GetSuppFileName
GetTotalRecordCount
GetTotalRecordsCounted
RegisterSuppMsgReceiver
SuppMaintCancel
SuppMaintGetExitCode
SuppMaintStart
SuppMaintStartTreaded

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.GLOBALS
Size: 4KB - Virtual size: 316B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5c6d0485514e775f0f380122d5bbe84e

Headers

File Characteristics

Imports

kernel32

user32

oleaut32

comctl32

gdi32

winspool.drv

ole32

Exports

Exports

Sections

.text Size: 116KB - Virtual size: 115KB

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 20KB - Virtual size: 32KB

.GLOBALS Size: 4KB - Virtual size: 316B

.reloc Size: 20KB - Virtual size: 16KB

.text
Size: 116KB - Virtual size: 115KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 20KB - Virtual size: 32KB

.GLOBALS
Size: 4KB - Virtual size: 316B

.reloc
Size: 20KB - Virtual size: 16KB