263a22e4067415b82474f16eb146a240N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

263a22e4067415b82474f16eb146a240N.exe
Size

376KB
MD5

263a22e4067415b82474f16eb146a240
SHA1

345dab932e72f654ed37740b0c8fff775bbebf19
SHA256

12129178e9e775c2f041f85cb201cf6a46bb3ea8676aaacc901c1c3d45fab39a
SHA512

2f777e8a07ec862092d35c25da12e1cc2bfb64639d5803909e66b1abf00272503a8d7a1b4de399f76fa2422968dd1835b2ef6f1d9fd9299aab30ec9b0ad1e2a9
SSDEEP

6144:apYMpqZ+F+K1VlXiuuSBr2Pw9O3Zej009z3ZCqNH2Y7XFnfp00ZM6DlfFqQQ6ZPy:apjp9+K1VxiuTr2P2Osj00xZbH2Y7XFi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
263a22e4067415b82474f16eb146a240N.exe

Files

263a22e4067415b82474f16eb146a240N.exe
.exe windows:4 windows x86 arch:x86

09f131a855e028cb8bc2d3f1e4a121e3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetSaveFileNameA
GetOpenFileNameA

lmgr8b

ord52
ord244
ord79
ord34
ord33
ord32
ord43
ord45
ord63
ord194
ord59
ord61

sc32w

RNBOcplusFormatPacket
RNBOcplusRead
RNBOcplusInitialize

user32

MessageBeep
GetDC
MessageBoxA
DispatchMessageA
GetMessageA
wsprintfA
GetDlgItemTextA
CheckDlgButton
EndDialog
SetDlgItemTextA
DialogBoxParamA
SetTimer
ReleaseDC
SendMessageA
DefWindowProcA
KillTimer
PostQuitMessage
GetSysColor
LoadIconA
LoadCursorA
RegisterClassA
GetWindowRect
GetClientRect
CreateWindowExA
ShowWindow
SetWindowPos

gdi32

LineTo
DeleteObject
CreateFontIndirectA
SetBkColor
MoveToEx
SelectObject
GetTextMetricsA
GetCharWidthA
TextOutA
SetTextColor
GetStockObject
CreatePen
SetBkMode

kernel32

DeviceIoControl
GetACP
SetConsoleCtrlHandler
LoadLibraryA
CreateFileA
CompareStringW
CompareStringA
SetStdHandle
GetOEMCP
GetCPInfo
GetStringTypeW
GetStringTypeA
SetEnvironmentVariableA
LCMapStringW
LCMapStringA
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
WideCharToMultiByte
HeapCreate
HeapDestroy
RtlUnwind
GetProcAddress
GetConsoleMode
SetConsoleMode
GetStartupInfoA
ReadConsoleInputA
GetSystemTime
GetVersion
ResumeThread
SuspendThread
TerminateThread
SetThreadPriority
CreateThread
_lclose
_lread
OpenFile
_lwrite
SetProcessWorkingSetSize
OpenProcess
GetCurrentProcessId
GetPriorityClass
GetCurrentProcess
GetEnvironmentVariableA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetTickCount
CloseHandle
GetLastError
ReadFile
WriteFile
GetModuleFileNameA
GetFileAttributesA
GetFileType
SetErrorMode
Sleep
GetVersionExA
GetLocalTime
GetModuleHandleA
GetTempFileNameA
UnhandledExceptionFilter
MultiByteToWideChar
SetLastError
GetCommandLineA
RaiseException
GetStdHandle
SetEndOfFile
SetFilePointer
FormatMessageA
DebugBreak
FreeLibrary
GetCurrentThread
DeleteFileA
VirtualQuery
MapViewOfFile
CreateFileMappingA
CreateProcessA
FlushFileBuffers
GetTempPathA
GetFullPathNameA
GetFileInformationByHandle
VirtualAlloc
VirtualFree
TerminateProcess
WaitForSingleObject
HeapAlloc
ExitProcess
HeapReAlloc
HeapFree
GetTimeZoneInformation

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA

Sections

.text
Size: 300KB - Virtual size: 299KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 167KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

09f131a855e028cb8bc2d3f1e4a121e3

Headers

File Characteristics

Imports

comdlg32

lmgr8b

sc32w

user32

gdi32

kernel32

advapi32

Sections

.text Size: 300KB - Virtual size: 299KB

.rdata Size: 20KB - Virtual size: 17KB

.data Size: 44KB - Virtual size: 167KB

.rsrc Size: 8KB - Virtual size: 6KB

.text
Size: 300KB - Virtual size: 299KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 44KB - Virtual size: 167KB

.rsrc
Size: 8KB - Virtual size: 6KB