324ae87fa34b76b0afbc7c15a5eaf440N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

324ae87fa34b76b0afbc7c15a5eaf440N.exe
Size

1.0MB
MD5

324ae87fa34b76b0afbc7c15a5eaf440
SHA1

bdf30f4c0e4fce9bf587153b6106e759349bf1ed
SHA256

dbc9c072b3deab9e89d831d69aef94b40ac3f7697649bf7db0a03e519f1765aa
SHA512

2360f8a7b71097c2f50dd54b1bb1a20223718d2f91d735da5fef441b4bc40618e5caf29ee29d7fb8577967e99d946b34a5af7d13531c5aa93a1e50481f8a9887
SSDEEP

12288:5kiOb88wH7JydHPjrdWYFh8O4K427d3kkbV+C2FSK2FVIsIu2/8q2WoV6bZe53YQ:6iOb8rH7sw53

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
324ae87fa34b76b0afbc7c15a5eaf440N.exe

Files

324ae87fa34b76b0afbc7c15a5eaf440N.exe
.exe windows:4 windows x86 arch:x86

bf427a773313379fd8d17e85b4b655c0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RaiseException
GetStartupInfoA
GetCommandLineA
TerminateProcess
HeapFree
CreateThread
ExitThread
HeapSize
GetACP
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
RtlUnwind
GetVersionExA
HeapDestroy
HeapCreate
IsBadWritePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadCodePtr
GetProfileStringA
GetCurrentProcess
SetErrorMode
GetOEMCP
GetCPInfo
SizeofResource
GetProcessVersion
GetLastError
MultiByteToWideChar
WideCharToMultiByte
InterlockedIncrement
WritePrivateProfileStringA
GlobalFlags
lstrcpynA
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalFree
LocalAlloc
MulDiv
SetLastError
InterlockedDecrement
GetVersion
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
CloseHandle
lstrcpyA
GetModuleHandleA
lstrlenA
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
CreateEventA
SuspendThread
SetThreadPriority
ResumeThread
GetModuleFileNameA
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
WaitForSingleObject
SetEvent
ExitProcess
Sleep
IsBadReadPtr
VirtualAlloc
FreeLibrary
VirtualFree
HeapReAlloc
HeapAlloc
LoadLibraryA
GetProcAddress
GetProcessHeap
WriteFile
GetEnvironmentVariableA

user32

IsDialogMessageA
SetWindowTextA
ShowWindow
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
LoadCursorA
GetClassNameA
PtInRect
GetSysColorBrush
LoadStringA
InflateRect
DestroyMenu
InvalidateRect
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
SetFocus
AdjustWindowRectEx
ScreenToClient
GetTopWindow
GetCapture
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
CopyRect
EndDialog
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
LoadIconA
SendMessageA
DrawIcon
UnregisterClassA
HideCaret
ShowCaret
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
WinHelpA
MessageBoxA
SetCursor
PostQuitMessage
PostMessageA
GetWindowRect
GetParent
ClientToScreen
GetSysColor
IsWindow
GetDC
ReleaseDC
EnableWindow
IsIconic
GetSystemMetrics
GetClientRect
IsWindowUnicode
CharNextA
DefDlgProcA
DrawFocusRect
ExcludeUpdateRgn
UnhookWindowsHookEx

gdi32

SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
DeleteObject
ScaleViewportExtEx
GetDeviceCaps
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetBkMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
GetObjectA
SetBkColor
SetTextColor
GetClipBox
PatBlt
CreateDIBitmap
GetTextExtentPointA
BitBlt
CreateCompatibleDC
CreateBitmap

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA

comctl32

ImageList_Destroy
ImageList_GetImageCount
ImageList_SetBkColor
ImageList_LoadImageA
ord17
ImageList_DrawIndirect
ImageList_GetImageInfo

Sections

.text
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 836KB - Virtual size: 834KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bf427a773313379fd8d17e85b4b655c0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

Sections

.text Size: 84KB - Virtual size: 81KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 80KB - Virtual size: 90KB

.rsrc Size: 836KB - Virtual size: 834KB

.text
Size: 84KB - Virtual size: 81KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 80KB - Virtual size: 90KB

.rsrc
Size: 836KB - Virtual size: 834KB