c9d918652bd3335050faff7d3d110e50N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

c9d918652bd3335050faff7d3d110e50N.exe
Size

3.0MB
MD5

c9d918652bd3335050faff7d3d110e50
SHA1

87246b9980d4275116591ccc11bc558b34d87fe4
SHA256

d34da0bb9a512c6ff875b451995f325dd7698519c54fcec60c8e7314dcd99aa3
SHA512

c7d7e07273660aa3e43ce83f6d128e5a4d251563ab5fb02853412b6296069c4db8217decffd58bf2bca2266e04e692a5d07dac48dd0d6b5a1098f730eb392069
SSDEEP

98304:ftNZXdTCXiuizwR+PTXtAkg+QYszCLgob4HW9HBbE3Xc:1NZXodgSkZsYzb4HW9Hc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c9d918652bd3335050faff7d3d110e50N.exe

Files

c9d918652bd3335050faff7d3d110e50N.exe
.exe windows:5 windows x86 arch:x86

7f9d8596f75413a2bebde9bef3c213a5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

tapi32

lineOpenW
lineInitialize
lineNegotiateAPIVersion
lineMakeCallW
lineGetDevCapsW
lineGetIDW
lineTranslateAddressW
lineClose
lineShutdown
lineGetCallStatus
lineDeallocateCall
lineDrop

kernel32

VirtualQuery
HeapQueryInformation
HeapSize
SetUnhandledExceptionFilter
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapCreate
UnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
IsProcessorFeaturePresent
GetACP
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
LCMapStringW
GetStringTypeW
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
CreateFileA
WriteConsoleW
GetDriveTypeW
SetEnvironmentVariableA
GetDateFormatA
GetTimeFormatA
SizeofResource
LockResource
LoadResource
ExitThread
FindResourceW
MultiByteToWideChar
lstrcmpW
HeapFree
GetProcessHeap
HeapAlloc
WideCharToMultiByte
CloseHandle
GetExitCodeProcess
WaitForSingleObject
GetLastError
CreateProcessW
GetFileAttributesW
DeleteFileW
SetFileAttributesW
CopyFileW
Sleep
GetModuleFileNameW
VirtualAlloc
GetCurrentProcessId
WriteFile
CreateFileW
GetTempFileNameW
GetTempPathW
RemoveDirectoryW
GetWindowsDirectoryW
GetShortPathNameW
MoveFileExW
GetTickCount
GlobalFree
GlobalUnlock
GlobalLock
HeapReAlloc
GetCPInfo
ExitProcess
GetDiskFreeSpaceA
DecodePointer
EncodePointer
RaiseException
GetDateFormatW
GetTimeFormatW
GetSystemTimeAsFileTime
RtlUnwind
GetStartupInfoW
HeapSetInformation
GetCommandLineW
FindResourceExW
VirtualProtect
GetNumberFormatW
SetErrorMode
lstrcpyW
GetSystemDirectoryW
GlobalFlags
GetDiskFreeSpaceW
ReplaceFileW
ReleaseMutex
CreateMutexW
GetFileTime
GetFileSizeEx
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileAttributesExW
GetFullPathNameW
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GlobalAlloc
GetFileType
SetStdHandle
OpenProcess
CreateThread
InterlockedCompareExchange
SetFilePointer
MoveFileW
LocalFree
FormatMessageW
GetLocaleInfoW
lstrcmpiW
GetThreadLocale
GetStringTypeExW
FileTimeToLocalFileTime
FileTimeToSystemTime
FindFirstFileW
FindNextFileW
FindClose
WritePrivateProfileStringW
GetPrivateProfileIntW
lstrlenA
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
SuspendThread
ResumeThread
lstrcmpA
ConvertDefaultLocale
CompareStringA
LoadLibraryExW
InterlockedExchange
GlobalGetAtomNameW
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
FreeResource
ReleaseActCtx
CreateActCtxW
ActivateActCtx
DeactivateActCtx
GlobalSize
MulDiv
GlobalMemoryStatus
GetVolumeInformationW
GlobalMemoryStatusEx
LocalAlloc
GetCurrentProcess
GetCurrentThread
SetThreadAffinityMask
GetThreadPriority
SetThreadPriority
QueryPerformanceFrequency
QueryPerformanceCounter
GetSystemDefaultUILanguage
GetCommModemStatus
ReadFile
SetCommState
ClearCommError
GetOverlappedResult
GetCommState
SetCommTimeouts
WaitForMultipleObjects
lstrlenW
GetCurrentDirectoryW
GetUserDefaultLCID
GetUserGeoID
GetGeoInfoW
GetPrivateProfileStringW
SetLastError
CreateDirectoryW
InterlockedDecrement
InterlockedIncrement
GetModuleHandleW
LoadLibraryA
GetProfileIntW
SearchPathW
ResetEvent
GetCurrentThreadId
CreateEventW
SetEvent
GetSystemInfo
GetVersionExW
LoadLibraryW
GetProcAddress
FreeLibrary
GetUserDefaultUILanguage

user32

SetWindowRgn
PostThreadMessageW
WindowFromPoint
KillTimer
SetTimer
UnionRect
SetParent
GetSystemMenu
DeleteMenu
MapVirtualKeyW
GetKeyNameTextW
SetLayeredWindowAttributes
EnumDisplayMonitors
CopyImage
UnregisterClassW
RealChildWindowFromPoint
GetSysColorBrush
DestroyCursor
InvalidateRgn
IsRectEmpty
CopyAcceleratorTableW
CharNextW
GetMenuItemInfoW
InflateRect
CharUpperW
RegisterClipboardFormatW
SetWindowContextHelpId
MapDialogRect
GetMessageW
GetCursorPos
ShowOwnedPopups
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
IsZoomed
UnpackDDElParam
ReuseDDElParam
LoadMenuW
DestroyIcon
LoadAcceleratorsW
IsIconic
InsertMenuItemW
IntersectRect
SetRectEmpty
BringWindowToTop
TranslateAcceleratorW
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
CheckDlgButton
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
CreateMenu
IsWindowVisible
ValidateRect
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowPos
CopyRect
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetDlgItem
EndDialog
UnhookWindowsHookEx
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
GetFocus
GetParent
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetMenuState
GetMenuStringW
GetMenuItemID
InsertMenuW
GetSubMenu
AdjustWindowRectEx
LoadImageW
PostMessageW
LoadIconW
DrawIcon
SetRect
GetTabbedTextExtentW
GetMenuDefaultItem
InvertRect
HideCaret
EnableScrollBar
NotifyWinEvent
GetIconInfo
DrawIconEx
DestroyAcceleratorTable
SetClassLongW
DrawStateW
DrawEdge
DrawFrameControl
ToUnicodeEx
GetKeyboardLayout
SetFocus
ShowScrollBar
GetAsyncKeyState
OffsetRect
GetKeyState
GetWindowRect
RemoveMenu
GetMenuItemCount
AppendMenuW
CreatePopupMenu
ShowCaret
GetKeyboardState
CreateAcceleratorTableW
SetCursorPos
LockWindowUpdate
IsClipboardFormatAvailable
WaitMessage
SetClipboardData
CreateCaret
GetClipboardData
CloseClipboard
EmptyClipboard
IsCharLowerW
MapVirtualKeyExW
UpdateLayeredWindow
MonitorFromPoint
IsMenu
DefFrameProcW
DefMDIChildProcW
DrawMenuBar
OpenClipboard
GetSystemMetrics
RedrawWindow
DrawFocusRect
LoadCursorW
SetCursor
GetNextDlgGroupItem
GetNextDlgTabItem
SystemParametersInfoW
SetProcessDefaultLayout
UpdateWindow
ReleaseCapture
SetCapture
PtInRect
MessageBeep
ReleaseDC
GetDC
LoadBitmapW
GetClientRect
MessageBoxW
TranslateMessage
DispatchMessageW
GetWindowLongW
SetWindowLongW
SendMessageW
SetForegroundWindow
GetTopWindow
SetActiveWindow
GetSysColor
GetWindow
PeekMessageW
PostQuitMessage
IsChild
InvalidateRect
EnableWindow
TranslateMDISysAccel
SetMenuDefaultItem
FrameRect
GetUpdateRect
CopyIcon
CharUpperBuffW
GetDoubleClickTime
SubtractRect
GetScrollPos
GetWindowRgn
DestroyMenu

gdi32

LineTo
MoveToEx
SetTextAlign
GetLayout
SetLayout
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
BitBlt
GetPixel
StartDocW
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ExtSelectClipRgn
CreatePatternBrush
GetObjectType
CreatePen
CreateHatchBrush
CreateRectRgnIndirect
IntersectClipRect
CombineRgn
GetMapMode
PatBlt
DPtoLP
GetBkColor
GetTextColor
GetRgnBox
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
GetViewportOrgEx
EnumFontFamiliesW
GetTextCharsetInfo
CreateEllipticRgn
LPtoDP
Ellipse
CreateDIBSection
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextAlign
GetTextFaceW
GetWindowOrgEx
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
CreateRoundRectRgn
CreatePolygonRgn
Polyline
Polygon
SetDIBColorTable
SetPixel
OffsetRgn
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
SetPixelV
GetClipBox
ExcludeClipRect
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateFontW
GetCharWidthW
GetTextMetricsW
SelectObject
SetBkColor
SetTextColor
CreateBitmap
CopyMetaFileW
EnumFontFamiliesExW
CreateCompatibleBitmap
Rectangle
GetCurrentObject
CreateSolidBrush
DeleteObject
GetObjectW
CreateFontIndirectW
GetTextExtentPoint32W
GetDeviceCaps
SelectPalette
SetStretchBltMode
SetDIBitsToDevice
StretchDIBits
CreateDIBitmap
StretchBlt
CreateCompatibleDC
CreatePalette
GetStockObject
RealizePalette
CreateDCW
SetRectRgn
DeleteDC
ExtEscape

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW
GetJobW
EnumPrintersW

advapi32

InitializeAcl
RegSetValueExW
RegQueryValueExW
RegCreateKeyExW
RegOpenKeyExW
RegDeleteKeyW
RegEnumKeyExW
RegQueryInfoKeyW
RegDeleteValueW
ConvertSidToStringSidW
RegEnumValueW
GetFileSecurityW
SetFileSecurityW
RegQueryValueW
RegEnumKeyW
RegSetValueW
RegGetKeySecurity
GetSecurityDescriptorDacl
AllocateAndInitializeSid
GetLengthSid
RegCloseKey
FreeSid
GetSecurityDescriptorLength
InitializeSecurityDescriptor
GetAce
EqualSid
AddAce
AddAccessAllowedAce
IsValidAcl
SetSecurityDescriptorDacl
IsValidSecurityDescriptor
RegSetKeySecurity

shell32

SHGetDesktopFolder
ExtractIconW
SHBrowseForFolderW
SHGetFileInfoW
DragQueryFileW
DragFinish
SHGetPathFromIDListW
SHGetFolderPathAndSubDirW
ShellExecuteW
SHGetSpecialFolderLocation
SHAppBarMessage

comctl32

ord17
ImageList_GetIconSize

shlwapi

PathIsUNCW
PathStripToRootW
PathFindFileNameW
PathFindExtensionW
PathRemoveFileSpecW

ole32

CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoDisconnectObject
CoInitializeEx
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
OleTranslateAccelerator
IsAccelerator
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoCreateInstance
CoInitialize
CoUninitialize
CoTaskMemFree
ReleaseStgMedium
StringFromCLSID
OleDuplicateData
CoCreateGuid
CLSIDFromProgID
CLSIDFromString
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
DoDragDrop
OleGetClipboard
CreateStreamOnHGlobal
CoLockObjectExternal
CoTaskMemAlloc

oleaut32

SysAllocString
LoadTypeLi
VarBstrFromDate
OleCreateFontIndirect
SysAllocStringLen
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayCopy
SafeArrayLock
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
VariantChangeType
VariantCopy
SafeArrayGetVartype
SysStringLen
SysFreeString
VariantInit
VariantClear
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
SafeArrayUnlock

oledlg

OleUIBusyW

msvfw32

DrawDibClose
DrawDibOpen
DrawDibDraw
DrawDibRealize

setupapi

SetupDiGetClassDevsW
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceRegistryPropertyW

rpcrt4

UuidCreate
UuidToStringW
RpcStringFreeW

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

wininet

InternetCrackUrlW

gdiplus

GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdiplusShutdown
GdipDrawImageI

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 517KB - Virtual size: 516KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 45KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 688KB - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7f9d8596f75413a2bebde9bef3c213a5

Headers

DLL Characteristics

File Characteristics

Imports

version

tapi32

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

msvfw32

setupapi

rpcrt4

oleacc

wininet

gdiplus

imm32

winmm

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 517KB - Virtual size: 516KB

.data Size: 45KB - Virtual size: 77KB

.rsrc Size: 688KB - Virtual size: 692KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 517KB - Virtual size: 516KB

.data
Size: 45KB - Virtual size: 77KB

.rsrc
Size: 688KB - Virtual size: 692KB