7be2e7f98a9ad52a3b292d8aa8d2d1e0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

7be2e7f98a9ad52a3b292d8aa8d2d1e0N.exe
Size

1.8MB
MD5

7be2e7f98a9ad52a3b292d8aa8d2d1e0
SHA1

2a606a7104c6dd3cb6eef1c1e60bc96a5f3538fa
SHA256

aa773599a4d4dd61530396dc1cc02155c949bf84fe41d61c4d5bcd153b2a85b5
SHA512

5db4562b43ae1100baa45023b1a231c194c756c398b8b1a6c406b8fed2b13580d9c4d77d3dc184e42e12fd2a5ffbae7848f8bdebd67d190626fba607088c0153
SSDEEP

24576:s3v2uirkqegi2XEUhNPNtEY1soxTh32ORIDkiGL9Mx8eEQLrznbqsD5vdQLmr1KD:sfHpqdlXT29YBMx8VGBqFeg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7be2e7f98a9ad52a3b292d8aa8d2d1e0N.exe

Files

7be2e7f98a9ad52a3b292d8aa8d2d1e0N.exe
.exe windows:4 windows x86 arch:x86

c340aea4bb3658997147cc12288759ca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyA
RegQueryValueExA
RegOpenKeyA
RegSetValueExA
RegOpenKeyExA
RegDeleteValueA
RegCreateKeyExA
CloseServiceHandle
OpenSCManagerA
RegCloseKey
RegDeleteKeyA
RegEnumKeyExA
CreateServiceA
QueryServiceStatus
ControlService
StartServiceA
OpenServiceA
DeleteService

kernel32

SetLastError
LocalFree
GetFileAttributesA
GetLastError
DeleteFileA
LoadLibraryA
WideCharToMultiByte
CopyFileA
SetFileAttributesA
GetSystemDirectoryA
lstrcpyA
GetModuleHandleA
OpenFile
lstrlenA
GetWindowsDirectoryA
RemoveDirectoryA
WriteFile
CloseHandle
ReadFile
LocalAlloc
CreateFileA
GlobalAlloc
Sleep
FindClose
FindFirstFileA
MoveFileA
CreateDirectoryA
DeviceIoControl
GetVersion
OpenProcess
TerminateProcess
GlobalFree
LocalReAlloc
GetCurrentProcessId
WaitForSingleObject
SetEvent
GetVersionExA
GetModuleFileNameA
GetProcAddress
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapFree
GetCurrentProcess
HeapAlloc
HeapReAlloc
GetTimeZoneInformation
FreeLibrary
GetLocalTime
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
VirtualAlloc
MultiByteToWideChar
LCMapStringA
LCMapStringW
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
GetStringTypeA
GetStringTypeW
SetStdHandle
FlushFileBuffers
SetEndOfFile
CompareStringA
CompareStringW
SetEnvironmentVariableA
CreateEventA
GetSystemTime
FileTimeToLocalFileTime
FileTimeToSystemTime
GetDriveTypeA
GetFullPathNameA
GetCurrentDirectoryA

user32

RegisterClassA
DefWindowProcA
PostQuitMessage
MessageBoxA
DialogBoxParamA
EndDialog
SendMessageA
GetDlgItem
GetKeyboardType
EnumWindows
LoadCursorA
LoadIconA
IsWindowVisible
EndPaint
PeekMessageA
SendMessageCallbackA
SetForegroundWindow
FindWindowA
UpdateWindow
ShowWindow
DestroyWindow
SystemParametersInfoA
CreateWindowExA
BeginPaint
GetParent
GetWindowTextA
GetWindowThreadProcessId

gdi32

TextOutA
SetBkColor

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 168KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1.5MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c340aea4bb3658997147cc12288759ca

Headers

File Characteristics

Imports

advapi32

kernel32

user32

gdi32

version

Sections

.text Size: 168KB - Virtual size: 164KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 1.5MB - Virtual size: 1.6MB

.rsrc Size: 72KB - Virtual size: 72KB

.text
Size: 168KB - Virtual size: 164KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 1.5MB - Virtual size: 1.6MB

.rsrc
Size: 72KB - Virtual size: 72KB