2daa8361cf15a9fbd767628a3d060780N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

2daa8361cf15a9fbd767628a3d060780N.exe
Size

1.0MB
MD5

2daa8361cf15a9fbd767628a3d060780
SHA1

2c418ac5b93ef449ce54e10b67395d9a0a85090f
SHA256

9ee78fa98621497ec98cd716093129d902ed6c8b009fec90964ccc59d0a4772e
SHA512

42582159cc60739fd15219505fcd9fd979440c24126ca9f453592dba39721f8bbc2abf1d60c2f5685c0beee1e454c573406aa1d9f1d416c5c9e841bdafbc1330
SSDEEP

12288:3L1HMvclfxbx+GjrYfvGvkrgZNu/khxG4qHR/e+FzHM+QpSsMiypTD:1M0VNx+GPYfPM84qHRJBQpSsMiOT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2daa8361cf15a9fbd767628a3d060780N.exe

Files

2daa8361cf15a9fbd767628a3d060780N.exe
.exe windows:5 windows x86 arch:x86

788e6315905ab16d26d6bc835a477ee4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueW

wininet

InternetSetOptionW
HttpOpenRequestW
InternetCloseHandle

rpcrt4

UuidCreateSequential

iphlpapi

GetAdaptersInfo

kernel32

WaitForSingleObject
GetFileType
FindClose
CloseHandle
GetTickCount
PeekNamedPipe
LoadLibraryW
GetModuleHandleW
GetTempPathW
CreateFileW
FindFirstFileW
FindNextFileW
WideCharToMultiByte
GetLocaleInfoW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
Module32FirstW
Module32NextW
InitializeCriticalSection
LoadLibraryA
FreeLibrary
TerminateProcess
Sleep
GetTimeZoneInformation
GetDiskFreeSpaceW
GetMailslotInfo
HeapAlloc
HeapFree
GetProcessHeap
GetCurrentProcessId
GetModuleHandleA
GetFileSize
GetFileSizeEx
WriteFile
ReadFile
FlushFileBuffers
SetEndOfFile
SetFilePointer
GetSystemTimeAsFileTime
GetEnvironmentVariableW
ExpandEnvironmentStringsW
GetFileAttributesW
LocalFree
GetVersion
CreateMutexW
GetProcAddress
GlobalHandle
GlobalFree
lstrcmpiW
LoadLibraryExW
GetStdHandle
QueryPerformanceCounter
GlobalMemoryStatus
GetVersionExA
FlushConsoleInputBuffer
TlsSetValue
TlsGetValue
GetExitCodeProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCPInfo
SetConsoleMode
ReadConsoleInputA
GetConsoleMode
SetConsoleCtrlHandler
AreFileApisANSI
GetModuleHandleExW
ExitProcess
GetCommandLineW
IsDebuggerPresent
ExitThread
CreateThread
RtlUnwind
GetStringTypeW
EncodePointer
DecodePointer
HeapSize
HeapReAlloc
HeapDestroy
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
InterlockedCompareExchange
MultiByteToWideChar
FindResourceExW
FindResourceW
GetModuleFileNameW
lstrcmpW
MulDiv
SizeofResource
LoadResource
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
SetLastError
GetLastError
OpenThread
GetCurrentThreadId
RaiseException
CompareStringW
LCMapStringW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
IsValidCodePage
GetACP
GetOEMCP
GetConsoleCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
ReadConsoleW
SetStdHandle
SetFilePointerEx
GetCurrentProcess
FlushInstructionCache
GlobalUnlock
GlobalLock
GlobalAlloc
LockResource
InterlockedDecrement
InterlockedIncrement
TlsAlloc
OpenProcess
TlsFree
GetStartupInfoW
OutputDebugStringW
WriteConsoleW
SetEnvironmentVariableA
OpenMutexW

user32

CreateDialogIndirectParamW
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
GetWindowThreadProcessId
EnumWindows
GetMonitorInfoW
MonitorFromWindow
IsDialogMessageW
MapWindowPoints
GetWindowRect
GetLastInputInfo
PostMessageW
GetKeyboardLayoutList
MapDialogRect
LoadCursorW
GetWindow
GetClassNameW
GetParent
GetDesktopWindow
SetWindowLongW
FillRect
GetSysColor
ScreenToClient
GetUserObjectInformationW
GetProcessWindowStation
MessageBoxA
ClientToScreen
SetWindowContextHelpId
GetClientRect
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
RedrawWindow
InvalidateRgn
InvalidateRect
EndPaint
BeginPaint
ReleaseDC
GetDC
DestroyAcceleratorTable
CreateAcceleratorTableW
SetTimer
ReleaseCapture
SetCapture
GetFocus
SetFocus
CharNextW
SendDlgItemMessageW
GetDlgItem
EndDialog
SetWindowPos
MoveWindow
DestroyWindow
IsChild
IsWindow
CreateWindowExW
GetClassInfoExW
RegisterClassExW
CallWindowProcW
DefWindowProcW
SendMessageW
RegisterWindowMessageW
UnregisterClassW
GetWindowLongW

gdi32

BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC
DeleteObject
GetDeviceCaps
GetStockObject
SelectObject
CreateSolidBrush
GetObjectW

advapi32

LookupAccountSidW
GetTokenInformation
LookupPrivilegeValueW
AdjustTokenPrivileges
RegSetValueExW
RegQueryValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegSetValueW
DeregisterEventSource
ReportEventA
RegisterEventSourceA
RegCreateKeyExW
RegCloseKey

shell32

ShellExecuteExW
SHGetFolderPathW

ole32

OleUninitialize
OleInitialize
CoTaskMemFree
CoTaskMemAlloc
OleLockRunning
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CoGetClassObject
CreateStreamOnHGlobal
CoInitialize
CoUninitialize
CoTaskMemRealloc
StringFromGUID2

oleaut32

SysStringLen
VariantInit
VariantClear
LoadTypeLi
LoadRegTypeLi
DispCallFunc
SysFreeString
VarUI4FromStr
SysAllocStringLen
OleCreateFontIndirect
SysAllocString

comctl32

InitCommonControlsEx

psapi

GetProcessImageFileNameW
GetModuleFileNameExW

Sections

.text
Size: 778KB - Virtual size: 778KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 259KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

788e6315905ab16d26d6bc835a477ee4

Headers

DLL Characteristics

File Characteristics

Imports

version

wininet

rpcrt4

iphlpapi

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

psapi

Sections

.text Size: 778KB - Virtual size: 778KB

.rdata Size: 260KB - Virtual size: 259KB

.data Size: 25KB - Virtual size: 42KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 778KB - Virtual size: 778KB

.rdata
Size: 260KB - Virtual size: 259KB

.data
Size: 25KB - Virtual size: 42KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 2KB - Virtual size: 2KB