5057cc2e309194aa41cd227cd4b07e10N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

5057cc2e309194aa41cd227cd4b07e10N.exe
Size

1.3MB
MD5

5057cc2e309194aa41cd227cd4b07e10
SHA1

3b62ec759a8a2c2ae4652e1e4ff4d30c51400dd8
SHA256

2fe38b06d6c3be262a06b26c4b9dd7774a5cc90f362b8370c543fd402531e3fd
SHA512

2ad696cf8c4b3b6df32b80591b566e94a81302da2232b88efa355c8ca72ef13cc4b3eac9f950fe42a0d59c0561c524af281dc653a02c40b9d1b34c7665d80137
SSDEEP

12288:uzeNuRkL9PoA9u2G346gYXc3ajG+hjQKymY8efKCpD7Gj9G6G1qT8nQkCu83L3WN:EkuKJontsqjnhMgeiCl7G0nehbGZpbD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5057cc2e309194aa41cd227cd4b07e10N.exe

Files

5057cc2e309194aa41cd227cd4b07e10N.exe
.exe windows:4 windows x86 arch:x86

bc8221a0c44b76b0f235068c59bcc8b6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

t:\xdocs\x86\ship\0\regform.pdb

Imports

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
RegOpenKeyExA
RegQueryValueExA

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

cabinet

ord11
ord23
ord14
ord13
ord20
ord22
ord10

rpcrt4

RpcStringFreeW
UuidToStringW
UuidCreate

kernel32

UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
GetTempPathA
CloseHandle
GetFileAttributesW
FileTimeToDosDateTime
FileTimeToLocalFileTime
GetFileInformationByHandle
GetLastError
FindClose
FindFirstFileW
lstrlenW
RaiseException
GetUserDefaultLCID
GetFullPathNameW
DeleteFileW
GetTempFileNameW
GetTempPathW
FormatMessageW
WaitForSingleObject
CreateProcessW
SetUnhandledExceptionFilter
SizeofResource
LockResource
LoadResource
FindResourceW
InitializeCriticalSection
DeleteCriticalSection
MultiByteToWideChar
CreateDirectoryW
lstrcmpiW
FreeLibrary
LoadLibraryExW
GetModuleHandleW
GetModuleFileNameW
FindResourceExW
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
EnterCriticalSection
LeaveCriticalSection
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
GetTempFileNameA
CreateProcessA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
VirtualProtect
LocalAlloc
LoadLibraryA
FormatMessageA
LocalFree
GetSystemDirectoryW
GetProcAddress
IsDebuggerPresent
WriteFile
LoadLibraryW

user32

CharLowerBuffW
CharUpperBuffW
CharNextW
UnregisterClassA
MessageBoxA

oleaut32

VarBstrCat
VarBstrCmp

ole32

CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
CoUninitialize
CoInitialize
CoCreateInstance

msvcr80

_lseek
memcpy
_wsopen_s
_wremove
malloc
free
wcsrchr
wcsstr
wcschr
memcpy_s
wcstol
towupper
towlower
wcsncmp
memset
_vsnwprintf
_recalloc
wprintf
wcsncpy_s
memmove_s
vswprintf_s
wcscpy_s
vsprintf_s
fclose
fwprintf_s
fopen_s
_amsg_exit
__wgetmainargs
_cexit
_exit
_XcptFilter
exit
__winitenv
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_encode_pointer
__set_app_type
_except_handler4_common
_unlock
__dllonexit
_lock
_onexit
_decode_pointer
_crt_debugger_hook
_invoke_watson
_controlfp_s
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_write
_read
_errno
_close

Sections

.text
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 653KB - Virtual size: 653KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 568KB - Virtual size: 572KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bc8221a0c44b76b0f235068c59bcc8b6

Headers

File Characteristics

PDB Paths

Imports

advapi32

version

cabinet

rpcrt4

kernel32

user32

oleaut32

ole32

msvcr80

Sections

.text Size: 62KB - Virtual size: 61KB

.data Size: 1024B - Virtual size: 2KB

.rsrc Size: 653KB - Virtual size: 653KB

.reloc Size: 568KB - Virtual size: 572KB

.text
Size: 62KB - Virtual size: 61KB

.data
Size: 1024B - Virtual size: 2KB

.rsrc
Size: 653KB - Virtual size: 653KB

.reloc
Size: 568KB - Virtual size: 572KB