57d13dd62a31322bce79a6d3e87ce6a0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

57d13dd62a31322bce79a6d3e87ce6a0N.exe
Size

1.8MB
MD5

57d13dd62a31322bce79a6d3e87ce6a0
SHA1

f1caa5ae5f61965570dfcbe434e10ebc58abc4cb
SHA256

9e99fc59c043a42b4ca2e7983711a21c01ce82048957bdf5f56171c267310e30
SHA512

083a1525395576c34eae7f407233b4766c4a02cc531160b1334b8958c468ab882874009739ad3b89a54897c44a9e9c7c3ec20d8330c9e0e30a49eab6545c957f
SSDEEP

49152:c73RsVqVwbpPZMLzHzWFwVw4Ql5xtrphlJM+kPS:4MqVwgfTWKVw4ONhlz8S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
57d13dd62a31322bce79a6d3e87ce6a0N.exe

Files

57d13dd62a31322bce79a6d3e87ce6a0N.exe
.exe windows:4 windows x86 arch:x86

5702d94ccb6b0657a8d96212a40c5cbe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
LocalLock
GlobalLock
GlobalUnlock
LocalAlloc
WinExec
LocalFree
LocalUnlock
GetCommandLineA
lstrcpyA
lstrcatA
GetLastError
lstrlenA
CreateMutexA
SetEvent
ReleaseMutex
GetVersion
GlobalAlloc
Sleep
CreateEventA
FreeLibrary
GetStartupInfoA
GetModuleHandleA
SetThreadPriority
CloseHandle
ResumeThread
GetTickCount
SuspendThread
WaitForSingleObject

user32

SetFocus
CreateDialogParamA
ReleaseDC
EnableWindow
GetDlgItem
DefWindowProcA
PostMessageA
GetClientRect
ClientToScreen
SendDlgItemMessageA
SetDlgItemTextA
ChangeMenuA
GetSystemMenu
CreateWindowExA
PostQuitMessage
DestroyWindow
ShowWindow
EndPaint
InvalidateRect
GetDC
GetDesktopWindow
FillRect
BeginPaint
MessageBeep
SetCursor
MessageBoxA
DialogBoxParamA
SetForegroundWindow
ReleaseCapture
SetCapture
FindWindowA
SendMessageA
LoadIconA
RegisterClassA
LoadStringA
LoadAcceleratorsA
LoadBitmapA
LoadCursorA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
UnregisterClassA
EndDialog
wsprintfA
GetWindowTextA
SetWindowTextA
GetDlgItemTextA
ScreenToClient
MoveWindow
SetWindowPos
GetWindowRect

gdi32

SelectPalette
CreatePalette
StretchDIBits
RealizePalette
SetDIBits
DeleteObject
SelectObject
CreateSolidBrush
CreateCompatibleBitmap
SetBrushOrgEx
UnrealizeObject
GetDeviceCaps
SetTextColor
SetBkColor
GetStockObject
BitBlt
GetObjectA
DeleteDC
CreateFontA
CreateCompatibleDC

winmm

waveOutUnprepareHeader
waveOutPrepareHeader
waveOutOpen
waveOutReset
waveOutRestart
waveOutGetPosition
waveOutGetNumDevs
waveOutWrite
waveOutPause
waveOutClose

msvfw32

DrawDibClose
DrawDibBegin
DrawDibOpen
DrawDibEnd
DrawDibDraw

shell32

DragAcceptFiles
DragQueryPoint
ShellExecuteA
DragQueryFileA
DragFinish

advapi32

RegOpenKeyExA
RegQueryValueA
RegCloseKey

msvcrt20

floor
memmove
_adjust_fdiv
__getmainargs
_initterm
__p__acmdln
exit
_XcptFilter
_exit
strstr
_isctype
__mb_cur_max
_pctype
memchr
strncpy
realloc
_ftol
_open
_lseek
_read
strncmp
_close
malloc
free
_endthreadex
_beginthreadex
__p__commode
_except_handler3
__p__fmode
_controlfp

Sections

.text
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 533KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5702d94ccb6b0657a8d96212a40c5cbe

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winmm

msvfw32

shell32

advapi32

msvcrt20

Sections

.text Size: 64KB - Virtual size: 61KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 20KB - Virtual size: 533KB

.rsrc Size: 20KB - Virtual size: 17KB

.text
Size: 64KB - Virtual size: 61KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 20KB - Virtual size: 533KB

.rsrc
Size: 20KB - Virtual size: 17KB