8be4368fd77f3fe8cb5637f0e54fe8f0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

8be4368fd77f3fe8cb5637f0e54fe8f0N.exe
Size

1.8MB
MD5

8be4368fd77f3fe8cb5637f0e54fe8f0
SHA1

de790823dd165547c44db4f66795a35cbf69f7e8
SHA256

d7158b61ede294144380f315dd51cb78627755b7931fe05e508dd4ceeb6b4a6a
SHA512

c4b507c4507a2d82221f8e22669bb077f5f8ccb134b687311c8de85757bc60cfee5ce3c297a40e204877a3af5e45b391a369ff1c6364057681f7d957aed477cb
SSDEEP

24576:SCV/dLs3rwRuPpEuQXnByI5Ez16thvNBsBzdTa655FHCZ1YO0BZesCiM:SC4wRuPpEuQXnByIs16VO/MZ2Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8be4368fd77f3fe8cb5637f0e54fe8f0N.exe

Files

8be4368fd77f3fe8cb5637f0e54fe8f0N.exe
.exe windows:5 windows x86 arch:x86

9c5e4a15fd106138e3ad4910810294c5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\nuterm32\Debug\Winterm.pdb

Imports

vic32

ord75
ord159
ord157
ord72
ord158
ord67
ord163
ord51
ord64
ord178
ord179
ord181
ord55
ord110
ord54
ord108
ord120
ord122
ord47
ord7
ord49
ord38
ord46
ord36
ord162
ord79
ord182
ord82
ord81
ord193
ord76
ord77
ord3
ord220
ord156

kernel32

SetEnvironmentVariableA
CompareStringW
FileTimeToLocalFileTime
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
OpenFileMappingA
GetTimeZoneInformation
GetLocaleInfoW
GetConsoleOutputCP
WriteConsoleA
OpenEventA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
InitializeCriticalSectionAndSpinCount
HeapReAlloc
HeapSize
GetProcessHeap
HeapAlloc
GetConsoleMode
GetConsoleCP
SetStdHandle
VirtualFree
HeapFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
SetHandleCount
IsValidCodePage
GetACP
LCMapStringW
LCMapStringA
LoadLibraryW
SetConsoleCtrlHandler
FatalAppExitA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
OutputDebugStringW
WriteConsoleW
OutputDebugStringA
GetStdHandle
DebugBreak
ExitThread
CreateThread
ExitProcess
Sleep
VirtualQuery
GetSystemInfo
VirtualAlloc
RaiseException
IsBadReadPtr
HeapValidate
GetFileType
GetStartupInfoA
GetCommandLineA
CreateDirectoryA
GetLocalTime
RtlUnwind
SetFileAttributesA
LocalFileTimeToFileTime
GetFileSizeEx
GetDiskFreeSpaceA
GetTempFileNameA
GetFileTime
SetFileTime
GetFileAttributesA
FindResourceExA
GetShortPathNameA
GetStringTypeExA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
DeleteFileA
MoveFileA
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
GetHandleInformation
GetCurrentDirectoryA
GetThreadLocale
SystemTimeToFileTime
FileTimeToSystemTime
GetOEMCP
GetCPInfo
GlobalFlags
GetProfileIntA
VirtualProtect
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GetModuleFileNameW
GetModuleHandleW
GetAtomNameA
SetErrorMode
InterlockedIncrement
InterlockedDecrement
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
CreateEventA
SetEvent
WaitForSingleObject
CloseHandle
InterlockedExchange
lstrcmpA
GetCurrentThread
GetLocaleInfoA
ConvertDefaultLocale
EnumResourceLanguagesA
GetCurrentProcessId
GetModuleFileNameA
CompareStringA
LoadLibraryA
FreeResource
lstrcmpW
FreeLibrary
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
GetProcAddress
GetVersionExA
SuspendThread
ResumeThread
GetThreadPriority
SetThreadPriority
GetLastError
SetLastError
MultiByteToWideChar
MulDiv
lstrlenW
CopyFileA
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
WideCharToMultiByte
LoadResource
LockResource
SizeofResource
FindResourceA
lstrcpyA
lstrlenA
lstrcatA
lstrcmpiA
OpenFile
GlobalFree

user32

GetMenuContextHelpId
SetMenuContextHelpId
LoadMenuIndirectA
ModifyMenuA
InsertMenuItemA
SetMenuItemInfoA
GetMenuItemInfoA
GetMenuDefaultItem
SetMenuDefaultItem
EnableMenuItem
CheckMenuItem
DeleteMenu
CreatePopupMenu
CreateMenu
ScrollDC
GrayStringA
GetTabbedTextExtentA
DrawTextExA
DrawTextA
DrawFocusRect
DrawFrameControl
DrawEdge
DrawStateA
DrawIcon
InvertRect
FrameRect
FillRect
ExcludeUpdateRgn
WindowFromDC
GetSysColorBrush
GetMenuBarInfo
UnpackDDElParam
ReuseDDElParam
LoadMenuA
DestroyMenu
ReleaseCapture
TranslateAcceleratorA
LoadAcceleratorsA
GetCursorPos
GetMessageA
TranslateMessage
GetWindowThreadProcessId
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
GetMenuCheckMarkDimensions
LoadBitmapA
SetMenuItemBitmaps
RegisterWindowMessageA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
SendDlgItemMessageA
GetSysColor
PeekMessageA
DispatchMessageA
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
ScrollWindow
GetScrollInfo
WinHelpA
TrackPopupMenuEx
TrackPopupMenu
SetWindowPlacement
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
GetKeyState
DestroyWindow
GetDlgCtrlID
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
SetMenu
GetMenu
GetMessageTime
GetMessagePos
CheckMenuRadioItem
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetSystemMetrics
TabbedTextOutA
OpenIcon
CloseWindow
LoadIconA
PostThreadMessageA
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
GetWindowLongA
MapDialogRect
EnableWindow
GetWindowContextHelpId
SetWindowContextHelpId
SendNotifyMessageA
GetForegroundWindow
SetForegroundWindow
ShowCaret
HideCaret
SetCaretPos
GetCaretPos
CreateCaret
GetClipboardViewer
GetClipboardOwner
GetOpenClipboardWindow
OpenClipboard
SetClipboardViewer
ChangeClipboardChain
FlashWindow
WindowFromPoint
SetParent
GetParent
IsChild
GetLastActivePopup
GetWindow
GetTopWindow
FindWindowExA
FindWindowA
ChildWindowFromPointEx
ChildWindowFromPoint
ShowScrollBar
GetNextDlgTabItem
GetNextDlgGroupItem
DlgDirSelectComboBoxExA
DlgDirSelectExA
DlgDirListComboBoxA
DlgDirListA
GetDesktopWindow
GetFocus
SetCapture
GetCapture
SetActiveWindow
GetActiveWindow
KillTimer
SetTimer
DrawCaption
DrawAnimatedRects
EnableScrollBar
RedrawWindow
LockWindowUpdate
GetDCEx
ShowOwnedPopups
IsWindowVisible
ValidateRgn
ValidateRect
InvalidateRgn
InvalidateRect
GetUpdateRgn
GetUpdateRect
UpdateWindow
ReleaseDC
GetWindowDC
GetDC
EndPaint
BeginPaint
ScreenToClient
ClientToScreen
MapWindowPoints
GetClientRect
GetWindowRect
BringWindowToTop
GetWindowRgn
SetWindowRgn
ArrangeIconicWindows
IsZoomed
IsIconic
HiliteMenuItem
GetSystemMenu
DrawMenuBar
DragDetect
PostMessageA
SendMessageA
IsWindow
RemoveMenu
IsMenu
CreateDialogIndirectParamA
EndDialog
SetRectEmpty
GetAsyncKeyState
GetClipboardFormatNameA
CharUpperA
DestroyIcon
GetKeyNameTextA
MapVirtualKeyA
GetDialogBaseUnits
UnregisterClassA
SetWindowLongA
GetMenuItemCount
GetSubMenu
GetMenuState
GetMenuStringA
AppendMenuA
InsertMenuA
GetMenuItemID
PostQuitMessage
wsprintfA
MessageBoxA
LoadCursorA
SetCursor
MessageBeep
IsRectEmpty
PtInRect
SetRect
InflateRect
UnionRect
SubtractRect
DispatchMessageW
GetMessageW
IsWindowUnicode
MsgWaitForMultipleObjects
SetScrollInfo

gdi32

SelectObject
GetDeviceCaps
Escape
TextOutA
DeleteObject
DeleteDC
CreateSolidBrush
StartDocA
CopyMetaFileA
CreateDCA
CreateMetaFileA
CloseMetaFile
CreateEnhMetaFileA
CloseEnhMetaFile
ExtTextOutA
AnimatePalette
GetNearestPaletteIndex
ResizePalette
CreateRectRgn
CreateRectRgnIndirect
CreateEllipticRgn
CreateEllipticRgnIndirect
CreatePolygonRgn
CreatePolyPolygonRgn
CreateRoundRectRgn
PathToRegion
ExtCreateRegion
GetRegionData
SetRectRgn
CombineRgn
EqualRgn
OffsetRgn
GetRgnBox
PtInRegion
RectInRegion
CreateICA
CreateCompatibleDC
GetBrushOrgEx
SetBrushOrgEx
EnumObjects
GetNearestColor
RealizePalette
UpdateColors
GetBkColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextColor
GetMapMode
GetGraphicsMode
GetWorldTransform
GetViewportOrgEx
GetViewportExtEx
GetWindowOrgEx
GetWindowExtEx
DPtoLP
LPtoDP
FillRgn
FrameRgn
InvertRgn
PaintRgn
PtVisible
RectVisible
GetCurrentPositionEx
Arc
Polyline
Chord
GetPaletteEntries
Ellipse
Pie
Polygon
PolyPolygon
Rectangle
RoundRect
PatBlt
BitBlt
StretchBlt
GetPixel
SetPixel
FloodFill
ExtFloodFill
GetTextExtentPoint32A
GetTextAlign
GetTextFaceA
GetTextMetricsA
CreateFontIndirectA
GetCharWidthA
GetFontLanguageInfo
GetCharacterPlacementA
GetAspectRatioFilterEx
SetBoundsRect
GetBoundsRect
ResetDCA
GetOutlineTextMetricsA
GetCharABCWidthsA
GetFontData
GetKerningPairsA
GetGlyphOutlineA
EndPage
SetAbortProc
AbortDoc
MaskBlt
PlgBlt
SetPixelV
AngleArc
GetArcDirection
PolyPolyline
GetColorAdjustment
GetCurrentObject
PolyBezier
DrawEscape
ExtEscape
GetCharABCWidthsFloatA
GetCharWidthFloatA
AbortPath
BeginPath
CloseFigure
EndPath
FillPath
FlattenPath
GetMiterLimit
GetPath
SetMiterLimit
StrokeAndFillPath
StrokePath
WidenPath
GdiComment
PlayEnhMetaFile
SaveDC
RestoreDC
SelectPalette
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetGraphicsMode
SetWorldTransform
ModifyWorldTransform
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
MoveToEx
LineTo
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
ArcTo
SetArcDirection
PolyDraw
PolylineTo
SetColorAdjustment
PolyBezierTo
GetClipRgn
SelectClipPath
ExtSelectClipRgn
PlayMetaFileRecord
EnumMetaFile
PlayMetaFile
StretchDIBits
EnumFontFamiliesExA
EndDoc
GetTextCharacterExtra
StartPage
CreateHalftonePalette
CreatePalette
CreateDiscardableBitmap
CreateCompatibleBitmap
GetBitmapDimensionEx
SetBitmapDimensionEx
GetBitmapBits
SetBitmapBits
CreateBitmapIndirect
CreateFontA
CreateDIBPatternBrushPt
CreatePatternBrush
CreateBrushIndirect
CreateHatchBrush
ExtCreatePen
SetPaletteEntries
GetDCOrgEx
GetClipBox
SetTextColor
SetBkColor
GetObjectA
CreateBitmap
GetStockObject
UnrealizeObject
GetObjectType
CreatePen
CreatePenIndirect

comdlg32

PrintDlgA
GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

OpenThreadToken
RevertToSelf
SetThreadToken
RegCloseKey
RegSetValueA
RegQueryValueExA
RegOpenKeyExA
RegQueryValueA
RegEnumKeyA
RegOpenKeyA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegCreateKeyA
SetFileSecurityA
GetFileSecurityA

shell32

DragFinish
DragQueryFileA
SHGetFileInfoA
ExtractIconA
DragAcceptFiles

shlwapi

PathRemoveExtensionA
PathFindFileNameA
PathRemoveFileSpecW
PathIsUNCA
PathFindExtensionA
PathStripToRootA

ole32

ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CreateBindCtx
CoTaskMemFree
OleDuplicateData
StringFromCLSID
CoTreatAsClass
CoTaskMemAlloc
ReleaseStgMedium
CoDisconnectObject
StringFromGUID2
CoCreateInstance
CoInitializeEx
CoUninitialize
CLSIDFromString
CLSIDFromProgID
OleRun
CoRegisterClassObject
CoRevokeClassObject
CoReleaseMarshalData
CoUnmarshalInterface
CreateStreamOnHGlobal
CoMarshalInterface

oleaut32

VariantClear
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayAllocDescriptor
SafeArrayAllocData
VariantChangeType
VariantInit
SysAllocStringLen
SysStringLen
SysAllocStringByteLen
SysFreeString
SafeArrayGetDim
SafeArrayGetElemsize
RegisterTypeLi
SafeArrayCopy
VarBstrFromCy
VarCyFromStr
SysReAllocStringLen
VariantCopy
SafeArrayCreate
SafeArrayRedim
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
LoadRegTypeLi
LoadTypeLi
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
VarBstrFromDec
VarDecFromStr
VarDateFromStr
VarBstrFromDate
SysAllocString
DosDateTimeToVariantTime
VariantTimeToSystemTime
VarUdateFromDate
VarDateFromUdate
SystemTimeToVariantTime
SysStringByteLen

ws2_32

getpeername
send
recv
accept
connect
listen
sendto
recvfrom
WSAStartup
WSAGetLastError
WSACleanup
WSAAsyncSelect
bind
htonl
closesocket
getservbyname
htons
socket
gethostbyname
inet_addr

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didat
Size: 1024B - Virtual size: 793B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9c5e4a15fd106138e3ad4910810294c5

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

vic32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

ws2_32

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 252KB - Virtual size: 252KB

.data Size: 16KB - Virtual size: 57KB

.idata Size: 22KB - Virtual size: 21KB

.didat Size: 1024B - Virtual size: 793B

.rsrc Size: 56KB - Virtual size: 55KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 252KB - Virtual size: 252KB

.data
Size: 16KB - Virtual size: 57KB

.idata
Size: 22KB - Virtual size: 21KB

.didat
Size: 1024B - Virtual size: 793B

.rsrc
Size: 56KB - Virtual size: 55KB