29f466c4514d7c5a53a525b4899f98d0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

29f466c4514d7c5a53a525b4899f98d0N.exe
Size

280KB
MD5

29f466c4514d7c5a53a525b4899f98d0
SHA1

394f293602aae738d9523889ff6a22509e56da22
SHA256

599ad86021b050783d3466477df51e0877171c8679bb7d8c4e660237e49a0eed
SHA512

7ff2f055d0b5401039f523b78c0a7771c783e148860556e0afa2a60d2d51fcd42432a0b9b96edf58498dbe6816096d3950f92013a73fcf69d6cf6fa9425078b3
SSDEEP

6144:PDO1qL/0quZViE9BNhQh7ZqngeYMSlamVkfa:PD/L/i59B498nl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29f466c4514d7c5a53a525b4899f98d0N.exe

Files

29f466c4514d7c5a53a525b4899f98d0N.exe
.exe windows:4 windows x86 arch:x86

df26567b8b5fa8dc2d847b0829ac8a87

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\yjmepzlsyv\sfererog\rjvixeto.PDB

Imports

comctl32

DestroyPropertySheetPage
ImageList_Destroy
ImageList_Create
ImageList_GetIconSize
InitCommonControlsEx
ord17
ImageList_GetImageCount
ImageList_GetImageInfo
ImageList_ReplaceIcon
ImageList_Draw
ImageList_DrawEx
CreatePropertySheetPageW

winspool.drv

GetPrinterA
ClosePrinter
DocumentPropertiesA
EnumPrintersA
ord204
OpenPrinterA

gdi32

ExcludeClipRect
PatBlt
CreateHatchBrush
LineTo
SetViewportExtEx
OffsetRgn
GetTextColor
GetCharABCWidthsA
CreateCompatibleBitmap
GetTextExtentPointA
OffsetClipRgn
MaskBlt
FrameRgn
GetDeviceCaps
GetCurrentPositionEx
GetWindowOrgEx
ExtSelectClipRgn
GetTextExtentPoint32A
SelectClipPath
StrokeAndFillPath
SetStretchBltMode
SetTextAlign

user32

DrawFrameControl
EnumWindows
WaitMessage
TranslateMessage
DestroyMenu
SetCapture
DestroyWindow
GetTopWindow
EnableScrollBar
DestroyAcceleratorTable
GetDlgCtrlID
RegisterClassW
RegisterClassExW
EnableWindow
IsWindow
PostMessageW
GetMenuItemID
LoadCursorA
IsZoomed
EnumChildWindows
TrackPopupMenu
SetCursor
GetWindow
GetWindowDC
MessageBoxW
CreateWindowExW
DestroyIcon
EndDeferWindowPos
ReleaseDC
ShowWindow
BeginDeferWindowPos
DefWindowProcW

comdlg32

GetFileTitleA
GetOpenFileNameA

advapi32

InitializeSecurityDescriptor
RegisterEventSourceA
OpenThreadToken
OpenSCManagerA
RegQueryValueExA
StartServiceCtrlDispatcherA
ReportEventA

shell32

DragQueryFileW
SHGetFileInfoW

kernel32

SetUnhandledExceptionFilter
QueryPerformanceCounter
CreateMutexW
GetProcAddress
RtlUnwind
HeapReAlloc
WideCharToMultiByte
GetCurrentProcessId
GetCurrentThread
GetStdHandle
TlsAlloc
HeapAlloc
MultiByteToWideChar
LoadLibraryA
GetTimeZoneInformation
InterlockedDecrement
GetLastError
GetStringTypeA
LCMapStringW
FatalAppExitA
GetModuleFileNameW
InterlockedExchange
GetSystemTime
HeapCreate
GetFileType
GetStringTypeW
IsBadCodePtr
GetVersion
VirtualAlloc
FreeEnvironmentStringsW
IsBadWritePtr
HeapDestroy
TlsSetValue
SetEnvironmentVariableA
GetCurrentThreadId
CloseHandle
GetSystemTimeAsFileTime
LeaveCriticalSection
GetModuleHandleA
CompareStringA
CompareStringW
SetFilePointer
TlsFree
FreeEnvironmentStringsA
SetStdHandle
SetLastError
GetTickCount
InitializeCriticalSection
GetCurrentProcess
UnhandledExceptionFilter
GetStartupInfoW
WriteFile
GetModuleHandleW
VirtualFree
GetStartupInfoA
GetModuleFileNameA
GetCommandLineA
LCMapStringA
RaiseException
VirtualQuery
TerminateProcess
HeapFree
GetLocalTime
EnterCriticalSection
ReadFile
InterlockedIncrement
TlsGetValue
SetHandleCount
ExitProcess
DeleteCriticalSection
GetEnvironmentStrings
FlushFileBuffers
GetEnvironmentStringsW
GetCPInfo
SetConsoleCtrlHandler
GetCommandLineW
IsBadReadPtr

Sections

.text
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

df26567b8b5fa8dc2d847b0829ac8a87

Headers

File Characteristics

PDB Paths

Imports

comctl32

winspool.drv

gdi32

user32

comdlg32

advapi32

shell32

kernel32

Sections

.text Size: 60KB - Virtual size: 57KB

.rdata Size: 96KB - Virtual size: 93KB

.data Size: 52KB - Virtual size: 55KB

.rsrc Size: 68KB - Virtual size: 64KB

.text
Size: 60KB - Virtual size: 57KB

.rdata
Size: 96KB - Virtual size: 93KB

.data
Size: 52KB - Virtual size: 55KB

.rsrc
Size: 68KB - Virtual size: 64KB