3a560766e76aa9ebed24ff7b4a03aee0N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

3a560766e76aa9ebed24ff7b4a03aee0N.exe
Size

4.5MB
MD5

3a560766e76aa9ebed24ff7b4a03aee0
SHA1

36fd780b5b4a4ca402f158621c9dcd8adcb9e6a0
SHA256

fdf75d100567fc0e6907e2127b0723a9651036d3fb6a303410c5cc905458f951
SHA512

6b7aed7e3a1572bb4e00d917358d66df9f3533ccbdcd139888abb68e5850770073442ecd3d164728a1732c0d2147e91dbb3086205c1e97e093de915cf0311839
SSDEEP

98304:2PEbUasctpyCk6gBfvmF/dOpsnKeFEPPccmEv1YZVjFO:9XRtpPgfv2wpsnKeFEXiEv1YX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a560766e76aa9ebed24ff7b4a03aee0N.exe

Files

3a560766e76aa9ebed24ff7b4a03aee0N.exe
.exe windows:4 windows x86 arch:x86

251ee81be0102e33c695673d8d7fbe0b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
HeapCreate
CreateMutexW
GetLastError
HeapDestroy
ExitProcess
InitializeSListHead
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStartupInfoW
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetCurrentProcess
TerminateProcess
GetStdHandle
WriteFile
GetModuleFileNameW
GetProcAddress
FreeLibrary
GetModuleHandleExW
EnterCriticalSection
DeleteCriticalSection
LeaveCriticalSection
HeapFree
SetLastError
GetCurrentThread
HeapAlloc
EnumSystemLocalesW
LoadLibraryExW
CompareStringW
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
GetDateFormatW
GetLocaleInfoW
GetTempPathW
GetTimeFormatW
GetUserDefaultLCID
InitializeCriticalSectionAndSpinCount
IsValidLocale
LCMapStringW
OutputDebugStringW
GetFileType
SetStdHandle
GetOEMCP
GetACP
GetCPInfo
IsValidCodePage
GetCommandLineA
GetCommandLineW
FindFirstFileExW
FindNextFileW
FindClose
MultiByteToWideChar
GetStringTypeW
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
SetEnvironmentVariableW
SetConsoleCtrlHandler
GetProcessHeap
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
HeapSize
HeapReAlloc
ReadFile
ReadConsoleW
SetFilePointerEx
CloseHandle
WriteConsoleW
CreateFileW
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
EncodePointer
RaiseException
InitializeCriticalSection
WaitForSingleObject
CreateThread
GetTickCount
GetFileSize
Sleep
LoadLibraryW
DuplicateHandle
CreatePipe
CreateProcessW
PeekNamedPipe
SetFilePointer
SetEndOfFile
DeleteFileW
GlobalLock
GlobalUnlock
GlobalSize
GlobalAlloc
GlobalFree
GetVersionExW
SetErrorMode
GetDiskFreeSpaceW
CompareFileTime
GetWindowsDirectoryW
GetLogicalDrives
FindFirstFileW
FileTimeToLocalFileTime
FileTimeToSystemTime
WaitForMultipleObjects
ResetEvent
SetEvent
FindCloseChangeNotification
FindNextChangeNotification
TerminateThread
CreateEventW
FindFirstChangeNotificationW
GetCurrentDirectoryW
GetDriveTypeW
GetFileAttributesW
SetFileAttributesW
RemoveDirectoryW
CreateDirectoryW
CopyFileW
MoveFileW
QueryPerformanceFrequency
MulDiv
CreateEventA
LoadLibraryA
ReleaseSemaphore
GetFileInformationByHandle
CreateFileA
CreateSemaphoreW
SetThreadPriority
UnregisterWait
RegisterWaitForSingleObject
SystemTimeToTzSpecificLocalTime
DecodePointer
GetFullPathNameW
SetCurrentDirectoryW
GetFileSizeEx
GetTimeZoneInformation

user32

GetDC
GetWindowLongW
SetWindowLongW
SetForegroundWindow
GetAsyncKeyState
SendMessageW
InvalidateRect
UpdateWindow
DrawIcon
DestroyIcon
DrawIconEx
MessageBoxW
PostMessageW
DefWindowProcW
DestroyWindow
GetWindowTextLengthW
GetWindowTextW
SetFocus
UnregisterClassW
SystemParametersInfoW
LoadIconW
LoadCursorW
RegisterClassExW
IsWindowEnabled
EnableWindow
GetSystemMetrics
CreateWindowExW
CreateAcceleratorTableW
BringWindowToTop
GetMessageW
TranslateAcceleratorW
IsDialogMessageW
TranslateMessage
DispatchMessageW
DestroyAcceleratorTable
GetForegroundWindow
GetWindowThreadProcessId
IsWindowVisible
EnumWindows
SetWindowPos
ScreenToClient
GetParent
GetClassNameW
GetWindowRect
IntersectRect
GetPropW
RemovePropW
SetPropW
EnumChildWindows
RedrawWindow
GetClientRect
DrawFocusRect
ReleaseDC
ShowWindow
SetWindowTextW
GetWindow
CallWindowProcW
GetFocus
GetIconInfo
BeginPaint
ReleaseCapture
DrawStateW
EndPaint
SetCapture
SetScrollPos
InflateRect
GetWindowDC
GetSysColor
GetSysColorBrush
SetRect
DrawTextW
FrameRect
ValidateRect
MapWindowPoints
CreateDialogParamW
SendDlgItemMessageW
GetDlgItemTextW
SetDlgItemTextW
EndDialog
LoadStringW
EnumPropsExW
MoveWindow
FillRect
GetScrollPos
DrawFrameControl
SetActiveWindow
IsZoomed
IsIconic
SetTimer
PeekMessageW
MsgWaitForMultipleObjects
GetActiveWindow
GetMenu
AdjustWindowRectEx
RegisterClassW
GetKeyState
IsChild
DefFrameProcW
GetCursorPos
TrackPopupMenu
SetMenu
DestroyMenu
GetMenuItemInfoW
GetMenuItemCount
GetSubMenu
ModifyMenuW
SetMenuItemInfoW
AppendMenuW
CreateMenu
CreatePopupMenu
RegisterWindowMessageW
OpenClipboard
GetClipboardData
CloseClipboard
EmptyClipboard
CopyImage
CreateIconFromResourceEx
CreateIconFromResource
CharLowerW

gdi32

GetDeviceCaps
GetStockObject
CreateFontIndirectW
DeleteObject
GetObjectType
GetObjectW
ExcludeClipRect
SelectObject
GetTextExtentPoint32W
SetBkColor
SetTextColor
CreateRectRgn
SelectClipRgn
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
DeleteDC
CreateRectRgnIndirect
GetClipRgn
ExtSelectClipRgn
CreateDCW
CreatePen
MoveToEx
LineTo
CreateDIBSection
CreateSolidBrush
GetPixel
SetPixel
SetBkMode
GdiGetBatchLimit
GdiSetBatchLimit
GetDIBits
SetStretchBltMode
SetBrushOrgEx
StretchBlt
CreateBitmap
CreateFontW
SetTextAlign
TextOutW
GetTextMetricsW

ole32

CoInitialize
CoCreateInstance
CoUninitialize
CoTaskMemFree
OleUninitialize
OleInitialize
ReleaseStgMedium
RevokeDragDrop
RegisterDragDrop

shell32

ExtractIconW
ExtractIconExW
ShellExecuteExW
DragQueryFileW
SHGetFileInfoW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetFolderLocation
Shell_NotifyIconW

ws2_32

closesocket
WSACleanup
WSAStartup

shlwapi

PathMatchSpecW

winmm

timeBeginPeriod

gdiplus

GdipDeleteFont
GdipDeleteGraphics
GdipDeletePath
GdipDeleteMatrix
GdipDeletePen
GdipDeleteStringFormat
GdipFree

uxtheme

SetWindowTheme

comdlg32

GetSaveFileNameW
GetOpenFileNameW

comctl32

InitCommonControlsEx
ImageList_Replace
ImageList_Add
ImageList_ReplaceIcon
ImageList_Remove
ImageList_AddMasked
ImageList_Destroy
ImageList_Create
ImageList_GetIconSize

Sections

.code
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 365KB - Virtual size: 365KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 452B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 123KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

251ee81be0102e33c695673d8d7fbe0b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ole32

shell32

ws2_32

shlwapi

winmm

gdiplus

uxtheme

comdlg32

comctl32

Sections

.code Size: 88KB - Virtual size: 87KB

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 365KB - Virtual size: 365KB

.gfids Size: 512B - Virtual size: 452B

.00cfg Size: 512B - Virtual size: 8B

.data Size: 2.4MB - Virtual size: 2.4MB

.rsrc Size: 123KB - Virtual size: 122KB

.code
Size: 88KB - Virtual size: 87KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 365KB - Virtual size: 365KB

.gfids
Size: 512B - Virtual size: 452B

.00cfg
Size: 512B - Virtual size: 8B

.data
Size: 2.4MB - Virtual size: 2.4MB

.rsrc
Size: 123KB - Virtual size: 122KB