exe[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

exe.exe
Size

27.3MB
MD5

c08caeb0acc732aa8a8e0740e8daa5ce
SHA1

08e2cf7245dc6d69a7bf3f65053dd40edaeee4e4
SHA256

7759df9d3ff7025a77db04989019b07fb838ee7f93da7cb5810c9f43f94ea46f
SHA512

a7f408f5447e4df8777ea1687e8e8fd8f7c8233ad67fd53798aef0d5236329d0b22facf52f1554812a72eb32a07eef1ec975fa9bd510ea02c0f1616903b04b76
SSDEEP

786432:fmWxUTU+QOpwZS1nkZRLtghhtdZ3lAu0cZ:NIzGZakDLtghhtDlAcZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
exe.exe

Files

exe.exe
.exe windows:5 windows x64 arch:x64

9c1516105ba3e087733ace17c5f36eaa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
EncodePointer
DecodePointer
FlsGetValue
FlsSetValue
FlsFree
FlsAlloc
HeapSetInformation
HeapCreate
QueryPerformanceCounter
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
GetCPInfo
GetACP
FreeEnvironmentStringsW
IsValidCodePage
LCMapStringW
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
LCMapStringA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
GetModuleFileNameA
GetStdHandle
SetUnhandledExceptionFilter
HeapSize
HeapQueryInformation
ExitProcess
Sleep
RtlPcToFileHeader
RaiseException
HeapReAlloc
HeapAlloc
HeapFree
RtlUnwindEx
RtlLookupFunctionEntry
GetStartupInfoW
GetFileSizeEx
LocalFileTimeToFileTime
GetFileAttributesExW
SetErrorMode
GetCurrentDirectoryW
FileTimeToLocalFileTime
SystemTimeToFileTime
FileTimeToSystemTime
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
GlobalHandle
GlobalReAlloc
TlsAlloc
InitializeCriticalSection
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
GetDiskFreeSpaceW
GetFileTime
SetFileTime
GetShortPathNameW
GetFullPathNameW
GetVolumeInformationW
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
lstrcmpiW
GetThreadLocale
GetStringTypeExW
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
GetModuleHandleA
GetCurrentProcessId
GlobalGetAtomNameW
lstrcmpA
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
GetProfileIntW
GetTickCount
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
CompareStringW
FreeLibrary
lstrcmpW
GetVersionExA
CopyFileW
GlobalSize
FormatMessageW
LocalFree
GlobalFree
FreeResource
GetModuleFileNameW
LoadLibraryA
lstrcpynW
MulDiv
GlobalAlloc
GetLastError
SetLastError
GetProcAddress
GetModuleHandleW
LoadLibraryW
GetFileAttributesW
ReadFile
lstrcpyW
lstrcatW
GetTempFileNameW
CreateFileW
WriteFile
CloseHandle
FindFirstFileW
DeleteFileW
MoveFileW
FindClose
lstrlenW
WideCharToMultiByte
GlobalLock
GlobalUnlock
lstrlenA
FindResourceW
LoadResource
LockResource
SizeofResource
GetOEMCP
MultiByteToWideChar

user32

SetWindowRgn
CopyAcceleratorTableW
CreateMenu
PostThreadMessageW
GetTabbedTextExtentA
GetDCEx
LockWindowUpdate
DestroyIcon
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
RegisterWindowMessageW
LoadIconW
SendDlgItemMessageA
SendDlgItemMessageW
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassNameW
GetClassLongPtrW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetWindowLongPtrW
SetWindowLongPtrW
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
PostMessageW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
WindowFromPoint
DrawIcon
SetScrollInfo
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
CopyRect
PtInRect
GetMenu
SetWindowLongW
SetWindowPos
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
GetWindow
GetMenuState
GetMenuStringW
AppendMenuW
InsertMenuW
GetMenuItemID
GetMenuItemCount
GetSubMenu
RemoveMenu
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
GetWindowLongW
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
ShowWindow
MessageBoxW
EmptyClipboard
SetClipboardData
GetClipboardData
CloseClipboard
GetKeyState
OpenClipboard
SetCapture
SetTimer
IsClipboardFormatAvailable
ReleaseCapture
GetCursorPos
LoadCursorW
SetCursor
IsWindow
EnableScrollBar
KillTimer
SendMessageW
EnableWindow
GetClientRect
SetParent
GetSystemMenu
InvalidateRect
ReleaseDC
GetDC
ScreenToClient
OffsetRect
TranslateAcceleratorW
LoadAcceleratorsW
GetDlgItem
GetSysColor
CreateCaret
GetAsyncKeyState
ShowCaret
HideCaret
SetCaretPos
UpdateWindow
UnregisterClassW
SystemParametersInfoW
GetMenuItemInfoW
GetSysColorBrush
RegisterClipboardFormatW
CharUpperW
ShowOwnedPopups
GetMessageW
TranslateMessage
ValidateRect
GetScrollInfo
PostQuitMessage
DeleteMenu
IsZoomed
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
IsRectEmpty
EndPaint
BeginPaint
GetWindowDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
SetRect
DestroyCursor
SetCursorPos
RedrawWindow
ClientToScreen
UnpackDDElParam
LoadMenuW
DestroyMenu
GetWindowThreadProcessId
InsertMenuItemW
CreatePopupMenu
SetRectEmpty
BringWindowToTop
InflateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
DeferWindowPos
CheckMenuItem
ReuseDDElParam

gdi32

AbortDoc
EndDoc
DeleteDC
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
DeleteObject
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SetAbortProc
CreatePatternBrush
GetStockObject
CreatePen
CreateSolidBrush
CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetMapMode
GetViewportOrgEx
Rectangle
GetTextMetricsW
GetCharWidthW
CreateFontW
StretchDIBits
GetBkColor
CreateEllipticRgn
LPtoDP
Ellipse
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextColor
GetTextAlign
GetTextFaceW
GetTextExtentPoint32A
GetWindowOrgEx
StartPage
EndPage
StartDocW
DPtoLP
SelectObject
PatBlt
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
CreateDCW
CopyMetaFileW
GetTextExtentPoint32W
BitBlt
GetCurrentPositionEx
CreateFontIndirectW
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectW
GetDeviceCaps

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
GetJobW
ClosePrinter

advapi32

GetFileSecurityW
SetFileSecurityW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegQueryValueExW
RegCreateKeyExW
RegSetValueW
RegOpenKeyExW
RegQueryValueW
RegCloseKey
RegCreateKeyW

shell32

ShellExecuteW
DragFinish
DragQueryFileW
SHGetFileInfoW
ExtractIconW
DragAcceptFiles

shlwapi

PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathFindExtensionW
PathRemoveFileSpecW

oledlg

OleUIBusyW

ole32

OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleTranslateAccelerator
CoInitializeEx
CoUninitialize
CreateStreamOnHGlobal
CoCreateInstance
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
OleGetClipboard
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
CoRegisterMessageFilter
CoRevokeClassObject
IsAccelerator

oleaut32

SysAllocStringLen
VariantClear
VariantChangeType
VariantInit

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 507KB - Virtual size: 507KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 192KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26.5MB - Virtual size: 26.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9c1516105ba3e087733ace17c5f36eaa

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

oleacc

Sections

.text Size: 507KB - Virtual size: 507KB

.rdata Size: 192KB - Virtual size: 192KB

.data Size: 26.5MB - Virtual size: 26.6MB

.pdata Size: 36KB - Virtual size: 35KB

.rsrc Size: 69KB - Virtual size: 69KB

.text
Size: 507KB - Virtual size: 507KB

.rdata
Size: 192KB - Virtual size: 192KB

.data
Size: 26.5MB - Virtual size: 26.6MB

.pdata
Size: 36KB - Virtual size: 35KB

.rsrc
Size: 69KB - Virtual size: 69KB