174b9d815cc72020b81a2def13487860N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

174b9d815cc72020b81a2def13487860N.exe
Size

2.0MB
MD5

174b9d815cc72020b81a2def13487860
SHA1

9946a39914dd5cf7d8759cae59d6ccaa1fc0d7ec
SHA256

7aea910ffb8852db75301387bbe18bae0cff9b881172d26f51239002e3d30b6c
SHA512

2a6f4f524e222fad75f9e53502e6e59f9611a93e18fbcae727a742a9eae4eaef8afc19315008742b9a0b0a680a0e3cd067806e6976ec83d26792b3820a7ac4bb
SSDEEP

49152:c16yfQ0dGPI8xPApOW25spZO8z1wmly3AEVvxffNkS1URbSx:c1nf1dGPIMYpOW25spZO8ziAy3AKbkDS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
174b9d815cc72020b81a2def13487860N.exe

Files

174b9d815cc72020b81a2def13487860N.exe
.exe windows:4 windows x86 arch:x86

475daedca852c25ac735af89f4ca3217

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDC
DrawTextA
ReleaseDC
SystemParametersInfoA
SetForegroundWindow
GetWindowLongA
SetWindowLongA
ShowWindow
SendMessageA
ChangeDisplaySettingsA
DestroyIcon
FindWindowA
SetWindowPos
LoadIconA
IsWindowVisible
GetSystemMetrics
GetKeyState
MessageBeep
FillRect
EndPaint
DialogBoxParamA
PostMessageA
EndDialog
GetDlgItem
BeginPaint
GetWindowInfo
SetRect
GetAsyncKeyState
GetKeyboardState
SetKeyboardState
DispatchMessageA
KillTimer
GetWindowPlacement
TranslateMessage
MonitorFromPoint
RegisterClassA
DefWindowProcA
GetMonitorInfoA
SetTimer
MonitorFromWindow
PeekMessageA
SetFocus
CreateWindowExA
SetWindowPlacement
LoadCursorA
UnregisterClassA
DestroyWindow
LoadImageA
GetClientRect
ScreenToClient
EnableWindow
UpdateWindow
GetFocus
InvalidateRect
GetWindowRect
SetLayeredWindowAttributes
wsprintfA
GetCursorPos
keybd_event
MessageBoxA

gdi32

AddFontResourceA
GetTextExtentPoint32A
DPtoLP
GetMapMode
GetTextAlign
GetTextMetricsA
GetTextColor
SetViewportExtEx
Rectangle
SetWindowExtEx
Ellipse
BitBlt
RealizePalette
SelectPalette
LPtoDP
StartPage
Polyline
StretchBlt
CreatePen
SetMapMode
SetBkColor
GetDIBits
SetBrushOrgEx
GetDeviceCaps
CreateFontA
DeleteDC
SetStretchBltMode
CreateCompatibleDC
SetTextColor
FloodFill
TextOutA
SelectObject
DeleteObject
StretchDIBits
SetBkMode
SetTextAlign
CreateCompatibleBitmap
LineTo
CreateSolidBrush
MoveToEx
GetStockObject
SetDCPenColor
CreateBrushIndirect
GetPixel
EndPage
StartDocA
EndDoc
CreatePalette
CreateDCA
GdiFlush
RoundRect

winspool.drv

EndPagePrinter
ord202
OpenPrinterA
ClosePrinter
WritePrinter
StartPagePrinter
EndDocPrinter
ord201
StartDocPrinterA

comdlg32

CommDlgExtendedError
PrintDlgA

advapi32

RegOpenKeyExA
CreateProcessAsUserA
IsTextUnicode
SetNamedSecurityInfoA
GetNamedSecurityInfoA
SetEntriesInAclA
BuildExplicitAccessWithNameA
LsaAddAccountRights
RegQueryValueExA
AdjustTokenPrivileges
RegCreateKeyExA
RegSetValueExA
LookupPrivilegeValueA
OpenThreadToken
LsaNtStatusToWinError
GetUserNameA
LookupAccountNameA
ImpersonateLoggedOnUser
OpenProcessToken
LsaClose
InitiateSystemShutdownExA
RegCloseKey
LsaOpenPolicy
RevertToSelf
LogonUserA

shell32

SHFileOperationA
ShellExecuteExA
SHCreateDirectoryExA

ole32

CoCreateInstance
CoInitialize
CoUninitialize

oleaut32

SysAllocStringByteLen
SysFreeString

odbc32

ord39
ord11
ord31
ord26
ord41
ord43
ord36
ord24
ord13
ord75
ord9

comctl32

InitCommonControlsEx

msimg32

GradientFill
TransparentBlt

psapi

GetProcessMemoryInfo

kernel32

HeapReAlloc
HeapAlloc
HeapFree
ExitProcess
ReadConsoleInputA
GetConsoleMode
PeekConsoleInputA
GetNumberOfConsoleInputEvents
GetProcessHeap
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapSize
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetSystemDirectoryA
MoveFileA
WaitForSingleObject
LocalFileTimeToFileTime
QueryPerformanceCounter
QueryPerformanceFrequency
CreateConsoleScreenBuffer
GetConsoleTitleA
GlobalLock
GlobalSize
GlobalUnlock
GetModuleFileNameA
FileTimeToSystemTime
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetHandleCount
GetFileType
InitializeCriticalSection
GetConsoleCP
FlushFileBuffers
RtlUnwind
RaiseException
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
GetConsoleOutputCP
WriteConsoleW
GetExitCodeProcess
CreateFileW
CompareStringA
GlobalFree
GlobalAlloc
SetPriorityClass
SetConsoleActiveScreenBuffer
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
GetTempFileNameA
CopyFileA
CreateThread
CreateDirectoryA
DeleteFileA
SetFileAttributesW
MoveFileExA
CloseHandle
GetFileAttributesW
GetFileTime
CopyFileW
TerminateThread
WideCharToMultiByte
GetExitCodeThread
WriteFile
FormatMessageA
LocalFree
CompareStringW
ReadConsoleOutputAttribute
GetCurrentThreadId
SystemTimeToTzSpecificLocalTime
LocalAlloc
LocalLock
LocalUnlock
ReadFile
FindFirstFileA
GetLastError
FindClose
GetFullPathNameA
FindNextFileA
CreateFileA
GetFileSize
SetFilePointer
GetSystemTime
SystemTimeToFileTime
CompareFileTime
SetFileTime
Sleep
GetEnvironmentVariableA
GetLocalTime
ReadConsoleOutputA
Beep
GetTempPathA
SetConsoleTitleA
SetConsoleOutputCP
GetVersionExA
OpenProcess
GetCurrentProcess
GetLargestConsoleWindowSize
FillConsoleOutputCharacterA
SetEndOfFile
Process32First
SetConsoleWindowInfo
SetCurrentDirectoryA
GetCurrentProcessId
SetProcessAffinityMask
GetStdHandle
SetConsoleScreenBufferSize
GetSystemInfo
SetEnvironmentVariableA
GetConsoleWindow
FlushConsoleInputBuffer
WriteConsoleOutputA
SetLastError
GetFileAttributesA
SetConsoleCursorInfo
GlobalMemoryStatus
ReadConsoleOutputCharacterA
GetProcAddress
SetConsoleMode
GetModuleHandleA
GetTickCount
SetConsoleCursorPosition
GetCurrentThread
CreateProcessA
GetProcessAffinityMask
TerminateProcess
SetFileAttributesA
FillConsoleOutputAttribute
AllocConsole
GetCurrentDirectoryA
LoadLibraryA
CreateToolhelp32Snapshot
WriteConsoleOutputCharacterA
GetConsoleCursorInfo
WriteConsoleA
FreeLibrary
WriteConsoleOutputAttribute
Process32Next
GetCommandLineA
ScrollConsoleScreenBufferA
SetConsoleTextAttribute
GetConsoleScreenBufferInfo
MultiByteToWideChar
ReadConsoleA
SetThreadPriority
SetConsoleCtrlHandler
GetDiskFreeSpaceExA
LoadLibraryExA
SetErrorMode
GetTimeZoneInformation

winmm

waveOutUnprepareHeader
waveOutSetVolume
mixerGetLineControlsA
mixerGetLineInfoA
mixerClose
waveOutReset
waveOutWrite
mixerSetControlDetails
mixerOpen
waveOutClose
waveOutGetErrorTextA
waveOutPrepareHeader
waveOutOpen
timeBeginPeriod
timeGetTime
PlaySoundA

wsock32

recv
gethostbyaddr
gethostbyname
setsockopt
ntohs
gethostname
inet_ntoa
send
closesocket
socket
connect
WSACleanup
htons
WSAGetLastError
getservbyname
WSAStartup

urlmon

URLDownloadToFileA

mpr

WNetEnumResourceA
WNetOpenEnumA
WNetCancelConnection2A
WNetCloseEnum
WNetGetUserA
WNetAddConnection2A

wininet

FtpOpenFileA
InternetOpenA
FtpFindFirstFileA
InternetConnectA
InternetCloseHandle
FtpRenameFileA
FtpGetFileSize
FtpPutFileA
InternetFindNextFileA
DeleteUrlCacheEntry
InternetGetLastResponseInfoA
InternetReadFile
FtpGetFileA

sensapi

IsNetworkAlive

iphlpapi

DeleteIpForwardEntry
GetIpForwardTable
GetBestInterface
CreateIpForwardEntry
GetAdaptersInfo

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 671KB - Virtual size: 670KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

475daedca852c25ac735af89f4ca3217

Headers

File Characteristics

Imports

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

odbc32

comctl32

msimg32

psapi

kernel32

winmm

wsock32

urlmon

mpr

wininet

sensapi

iphlpapi

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 671KB - Virtual size: 670KB

.data Size: 67KB - Virtual size: 1.1MB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 671KB - Virtual size: 670KB

.data
Size: 67KB - Virtual size: 1.1MB

.rsrc
Size: 16KB - Virtual size: 16KB