26900bfbc08da658d06a0a8f0e65fcf0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

26900bfbc08da658d06a0a8f0e65fcf0N.exe
Size

2.2MB
MD5

26900bfbc08da658d06a0a8f0e65fcf0
SHA1

99d26ea66e6eb2a7c5fa198de7a9e221fdc0c34a
SHA256

ed7fb848f88e547a0116c77ed3dd463d5b0a243430201ffeaf85f28a88cfa5f2
SHA512

c6bd89422ccb13c4be04070d7dfced7c3c4bb5d704f9f82c54cb5bbafd392df81a5768be3826b91d91e1580678d8d4ce2e8f5846266dfb1f27c39ca9a6773f86
SSDEEP

24576:ditkv/a6NorwhegnDFg4JGgl66znqF9FvKVj7Cb38IFWMDKSyHL5Y5sgA+2jChdR:7zh44JHl66A9FvmjGr7QPy5s0fZQ3nx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26900bfbc08da658d06a0a8f0e65fcf0N.exe

Files

26900bfbc08da658d06a0a8f0e65fcf0N.exe
.dll windows:5 windows x86 arch:x86

bc933d090b631b9c499ee8beb1c683aa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wintrust

WintrustRemoveActionID

wininet

InternetAttemptConnect

netapi32

NetGroupDelUser

oleaut32

BSTR_UserFree

ws2_32

select

user32

IsCharAlphaW
DestroyIcon
InvalidateRgn
CharToOemW
ReuseDDElParam
ActivateKeyboardLayout
GetScrollPos
UnionRect

ole32

CoUninitialize
CoFreeUnusedLibraries
CoTaskMemAlloc

winmm

midiInUnprepareHeader

advapi32

EqualSid

version

GetFileVersionInfoSizeA

gdi32

GetDIBColorTable
PatBlt
GdiComment
PolyTextOutA

rpcrt4

RpcServerUnregisterIf

kernel32

GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
CreateFileA
GetLocaleInfoW
GetSystemTimeAsFileTime
CloseHandle
HeapSize
GetTimeZoneInformation
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
FlushFileBuffers
CompareStringA
CompareStringW
InterlockedExchange
FreeLibrary
SetEnvironmentVariableA
VirtualFree
GetCommandLineA
TlsAlloc
SetConsoleCtrlHandler
GetModuleFileNameA
GetProcessHeap
FindFirstFileExA
Process32FirstW
LoadLibraryA
GetModuleFileNameW
OutputDebugStringA
GetBinaryTypeW
SetCriticalSectionSpinCount
FindCloseChangeNotification
PurgeComm
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleW
GetProcAddress
TlsGetValue
HeapDestroy
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetLastError
GetCurrentThread
Sleep
HeapFree
ExitProcess
FatalAppExitA
SetFilePointer
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
RtlUnwind
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
HeapAlloc
HeapReAlloc
HeapCreate
VirtualAlloc

shlwapi

PathFileExistsW

msvfw32

ICInfo

lz32

GetExpandedNameW

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.EXP
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 888KB - Virtual size: 886KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bc933d090b631b9c499ee8beb1c683aa

Headers

File Characteristics

Imports

wintrust

wininet

netapi32

oleaut32

ws2_32

user32

ole32

winmm

advapi32

version

gdi32

rpcrt4

kernel32

shlwapi

msvfw32

lz32

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.EXP Size: 4KB - Virtual size: 1KB

.rdata Size: 888KB - Virtual size: 886KB

.data Size: 60KB - Virtual size: 68KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 12KB - Virtual size: 10KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.EXP
Size: 4KB - Virtual size: 1KB

.rdata
Size: 888KB - Virtual size: 886KB

.data
Size: 60KB - Virtual size: 68KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 12KB - Virtual size: 10KB