38ae8f0e7f893dd75311068e53db2c00N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

38ae8f0e7f893dd75311068e53db2c00N.exe
Size

165KB
MD5

38ae8f0e7f893dd75311068e53db2c00
SHA1

39965a5c9378218e6110aa0a22b3fcbb7a853400
SHA256

31b28cd60f5a53c5d444554881ae1c89188d99d64c5b60c2a7e6388b11aa107c
SHA512

be640bdbd276d010c972217517af3a328713470f65e44b271bccbfbdf38950910da751ed7f9cb65a336f06dd39f1f321995d4afb83a9b49ab0bdf062e65743ab
SSDEEP

3072:aji8knBssTrLSwRN22cdfaWshin2IRweutWg1sG5ksXltt6En0jtm:61mBssrN1KOog1sG5ksVtm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38ae8f0e7f893dd75311068e53db2c00N.exe

Files

38ae8f0e7f893dd75311068e53db2c00N.exe
.exe windows:6 windows x86 arch:x86

6abcdb8f6e07d02698513d316dd3fd25

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetSystemMenu
IsCharLowerA

comdlg32

PrintDlgW
PageSetupDlgW
PrintDlgExW
ReplaceTextW
ChooseColorW
CommDlgExtendedError
FindTextW
GetSaveFileNameW
GetSaveFileNameA
GetOpenFileNameA
GetFileTitleW
GetOpenFileNameW
ChooseFontW

comctl32

ImageList_ReplaceIcon
ImageList_Remove
DestroyPropertySheetPage
CreatePropertySheetPageW
CreatePropertySheetPageA
ImageList_Read
CreateStatusWindowW
ImageList_SetIconSize
ImageList_LoadImageW
ImageList_GetIcon
ImageList_AddMasked
InitCommonControlsEx
ImageList_GetIconSize
ImageList_Draw
ImageList_Destroy
ImageList_Create
ImageList_GetImageCount
PropertySheetA
CreateToolbarEx
PropertySheetW
ImageList_Write

kernel32

GetShortPathNameW
GetNumberFormatW
GetThreadLocale
GetFileInformationByHandle
IsBadReadPtr
EnumResourceTypesA
GetFileAttributesW
lstrcpyA
SetCommTimeouts
ResumeThread
PulseEvent
SetThreadExecutionState
CreateWaitableTimerW
GlobalMemoryStatus
CancelIo
RtlUnwind
WaitForSingleObjectEx
FindResourceW
GetThreadPriority
RemoveDirectoryA
GetVersion
lstrcmpW
EnumResourceNamesA
FileTimeToLocalFileTime
MoveFileExW
ClearCommBreak
GlobalAddAtomA
QueryPerformanceCounter
UnlockFile
GetCurrentDirectoryW
IsDBCSLeadByteEx
SetFileTime
LockResource
GetFileTime
SetThreadContext
CreateDirectoryA
GlobalCompact
lstrcatA
CreateFileMappingW
EnumSystemLocalesA
IsDBCSLeadByte
ReadFile
GetCommandLineA
GetPriorityClass
AreFileApisANSI
CancelWaitableTimer
GetExitCodeThread
GetSystemTime
GetTempFileNameW
GetModuleHandleA
EnterCriticalSection
GetDateFormatA
LocalReAlloc
InitializeCriticalSection
EnumResourceLanguagesA
CreateEventA
GetComputerNameW
GetSystemTimeAdjustment
OpenEventA
FindFirstChangeNotificationW
FlushFileBuffers
DeleteFileW
RegisterWaitForSingleObject
HeapWalk
SetNamedPipeHandleState
TransactNamedPipe
TlsSetValue
GetTimeFormatW
CompareStringA
LCMapStringA
GetTimeFormatA
GetSystemTimeAsFileTime
DeleteAtom
HeapReAlloc
VerSetConditionMask
SetLocalTime
GetStringTypeExW
LocalLock
SetFileApisToOEM
GetCommConfig
HeapCreate
ConvertDefaultLocale
GetComputerNameA
WaitForSingleObject
SetUnhandledExceptionFilter
GetAtomNameW
DeleteCriticalSection
HeapValidate
IsBadStringPtrW
GlobalDeleteAtom
RaiseException
LoadResource
GetTimeZoneInformation
GlobalAddAtomW
SetHandleCount
CreateNamedPipeA
VirtualProtect
VirtualFree
GetComputerNameExW
GetCommandLineW
MoveFileW
CreateDirectoryW
GetTempFileNameA
GetShortPathNameA
lstrcmpiW
OpenFile
AddAtomA
GetProcAddress
CreateSemaphoreA
QueryDosDeviceW
SetCurrentDirectoryA
GetLocaleInfoA
DisconnectNamedPipe
CreateMailslotW
GetSystemDefaultUILanguage
GlobalGetAtomNameW
SetWaitableTimer
GetLastError
OpenFileMappingW
GetCommState
FileTimeToSystemTime
lstrcpyW
LockFile
GetWindowsDirectoryW
GetThreadTimes
Sleep
GetStdHandle
GetCommProperties
GetNumberFormatA
OpenSemaphoreW
GlobalFindAtomW
FreeResource
DuplicateHandle
lstrcpynW
SetSystemTime
SetFileAttributesW
HeapAlloc
LCMapStringW
VirtualQuery
GetCurrentThread
SearchPathW

Exports

Exports

?BightDialog@@YGEUtext@@@Z
?Contst1@@YGEUtext@@@Z
?Contst2@@YGEUtext@@@Z
?FiveTialog@@YGEUtext@@@Z

Sections

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.serv
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.icom
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lain
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cst
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lone
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.veri
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.clone
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.clon1
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.clon2
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6abcdb8f6e07d02698513d316dd3fd25

Headers

File Characteristics

Imports

user32

comdlg32

comctl32

kernel32

Exports

Exports

Sections

.text Size: 48KB - Virtual size: 48KB

.serv Size: 1KB - Virtual size: 1KB

.icom Size: 512B - Virtual size: 28B

.lain Size: 512B - Virtual size: 64B

.cst Size: 512B - Virtual size: 64B

.data Size: 11KB - Virtual size: 10KB

.lone Size: 19KB - Virtual size: 19KB

.veri Size: 18KB - Virtual size: 17KB

.clone Size: 18KB - Virtual size: 17KB

.clon1 Size: 9KB - Virtual size: 8KB

.clon2 Size: 15KB - Virtual size: 14KB

.rsrc Size: 21KB - Virtual size: 20KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 48KB - Virtual size: 48KB

.serv
Size: 1KB - Virtual size: 1KB

.icom
Size: 512B - Virtual size: 28B

.lain
Size: 512B - Virtual size: 64B

.cst
Size: 512B - Virtual size: 64B

.data
Size: 11KB - Virtual size: 10KB

.lone
Size: 19KB - Virtual size: 19KB

.veri
Size: 18KB - Virtual size: 17KB

.clone
Size: 18KB - Virtual size: 17KB

.clon1
Size: 9KB - Virtual size: 8KB

.clon2
Size: 15KB - Virtual size: 14KB

.rsrc
Size: 21KB - Virtual size: 20KB

.reloc
Size: 1KB - Virtual size: 1KB