6310a0b4bac241180b4acd96a65a9ef0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

6310a0b4bac241180b4acd96a65a9ef0N.exe
Size

1.2MB
MD5

6310a0b4bac241180b4acd96a65a9ef0
SHA1

55c527cfaef603e72c5940fc6ae7a9a836fca9da
SHA256

b0a0079dba17e2b77e5e1ebec88c63c882159b43f3b33356028e9108c652a6dd
SHA512

dd8223dd647359452ddf8db506e3fedb6420fedaaba247f79ae3a8ce48215b6b5f7fe28a310678a08d5429075dc09ac32af563f04419c89039015ab29bb63f1d
SSDEEP

24576:jYM7WkV1zGAWBRhxBxhRBRhxBxhRBRRBRhxBxhRBRhxBxhRBRruppqNxlFWwe/u8:sM7WOh0pD+kx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6310a0b4bac241180b4acd96a65a9ef0N.exe

Files

6310a0b4bac241180b4acd96a65a9ef0N.exe
.exe windows:4 windows x86 arch:x86

ba05ca69e92712d0164a7d657d27afd7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
HeapCreate
HeapDestroy
ExitProcess
InitializeSListHead
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStartupInfoW
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetCurrentProcess
TerminateProcess
GetStdHandle
WriteFile
GetModuleFileNameW
GetProcAddress
FreeLibrary
GetModuleHandleExW
EnterCriticalSection
DeleteCriticalSection
LeaveCriticalSection
HeapFree
GetLastError
SetLastError
GetCurrentThread
HeapAlloc
EnumSystemLocalesW
LoadLibraryExW
CompareStringW
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
GetDateFormatW
GetLocaleInfoW
GetTempPathW
GetTimeFormatW
GetUserDefaultLCID
InitializeCriticalSectionAndSpinCount
IsValidLocale
LCMapStringW
OutputDebugStringW
GetFileType
SetStdHandle
GetOEMCP
GetACP
GetCPInfo
IsValidCodePage
GetCommandLineA
GetCommandLineW
FindFirstFileExW
FindNextFileW
FindClose
MultiByteToWideChar
GetStringTypeW
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
SetEnvironmentVariableW
SetConsoleCtrlHandler
GetProcessHeap
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
HeapSize
HeapReAlloc
ReadFile
ReadConsoleW
SetFilePointerEx
CloseHandle
WriteConsoleW
CreateFileW
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
EncodePointer
RaiseException
InitializeCriticalSection
WaitForSingleObject
CreateThread
GetTickCount
GetFileSize
DuplicateHandle
CreatePipe
CreateProcessW
SetFilePointer
SetEndOfFile
SetErrorMode
GetDiskFreeSpaceW
CompareFileTime
GetWindowsDirectoryW
GetLogicalDrives
FindFirstFileW
FileTimeToLocalFileTime
FileTimeToSystemTime
LoadLibraryW
WaitForMultipleObjects
ResetEvent
SetEvent
FindCloseChangeNotification
FindNextChangeNotification
TerminateThread
CreateEventW
FindFirstChangeNotificationW
Sleep
GetVersionExW
GetCurrentDirectoryW
GetDriveTypeW
GetFileAttributesW
CreateDirectoryW
MulDiv
GlobalFree
GlobalAlloc
DeleteFileW
CreateEventA
LoadLibraryA
ReleaseSemaphore
GetFileInformationByHandle
CreateFileA
CreateSemaphoreW
QueryPerformanceFrequency
SetThreadPriority
UnregisterWait
RegisterWaitForSingleObject
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
DecodePointer
GetFileSizeEx
GetFullPathNameW
SetCurrentDirectoryW
GetTimeZoneInformation

user32

SendMessageW
InvalidateRect
UpdateWindow
MessageBoxW
DefWindowProcW
DestroyWindow
GetWindowLongW
GetWindowTextLengthW
GetWindowTextW
SetFocus
UnregisterClassW
SystemParametersInfoW
LoadIconW
LoadCursorW
RegisterClassExW
IsWindowEnabled
EnableWindow
GetSystemMetrics
CreateWindowExW
SetWindowLongW
CreateAcceleratorTableW
SetForegroundWindow
BringWindowToTop
GetMessageW
TranslateAcceleratorW
IsDialogMessageW
TranslateMessage
DispatchMessageW
DestroyAcceleratorTable
GetForegroundWindow
GetWindowThreadProcessId
IsWindowVisible
EnumWindows
SetWindowPos
SetWindowTextW
SetPropW
GetSysColor
GetPropW
RemovePropW
CallWindowProcW
RedrawWindow
ValidateRect
GetWindowRect
GetParent
MapWindowPoints
GetDC
ReleaseDC
GetSysColorBrush
SetRect
DrawTextW
GetWindow
ShowWindow
ScreenToClient
MoveWindow
GetAsyncKeyState
PostMessageW
CreateDialogParamW
SendDlgItemMessageW
GetDlgItemTextW
SetDlgItemTextW
DestroyIcon
EndDialog
LoadStringW
FillRect
GetScrollPos
GetClientRect
DrawFrameControl
PeekMessageW
SetActiveWindow
SetTimer
IsZoomed
IsIconic
MsgWaitForMultipleObjects
GetActiveWindow
RegisterClassW
AdjustWindowRectEx
GetFocus
GetKeyState
GetClassNameW
IsChild
EnumChildWindows
DefFrameProcW
GetCursorPos
TrackPopupMenu
SetMenu
DestroyMenu
RegisterWindowMessageW
GetIconInfo
CreateIconFromResourceEx
CreateIconFromResource
CharLowerW

ole32

CoInitialize
CoTaskMemFree
RevokeDragDrop
OleUninitialize
OleInitialize

shell32

ShellExecuteExW
SHGetFileInfoW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
Shell_NotifyIconW

winmm

timeBeginPeriod

gdiplus

GdipDeleteFont
GdipDeleteGraphics
GdipDeletePath
GdipDeleteMatrix
GdipDeletePen
GdipDeleteStringFormat
GdipFree

uxtheme

SetWindowTheme

gdi32

GetStockObject
CreateFontIndirectW
DeleteObject
SelectObject
GetTextExtentPoint32W
SetTextColor
SetBkColor
CreateCompatibleBitmap
GetObjectType
CreateDCW
CreateCompatibleDC
DeleteDC
GetObjectW
CreatePen
MoveToEx
LineTo
CreateDIBSection
CreateSolidBrush
GetDeviceCaps
SetStretchBltMode
SetBrushOrgEx
StretchBlt
CreateBitmap
SetPixel
GetDIBits
BitBlt

comdlg32

GetSaveFileNameW
GetOpenFileNameW

comctl32

InitCommonControlsEx
ImageList_Replace
ImageList_Add
ImageList_ReplaceIcon
ImageList_Remove
ImageList_AddMasked
ImageList_Destroy
ImageList_Create
ImageList_GetIconSize

Sections

.code
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 928KB - Virtual size: 928KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 195KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 452B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ba05ca69e92712d0164a7d657d27afd7

Headers

File Characteristics

Imports

kernel32

user32

ole32

shell32

winmm

gdiplus

uxtheme

gdi32

comdlg32

comctl32

Sections

.code Size: 39KB - Virtual size: 39KB

.text Size: 928KB - Virtual size: 928KB

.rdata Size: 195KB - Virtual size: 195KB

.gfids Size: 512B - Virtual size: 452B

.00cfg Size: 512B - Virtual size: 8B

.data Size: 24KB - Virtual size: 40KB

.rsrc Size: 86KB - Virtual size: 85KB

.code
Size: 39KB - Virtual size: 39KB

.text
Size: 928KB - Virtual size: 928KB

.rdata
Size: 195KB - Virtual size: 195KB

.gfids
Size: 512B - Virtual size: 452B

.00cfg
Size: 512B - Virtual size: 8B

.data
Size: 24KB - Virtual size: 40KB

.rsrc
Size: 86KB - Virtual size: 85KB