aac7c12ecc82df2bf58409d61f3d01a0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

aac7c12ecc82df2bf58409d61f3d01a0N.exe
Size

936KB
MD5

aac7c12ecc82df2bf58409d61f3d01a0
SHA1

f32e53a26c9fe2a83fc480392b4d1b202d1a7c09
SHA256

de0c3eef3103a970e5e6499a8496e05015b71bc97f664c67e829c2e2b4d5bd62
SHA512

2580b3f6f8487d1f3e5dcdd8d1e4ca55c4d323b2ca30e8ec07868afe69756e03afb876719a87414bb01e79d5b508b1fde46c731e72f2f1f6a1fe716096d0c323
SSDEEP

12288:WfpbtmgdCTn9FXfLHFNr3FkkKY/gSJTU:Wfpbtmgd+9FfjHxRKrSJTU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aac7c12ecc82df2bf58409d61f3d01a0N.exe

Files

aac7c12ecc82df2bf58409d61f3d01a0N.exe
.exe windows:4 windows x86 arch:x86

e2a58d644c391ca7b100b5bd729a1687

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

PostMessageA
SendMessageA
SetWindowLongA
CallWindowProcA
SetCapture
ReleaseCapture
WindowFromPoint
GetCursorPos
wsprintfA
DispatchMessageA
TranslateMessage
GetMessageA
PeekMessageA
MessageBoxA

wininet

InternetConnectA
InternetOpenA
InternetGetCookieExA
InternetCloseHandle
InternetSetCookieA
HttpQueryInfoA
HttpOpenRequestA
InternetSetOptionA
InternetGetCookieA
InternetReadFile
HttpSendRequestA

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

kernel32

FlushFileBuffers
SetStdHandle
LCMapStringW
InterlockedIncrement
InterlockedDecrement
SetFilePointer
GetStringTypeW
GetStringTypeA
GetOEMCP
GetACP
GetCPInfo
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
VirtualAlloc
WriteFile
RtlUnwind
LocalAlloc
VerLanguageNameW
LocalFree
MultiByteToWideChar
GetCurrentProcess
OpenProcess
GetProcessIoCounters
CloseHandle
GetProcessHeap
GetModuleHandleA
ExitProcess
HeapAlloc
HeapReAlloc
HeapFree
IsBadReadPtr
LCMapStringA
WideCharToMultiByte
GetUserDefaultLCID
FreeLibrary
GetProcAddress
LoadLibraryA
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetLastError
TlsGetValue
TlsAlloc
TlsSetValue
GetCurrentThreadId
DeleteCriticalSection
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
TerminateProcess
GetVersion
GetCommandLineA
GetStartupInfoA
SetLastError

ole32

CoUninitialize
OleRun
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
CoInitialize

oleaut32

SafeArrayGetLBound
SafeArrayGetDim
SafeArrayAllocData
SafeArrayAllocDescriptor
VariantInit
VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetElemsize
SysFreeString
VarR8FromCy
VarR8FromBool
VariantChangeType
LoadTypeLi
LHashValOfNameSys
RegisterTypeLi
VariantCopy
SafeArrayCreate
SysAllocString
VariantClear
SafeArrayDestroy
SafeArrayGetUBound

Sections

.text
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 148KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 672KB - Virtual size: 672KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e2a58d644c391ca7b100b5bd729a1687

Headers

File Characteristics

Imports

user32

wininet

version

kernel32

ole32

oleaut32

Sections

.text Size: 104KB - Virtual size: 101KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 148KB - Virtual size: 151KB

.rsrc Size: 672KB - Virtual size: 672KB

.text
Size: 104KB - Virtual size: 101KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 148KB - Virtual size: 151KB

.rsrc
Size: 672KB - Virtual size: 672KB