72b6e6db1221cb5beb2146b476f864b0N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

72b6e6db1221cb5beb2146b476f864b0N.exe
Size

245KB
MD5

72b6e6db1221cb5beb2146b476f864b0
SHA1

e3e478861d55ba0a7d24a1b9938cdfc6bb82449f
SHA256

235433fc1681765d0c017c4951f2895f2d94fbb1fed6eba268389968b1fb2da1
SHA512

3bfe8597bfbf22e944bb51d61d050b6306a11373de1eb7558894fc7b938d74c40bb785c6a31252abcda833193e0a8d6f317d913991594ce328ba7c8c2cc6d48b
SSDEEP

3072:M8/obVTvm38pUQqSXhi+6Sio/wi9M4lVXRbSslG425HYCmohrihpAfsITXBJiSc9:M8qTvrpUQBhiHm/A4R3MbihpAhiJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
72b6e6db1221cb5beb2146b476f864b0N.exe

Files

72b6e6db1221cb5beb2146b476f864b0N.exe
.dll windows:10 windows x86 arch:x86

ce8f2a8007cb8feb477d74baf3114913

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

olecli32.pdb

Imports

msvcrt

_XcptFilter
__dllonexit
_onexit
memmove
_vsnwprintf
memcmp
memcpy
wcsncmp
_errno
_purecall
_unlock
_lock
_except_handler4_common
_initterm
malloc
free
_amsg_exit
??3@YAXPAX@Z
memset

kernel32

VirtualQuery
SetThreadStackGuarantee
GetSystemInfo
VirtualAlloc
VirtualProtect
IsDebuggerPresent
IsWow64Process
DebugBreak
GetModuleHandleW
GetProcessHeap
DeleteCriticalSection
AcquireSRWLockShared
CreateMutexExW
HeapAlloc
CreateThreadpoolTimer
ReleaseSRWLockShared
SetThreadpoolTimer
CloseHandle
OpenSemaphoreW
WaitForSingleObjectEx
AcquireSRWLockExclusive
InitOnceComplete
GetCurrentThread
CloseThreadpoolTimer
OutputDebugStringW
ReleaseSRWLockExclusive
GetLastError
FormatMessageW
ReleaseMutex
WaitForSingleObject
WaitForThreadpoolTimerCallbacks
InitializeCriticalSectionEx
LeaveCriticalSection
GetModuleHandleExW
ReleaseSemaphore
OutputDebugStringA
SetLastError
HeapFree
CreateSemaphoreExW
InitOnceBeginInitialize
GetTickCount
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameA
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
Sleep
OpenFile
CompareStringA
GetCurrentThreadId
GetDriveTypeA
FreeLibrary
GetProcAddress
LoadLibraryA
GetModuleHandleA
lstrcmpiA
lstrcmpA
LocalHandle
GlobalReAlloc
LocalUnlock
GlobalFindAtomA
WinExec
LocalFree
GlobalSize
GlobalAddAtomA
GlobalDeleteAtom
LocalAlloc
LocalLock
GlobalGetAtomNameA
EnterCriticalSection
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
MulDiv

advapi32

SetThreadToken
RegOpenKeyExA
EventUnregister
OpenThreadToken
OpenProcessToken
RegOpenUserClassesRoot
EventSetInformation
EventRegister
RegQueryValueExA
EventWriteTransfer
RegCloseKey

user32

IsClipboardFormatAvailable
CharUpperBuffA
PeekMessageA
IsWindow
GetClipboardFormatNameA
RegisterClipboardFormatA
FreeDDElParam
GetWindowThreadProcessId
UnregisterClassA
RegisterClassA
EnumClipboardFormats
CloseClipboard
ReleaseDC
SetClipboardData
GetClipboardData
GetDC
UnpackDDElParam
PackDDElParam
KillTimer
SendMessageA
CreateWindowExA
DefWindowProcA
GetWindowLongA
SetWindowLongA
SetTimer
PostMessageA
GetDlgItem
OpenClipboard
DestroyWindow
RemovePropA
SetPropA
IsWindowVisible
LoadStringA
EndDialog
DialogBoxParamA
GetDlgItemTextA
MessageBoxA
GetPropA
SendDlgItemMessageA
SetDlgItemTextA
EnumThreadWindows

gdi32

GetMetaFileBitsEx
SetMetaFileBitsEx
CloseMetaFile
CreateMetaFileA
CopyMetaFileA
DeleteMetaFile
EnumEnhMetaFile
SelectObject
GetWindowExtEx
CreateCompatibleDC
StretchBlt
RealizePalette
StretchDIBits
SetWindowOrgEx
GetStockObject
PlayMetaFileRecord
SetWindowExtEx
GetDIBits
PlayEnhMetaFileRecord
SetViewportExtEx
DeleteDC
SelectPalette
SetViewportOrgEx
CreatePalette
EnumMetaFile
RestoreDC
LPtoDP
SetMapMode
IntersectClipRect
SetWinMetaFileBits
SaveDC
GetBitmapDimensionEx
GetBitmapBits
SetBitmapDimensionEx
GetDeviceCaps
SetBitmapBits
DeleteObject
CreateBitmap
GetObjectA
CopyEnhMetaFileA
SetEnhMetaFileBits
GetEnhMetaFileHeader
GetWinMetaFileBits
DeleteEnhMetaFile
GetEnhMetaFileBits
GetViewportExtEx

mpr

WNetGetConnectionA
WNetAddConnectionA

ntdll

EtwTraceMessage

Exports

Exports

BmChangeData
BmClone
BmCopy
BmDraw
BmEnumFormat
BmEqual
BmGetData
BmQueryBounds
BmRelease
BmSaveToStream
CheckNetDrive
ConnectDlgProc
DefCreate
DefCreateFromClip
DefCreateFromFile
DefCreateFromTemplate
DefCreateInvisible
DefCreateLinkFromClip
DefCreateLinkFromFile
DefLoadFromStream
DibChangeData
DibClone
DibCopy
DibDraw
DibEnumFormat
DibEqual
DibGetData
DibQueryBounds
DibRelease
DibSaveToStream
DocWndProc
ErrActivate
ErrClose
ErrCopyFromLink
ErrExecute
ErrGetUpdateOptions
ErrObjectConvert
ErrObjectLong
ErrQueryOpen
ErrQueryOutOfDate
ErrQueryProtocol
ErrReconnect
ErrSetBounds
ErrSetData
ErrSetHostNames
ErrSetTargetDevice
ErrSetUpdateOptions
ErrShow
ErrUpdate
GenChangeData
GenClone
GenCopy
GenDraw
GenEnumFormat
GenEqual
GenGetData
GenQueryBounds
GenRelease
GenSaveToStream
GenSetData
GetTaskVisibleWindow
LeActivate
LeChangeData
LeClone
LeClose
LeCopy
LeCopyFromLink
LeCreateInvisible
LeDraw
LeEnumFormat
LeEqual
LeExecute
LeGetData
LeGetUpdateOptions
LeObjectConvert
LeObjectLong
LeQueryBounds
LeQueryOpen
LeQueryOutOfDate
LeQueryProtocol
LeQueryType
LeReconnect
LeRelease
LeSaveToStream
LeSetBounds
LeSetData
LeSetHostNames
LeSetTargetDevice
LeSetUpdateOptions
LeShow
LeUpdate
MfCallbackFunc
MfChangeData
MfClone
MfCopy
MfDraw
MfEnumFormat
MfEqual
MfGetData
MfQueryBounds
MfRelease
MfSaveToStream
ObjQueryName
ObjQuerySize
ObjQueryType
ObjRename
OleActivate
OleClone
OleClose
OleCopyFromLink
OleCopyToClipboard
OleCreate
OleCreateFromClip
OleCreateFromFile
OleCreateFromTemplate
OleCreateInvisible
OleCreateLinkFromClip
OleCreateLinkFromFile
OleDelete
OleDraw
OleEnumFormats
OleEnumObjects
OleEqual
OleExecute
OleGetData
OleGetLinkUpdateOptions
OleIsDcMeta
OleLoadFromStream
OleLockServer
OleObjectConvert
OleQueryBounds
OleQueryClientVersion
OleQueryCreateFromClip
OleQueryLinkFromClip
OleQueryName
OleQueryOpen
OleQueryOutOfDate
OleQueryProtocol
OleQueryReleaseError
OleQueryReleaseMethod
OleQueryReleaseStatus
OleQuerySize
OleQueryType
OleReconnect
OleRegisterClientDoc
OleRelease
OleRename
OleRenameClientDoc
OleRequestData
OleRevertClientDoc
OleRevokeClientDoc
OleSaveToStream
OleSavedClientDoc
OleSetBounds
OleSetColorScheme
OleSetData
OleSetHostNames
OleSetLinkUpdateOptions
OleSetTargetDevice
OleUnlockServer
OleUpdate
PbCopyToClipboard
PbCreate
PbCreateFromClip
PbCreateFromFile
PbCreateFromTemplate
PbCreateInvisible
PbCreateLinkFromClip
PbCreateLinkFromFile
PbDraw
PbEnumFormats
PbGetData
PbLoadFromStream
PbQueryBounds
SetNetName
SetNextNetDrive
SrvrWndProc
WEP

Sections

.text
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 145KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ce8f2a8007cb8feb477d74baf3114913

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

advapi32

user32

gdi32

mpr

ntdll

Exports

Exports

Sections

.text Size: 90KB - Virtual size: 90KB

.data Size: 1KB - Virtual size: 4KB

.idata Size: 5KB - Virtual size: 5KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 145KB - Virtual size: 144KB

.text
Size: 90KB - Virtual size: 90KB

.data
Size: 1KB - Virtual size: 4KB

.idata
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 145KB - Virtual size: 144KB