2c459d9fa6e56441cb76921e7b582b60N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

2c459d9fa6e56441cb76921e7b582b60N.exe
Size

1.4MB
MD5

2c459d9fa6e56441cb76921e7b582b60
SHA1

5d4f315f11b065311d5eb73be29bbfbec1da0b6e
SHA256

7ed6ec1a94f34b5c3b1c7dea3db42fcc451c1e1f0010c874ffd67c6930c9a981
SHA512

f506ea33b99b9d28353f75d0fc2b753fb6e568c9aef3993afd128fd35fc40bb35c75965f04265a23c96e11b809103b9b2d121519f6f682d3f43cb165c2239109
SSDEEP

24576:zNivgoVgWk65WgeigxziFKEgtZVmnz8n4NcOZOk/qz6vON:IoyUiEEUcz84lSz6vY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c459d9fa6e56441cb76921e7b582b60N.exe

Files

2c459d9fa6e56441cb76921e7b582b60N.exe
.dll regsvr32 windows:6 windows x86 arch:x86

c2530a802a8bc7adaf9fdc967beb5fba

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msjet40.pdb

Imports

mswstr10

ord2
ord4
ord1

advapi32

GetUserNameA
OpenThreadToken
SetThreadToken
RegCloseKey
RegEnumKeyA
RegOpenKeyExA
RegQueryValueExA
EventWriteTransfer
RegEnumKeyW
RegEnumValueA
RegEnumValueW
RegOpenKeyExW
RegQueryInfoKeyA
RegQueryInfoKeyW
RegQueryValueExW

kernel32

SetEnvironmentVariableA
ReadConsoleW
SetStdHandle
DisableThreadLibraryCalls
CreateFileA
DeleteFileA
CloseHandle
GetLastError
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetLocalTime
GetTickCount
VirtualAlloc
VirtualFree
VirtualQuery
FreeLibrary
GetModuleFileNameW
GetProcAddress
GetTempPathA
GetUserDefaultLCID
FindClose
FindFirstFileA
Sleep
LoadLibraryExA
GetLocaleInfoA
FlushFileBuffers
GetFileInformationByHandle
GetFileSize
GetFileType
LockFile
ReadFile
SetEndOfFile
SetFilePointer
UnlockFile
WriteFile
HeapAlloc
HeapFree
GetProcessHeap
SetThreadPriority
ResumeThread
GetSystemInfo
GlobalMemoryStatus
GetComputerNameA
SetEvent
ResetEvent
WaitForSingleObject
CreateEventA
CreateThread
GetCurrentThreadId
GetSystemTimeAsFileTime
GetDateFormatA
GetTimeFormatA
MultiByteToWideChar
WideCharToMultiByte
GetNumberFormatA
GetCurrencyFormatA
CreateFileW
DeleteFileW
FindFirstFileW
SetFilePointerEx
GetDriveTypeA
GetDriveTypeW
GetFileAttributesA
GetFileAttributesW
GetFullPathNameA
GetFullPathNameW
GetShortPathNameW
GetTempFileNameW
GetTempPathW
SetLastError
GetModuleFileNameA
GetModuleHandleA
GetModuleHandleW
LoadLibraryExW
GetShortPathNameA
GetTempFileNameA
GetComputerNameW
GetLocaleInfoW
IsDBCSLeadByte
GetCurrentThread
IsDebuggerPresent
IsProcessorFeaturePresent
GetStringTypeW
HeapReAlloc
EncodePointer
DecodePointer
RtlUnwind
GetStdHandle
GetModuleHandleExW
WriteConsoleW
RaiseException
ExitThread
GetCommandLineA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
ExitProcess
AreFileApisANSI
GetTimeZoneInformation
HeapSize
OutputDebugStringW
QueryPerformanceCounter
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
CompareStringW
LCMapStringW
GetConsoleCP
GetConsoleMode

ole32

CoCreateGuid
CoCreateInstance

oleaut32

SysFreeString
SysStringByteLen
SysAllocStringByteLen
SysStringLen

user32

CharUpperW
MsgWaitForMultipleObjects
PeekMessageA
DispatchMessageA
TranslateMessage
CharUpperA

Exports

Exports

DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 304KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 175KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c2530a802a8bc7adaf9fdc967beb5fba

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mswstr10

advapi32

kernel32

ole32

oleaut32

user32

Exports

Exports

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.data Size: 29KB - Virtual size: 304KB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 175KB - Virtual size: 175KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.data
Size: 29KB - Virtual size: 304KB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 175KB - Virtual size: 175KB