3348a9f035beb2d682e6966e7ad9b9b0N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

3348a9f035beb2d682e6966e7ad9b9b0N.exe
Size

646KB
MD5

3348a9f035beb2d682e6966e7ad9b9b0
SHA1

1c87fb4a0ca77c625bf0dc8ec5689cf65ec0d4b3
SHA256

5d1c2f7ba3c39412faadd5ba6098ce42e3fd5eb9bbbd330e9b5a6bf811573297
SHA512

5d8f8b71e2898ba16b88f6d1fb1171858da216709e03952d355c1b7afd438b0a60b30d1a2ef5eed4756973f17b4f54fcf7226813e6bcc47989392cdbed0bcdf4
SSDEEP

12288:O8y+o+ArAsLzPstZxi7PNl0tvqP/hwfL8umfkF6yTzO8XIrM+AiDi1j8IKRLTxlJ:+8Fc8XIrM+AiDi1j8IKRLTxlyj6YMBbj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3348a9f035beb2d682e6966e7ad9b9b0N.exe

Files

3348a9f035beb2d682e6966e7ad9b9b0N.exe
.dll regsvr32 windows:6 windows x86 arch:x86

c3472eab52356b6d1b3cfcc16debe4c2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msjetoledb40.pdb

Imports

kernel32

GetProcAddress
LoadLibraryExA
CreateFileW
FlushFileBuffers
WriteConsoleW
SetStdHandle
GetStringTypeW
SetFilePointerEx
FreeLibrary
GetConsoleCP
OutputDebugStringW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
LoadLibraryExW
WideCharToMultiByte
MultiByteToWideChar
GetLastError
GetModuleFileNameW
GetModuleFileNameA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetConsoleMode
InitializeCriticalSection
LCMapStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
GetFileType
WriteFile
GetStdHandle
GetProcessHeap
GetModuleHandleW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
Sleep
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SetLastError
HeapSize
GetModuleHandleExW
ExitProcess
GetCurrentThreadId
GetCommandLineA
GetSystemTimeAsFileTime
HeapReAlloc
HeapAlloc
HeapFree
IsProcessorFeaturePresent
IsDebuggerPresent
RtlUnwind
RaiseException
DecodePointer
EncodePointer
CloseHandle

user32

GetSystemMetrics
GetDlgItem
EndDialog
SetWindowTextA
MoveWindow
SendMessageA
GetWindowTextA
SetWindowTextW
GetParent
GetDesktopWindow
SetWindowLongA
GetWindowLongA
GetWindowRect
GetWindowTextW
DialogBoxParamA

advapi32

RegOpenKeyExW
RegOpenKeyExA
RegCloseKey

ole32

CoCreateGuid
CoCreateInstance
CoGetMalloc

msjet40

ord193
ord912
ord187
ord188
ord139
ord119
ord106
ord127
ord113
ord102
ord160
ord122
ord171
ord131
ord175
ord141
ord145
ord165
ord161
ord121
ord910
ord911
ord115
ord321
ord104
ord109
ord120
ord316
ord152
ord114
ord134
ord174
ord309
ord318
ord151
ord132
ord170
ord155
ord173
ord128
ord142
ord137
ord101
ord118
ord112
ord153
ord185
ord162
ord147
ord103
ord178
ord154
ord191
ord107
ord136
ord169
ord130
ord176
ord311
ord803
ord802
ord804
ord801
ord133
ord146
ord312
ord304
ord310
ord317
ord315
ord302
ord158
ord126
ord138
ord56
ord906
ord908
ord156
ord159
ord172
ord167
ord179
ord108
ord163
ord124
ord116
ord184
ord907
ord909
ord196
ord140
ord148
ord195
ord110
ord319
ord144
ord157
ord123

oleaut32

SysAllocStringLen
VariantClear
SysAllocString
SysFreeString
VariantCopy
VariantInit
GetErrorInfo
SysStringByteLen
SetErrorInfo

msjter40

ord5
ord3
ord2
ord4

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 303KB - Virtual size: 303KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 155KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 159KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c3472eab52356b6d1b3cfcc16debe4c2

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

ole32

msjet40

oleaut32

msjter40

Exports

Exports

Sections

.text Size: 303KB - Virtual size: 303KB

.rdata Size: 155KB - Virtual size: 155KB

.data Size: 24KB - Virtual size: 32KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 159KB - Virtual size: 159KB

.text
Size: 303KB - Virtual size: 303KB

.rdata
Size: 155KB - Virtual size: 155KB

.data
Size: 24KB - Virtual size: 32KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 159KB - Virtual size: 159KB