eefc29e40165b8819429eadd3c958e90N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

eefc29e40165b8819429eadd3c958e90N.exe
Size

529KB
MD5

eefc29e40165b8819429eadd3c958e90
SHA1

8cc07312e8b064a7c9c1cbe24ab512737910d751
SHA256

035c92ee16093763a10d2bf71b1bc5eca1af2a654b13af477d3cd4c51102e459
SHA512

4c7901892c2482ef6f98944813a288138716e706938f060bcc452c3fb76641d5607ec8fe20a2f55368c37a1cb0d05c33e5d1708d2f66fdb87fbdde13c49e133c
SSDEEP

12288:8DEQwKfAOJPM3kUMj2x3YKB2ivCasPmZk:8DESf/ykUD3YKb7Zk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eefc29e40165b8819429eadd3c958e90N.exe

Files

eefc29e40165b8819429eadd3c958e90N.exe
.dll windows:6 windows x86 arch:x86

d2734b1d79f34f39b7eef590103492a5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FlushFileBuffers
GetModuleFileNameW
WriteFile
GetOEMCP
GetACP
IsValidCodePage
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameA
CloseHandle
GetFileType
GetStdHandle
HeapSize
AreFileApisANSI
GetModuleHandleExW
ExitProcess
GetConsoleCP
IsDebuggerPresent
EnumSystemLocalesW
IsValidLocale
GetLocaleInfoW
LCMapStringW
GetProcAddress
GetModuleHandleW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
Sleep
GetConsoleMode
ReadFile
SetFilePointerEx
HeapReAlloc
LoadLibraryExW
SetStdHandle
OutputDebugStringW
WriteConsoleW
ReadConsoleW
CreateFileW
SetEndOfFile
GetDiskFreeSpaceW
GetTickCount
ResumeThread
EnumResourceTypesW
LockResource
VerifyVersionInfoW
SetFilePointer
GetVersionExW
GetCommandLineA
GetWindowsDirectoryW
GetThreadPriority
RemoveDirectoryW
LoadLibraryW
GetSystemDirectoryW
VerSetConditionMask
FindFirstFileW
GetUserDefaultLCID
SwitchToThread
WritePrivateProfileStringW
CompareFileTime
SystemTimeToTzSpecificLocalTime
RtlCaptureContext
GetTempPathW
GetUserDefaultLangID
GetPrivateProfileStringW
GetFileSize
GetSystemInfo
GetExitCodeProcess
GetProcessHeap
InitializeCriticalSectionAndSpinCount
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
HeapAlloc
WideCharToMultiByte
EncodePointer
DecodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
MultiByteToWideChar
GetStringTypeW
GetLastError
HeapFree
GetCurrentThreadId
GetCPInfo
RaiseException
RtlUnwind

user32

DialogBoxParamA
ReleaseDC
DestroyCaret
GetWindowRect
InvalidateRect
GetDlgItemTextW
GetDlgItemTextA
GetDlgItemInt
SetWindowRgn
SendDlgItemMessageA
KillTimer
DrawTextExW
GetQueueStatus
ShowCursor
SetPropA
SetRect
UnregisterClassA
SetScrollPos
PeekMessageA
SetClassLongA
DefWindowProcA
CharLowerBuffW
RedrawWindow
AppendMenuA
ReleaseCapture
InsertMenuA
SetWindowTextA
SetScrollInfo
ValidateRect
IsIconic
GetSubMenu
LoadIconA
CreateMenu
ModifyMenuW
WaitMessage
GetKeyboardState
GetWindowTextW
SetWindowLongW
SendDlgItemMessageW
GetSysColorBrush
InsertMenuW
SetDlgItemTextW
EnableWindow
GetDlgCtrlID
PostQuitMessage
GetMenuItemCount
CheckMenuItem
RegisterClassA
GetDC
MessageBoxA
GetDesktopWindow
TranslateMDISysAccel
SetWindowsHookExA

gdi32

GetTextExtentPointA
ExtTextOutA
GetDeviceCaps
ExcludeClipRect
CreateBrushIndirect
TranslateCharsetInfo
MaskBlt
GdiFlush
GetPaletteEntries
CreatePenIndirect
GetObjectType
GetCharABCWidthsFloatA
GetStockObject
GetTextExtentPoint32A
CopyEnhMetaFileA
SetPixel
SaveDC
SetPaletteEntries
GetClipBox
SetTextAlign
IntersectClipRect
GetPixel
TextOutA
DeleteDC
SetDIBColorTable
SelectClipRgn
EndDoc
ExtCreatePen
LineTo
CreateCompatibleBitmap
DeleteObject

comdlg32

FindTextW

advapi32

AllocateAndInitializeSid
OpenSCManagerW
RegLoadKeyW
InitializeSecurityDescriptor
RegQueryInfoKeyW
GetUserNameA
OpenServiceW
CloseServiceHandle
ControlService
RegSetValueExW

shell32

ShellExecuteW
Shell_NotifyIconW

oleaut32

SafeArrayGetLBound
SafeArrayPtrOfIndex
SafeArrayCreate

Sections

.text
Size: 407KB - Virtual size: 407KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d2734b1d79f34f39b7eef590103492a5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

oleaut32

Sections

.text Size: 407KB - Virtual size: 407KB

.rdata Size: 84KB - Virtual size: 83KB

.data Size: 21KB - Virtual size: 1.6MB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 15KB - Virtual size: 15KB

.text
Size: 407KB - Virtual size: 407KB

.rdata
Size: 84KB - Virtual size: 83KB

.data
Size: 21KB - Virtual size: 1.6MB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 15KB - Virtual size: 15KB