5e793ced7f626029103335db4f822830N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

5e793ced7f626029103335db4f822830N.exe
Size

504KB
MD5

5e793ced7f626029103335db4f822830
SHA1

66ddc4e6af732c87c0d8592f6a9b557658874365
SHA256

a26aed3a4646ad185bdbc3721551fb025387d2b3dcce15b26f1c0b499884a56a
SHA512

749504c3247fa30315c8c9e83f8a5e766189e69b4cca61012919a81f995ca496ddf4f81c90737b82ff9e73f0c9b098de8cb86f5b1e09d14f67497dc918df0fef
SSDEEP

12288:WB2XUSipvUXfT8+4kSw2hyfoloTdKVlWdbwOs6hgQBV4rlhaVDy:WcX7ipvUXfT8+4kSw2hyfw0d8ubwOs63

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e793ced7f626029103335db4f822830N.exe

Files

5e793ced7f626029103335db4f822830N.exe
.exe windows:4 windows x86 arch:x86

4af8634c4777f0d68e38ef11fc128556

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointer
MultiByteToWideChar
TlsSetValue
DeleteCriticalSection
OpenMutexA
GetCurrentThread
HeapFree
GetCurrentThreadId
CompareStringA
InitializeCriticalSection
CloseHandle
GetModuleFileNameA
LeaveCriticalSection
GetCurrentProcess
GetEnvironmentStrings
lstrlenA
GetSystemTime
GetStdHandle
lstrcpynW
HeapDestroy
CreateMutexA
VirtualQuery
SetTimeZoneInformation
ExitProcess
TlsFree
GetTimeFormatW
LCMapStringW
FindNextFileW
LoadLibraryA
SetStdHandle
FreeEnvironmentStringsW
GetCurrentProcessId
GetTimeZoneInformation
QueryPerformanceCounter
GetEnvironmentStringsW
GetCPInfo
GetCommandLineA
SetEnvironmentVariableA
IsBadWritePtr
VirtualFree
GetTickCount
CompareStringW
GetVersion
GetStartupInfoA
GetStringTypeA
HeapAlloc
GetOEMCP
UnhandledExceptionFilter
WriteConsoleOutputW
TlsGetValue
OutputDebugStringW
ReadConsoleA
GetProcAddress
EnterCriticalSection
SetHandleCount
GetComputerNameA
GetStringTypeW
WideCharToMultiByte
FlushFileBuffers
GetConsoleCP
GetConsoleTitleW
WriteFile
GetAtomNameA
TlsAlloc
VirtualAlloc
FreeEnvironmentStringsA
SetLastError
HeapValidate
TerminateProcess
LCMapStringA
GetFileType
InterlockedDecrement
GetLocalTime
GetLastError
GetSystemTimeAsFileTime
GetSystemDirectoryW
ReadFile
EnumResourceTypesA
HeapCreate
RtlUnwind
GetACP
GetModuleHandleA
FoldStringW
HeapReAlloc
InterlockedExchange
InterlockedIncrement

comdlg32

GetSaveFileNameW

shell32

ExtractAssociatedIconA

gdi32

GetTextExtentPoint32A
SetBoundsRect
StartDocA
OffsetClipRgn
ExtFloodFill

wininet

InternetSetDialStateW
FindFirstUrlCacheEntryA
InternetQueryOptionW
DeleteUrlCacheEntryA
UpdateUrlCacheContentPath
InternetSetCookieW
InternetOpenA
GetUrlCacheConfigInfoW

comctl32

InitCommonControlsEx

user32

RegisterClassExA
UnpackDDElParam
ScrollWindow
LoadMenuIndirectA
RegisterClassA

Sections

.text
Size: 175KB - Virtual size: 174KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 311KB - Virtual size: 311KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4af8634c4777f0d68e38ef11fc128556

Headers

File Characteristics

Imports

kernel32

comdlg32

shell32

gdi32

wininet

comctl32

user32

Sections

.text Size: 175KB - Virtual size: 174KB

.rdata Size: 4KB - Virtual size: 9KB

.data Size: 311KB - Virtual size: 311KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 175KB - Virtual size: 174KB

.rdata
Size: 4KB - Virtual size: 9KB

.data
Size: 311KB - Virtual size: 311KB

.rsrc
Size: 12KB - Virtual size: 11KB