5dfbf8585f17b7a416739065d56ac6d0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

5dfbf8585f17b7a416739065d56ac6d0N.exe
Size

441KB
MD5

5dfbf8585f17b7a416739065d56ac6d0
SHA1

5aa9a37aa01e871c9f9034ccd46cf56e4f9c38ce
SHA256

803dc9ce97f89063b7ca4b6378aa29b7609e392b7de3e39cddc4bebb6107a81c
SHA512

5ab34120921704ce2f87225cf067ef082ef34c0e5bf8bac1055c901501e1916b8421f35e77522ffbc7df4710191e0d1b0dd5e09509567ecd768b626f2a133a41
SSDEEP

12288:84AfHIJOOsRTNgS380ZDrbsFlsR5mvUUKFdah:8JCqgkfrbs47gUtF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5dfbf8585f17b7a416739065d56ac6d0N.exe

Files

5dfbf8585f17b7a416739065d56ac6d0N.exe
.exe windows:4 windows x86 arch:x86

4b070277f92b13c20724d8cdff416184

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

PrintDlgA
ReplaceTextW
GetOpenFileNameW
ChooseColorW
ChooseColorA
GetFileTitleA
GetFileTitleW
ChooseFontA

gdi32

GetTextCharacterExtra
EnumFontsA
FrameRgn
UpdateICMRegKeyW
GetCharABCWidthsW
EnumICMProfilesA
EndDoc
EnumFontsW
PatBlt
GetPixelFormat
GetCharWidthA
GetEnhMetaFileW
SelectClipRgn
SetWorldTransform
SetWinMetaFileBits
GetLogColorSpaceA
GdiSetBatchLimit
CreateDIBPatternBrushPt
PolylineTo

wininet

UnlockUrlCacheEntryFileA
InternetSetOptionExA
InternetQueryOptionA
InternetCreateUrlA
CreateUrlCacheEntryA

advapi32

RegDeleteValueW
CryptSetProviderW
RegEnumValueW
RegRestoreKeyA
LookupAccountNameW

kernel32

WriteFile
UnhandledExceptionFilter
GetLastError
InterlockedIncrement
GetEnvironmentStringsW
GetACP
IsDebuggerPresent
IsValidCodePage
InitializeCriticalSection
TlsSetValue
GetStringTypeW
WriteProfileStringA
GetStartupInfoA
GetSystemTimeAsFileTime
EnterCriticalSection
VirtualAlloc
GlobalFree
TerminateProcess
EnumSystemLocalesA
DeleteCriticalSection
HeapSize
SetLastError
GetLocaleInfoA
GetUserDefaultLCID
TlsAlloc
SetUnhandledExceptionFilter
ExitProcess
GetProcAddress
SetThreadContext
SetWaitableTimer
GetProcessHeap
VirtualQuery
IsValidLocale
SetConsoleCtrlHandler
GetCurrentThread
LoadLibraryA
RtlUnwind
GetTimeFormatA
TlsFree
WaitNamedPipeW
TlsGetValue
FindNextFileA
GetOEMCP
GetModuleFileNameA
GetEnvironmentStrings
FreeEnvironmentStringsA
LeaveCriticalSection
FreeEnvironmentStringsW
GetStdHandle
WaitForDebugEvent
GetVersionExA
SetEnvironmentVariableA
OpenSemaphoreA
GetCurrentProcessId
GetConsoleTitleA
QueryPerformanceCounter
MultiByteToWideChar
GetPrivateProfileSectionNamesW
VirtualFree
HeapDestroy
TerminateThread
UnlockFileEx
GetDateFormatA
InterlockedDecrement
HeapReAlloc
WideCharToMultiByte
HeapAlloc
GetFileType
Sleep
LCMapStringA
GetCurrentProcess
GetCPInfo
SetThreadAffinityMask
GetTimeZoneInformation
HeapCreate
GetCommandLineA
InterlockedExchange
LCMapStringW
GetModuleHandleA
GetTickCount
SetHandleCount
GetLocaleInfoW
CompareStringW
GetCurrentThreadId
FreeLibrary
GetStringTypeA
CompareStringA
HeapFree
InitializeCriticalSectionAndSpinCount

shell32

ExtractIconExA
DuplicateIcon
CommandLineToArgvW
RealShellExecuteA
ShellExecuteA
SheChangeDirA
SHGetSpecialFolderPathW
DragAcceptFiles
SHLoadInProc
FindExecutableW

Sections

.text
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 275KB - Virtual size: 275KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4b070277f92b13c20724d8cdff416184

Headers

File Characteristics

Imports

comdlg32

gdi32

wininet

advapi32

kernel32

shell32

Sections

.text Size: 160KB - Virtual size: 160KB

.data Size: 275KB - Virtual size: 275KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 160KB - Virtual size: 160KB

.data
Size: 275KB - Virtual size: 275KB

.rsrc
Size: 4KB - Virtual size: 4KB