6774264506954cd2ddc1330ae19e7a20N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

6774264506954cd2ddc1330ae19e7a20N.exe
Size

480KB
MD5

6774264506954cd2ddc1330ae19e7a20
SHA1

6d3e0e0c508a8abf2cfdcd95257aa57336873cbb
SHA256

6b1e8790438d5480b2bbc013e3ddae7aee67b4576d112afde54b3b07ef25dfe0
SHA512

8027f9d34c723ed290167ce44ee1405b816225023a9347d452658a16e9c630f910d271dd6efafeeb1793748f5eeb9028b8bf9e76f14a4c9218cf952fed17ee46
SSDEEP

12288:80gYnRMzmDrb7+j1Q2DYloa82VkknAfofZKq4jfi3MYz:lgYRMST9RlgsfJEfQFz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6774264506954cd2ddc1330ae19e7a20N.exe

Files

6774264506954cd2ddc1330ae19e7a20N.exe
.exe windows:4 windows x86 arch:x86

6053988941ba383a8642cf93258a943f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\dp

Imports

shell32

CommandLineToArgvW
SHInvokePrinterCommandW
ExtractIconExW
SHFreeNameMappings
DragQueryFile

kernel32

GetVersion
CopyFileA
HeapReAlloc
CompareStringA
TlsGetValue
GetCPInfo
GetModuleFileNameA
TlsFree
TlsAlloc
GetLocalTime
FreeEnvironmentStringsW
WaitForDebugEvent
HeapDestroy
MultiByteToWideChar
FileTimeToSystemTime
InterlockedExchange
HeapCreate
GetSystemTime
LCMapStringW
GetCurrentProcessId
CompareStringW
GetCurrentThread
IsBadWritePtr
LoadLibraryA
RtlUnwind
GetModuleFileNameW
HeapAlloc
LeaveCriticalSection
QueryPerformanceCounter
GetFileType
GetSystemTimeAsFileTime
DeleteCriticalSection
GetTickCount
GetEnvironmentStringsW
SetLastError
WriteFile
GetEnvironmentStrings
GetStartupInfoA
GetStringTypeA
SetEnvironmentVariableA
GetCurrentProcess
InitializeCriticalSection
TerminateProcess
GetCommandLineW
SetHandleCount
GetStringTypeW
GetStdHandle
TlsSetValue
CreateNamedPipeA
OpenMutexA
WideCharToMultiByte
GetCurrentThreadId
VirtualFree
GetProcAddress
GetModuleHandleA
UnhandledExceptionFilter
ExitProcess
SetFilePointer
LCMapStringA
CreateMutexA
SetStdHandle
GetCommandLineA
GetLastError
GetTimeZoneInformation
CloseHandle
HeapFree
ReadFile
GetStartupInfoW
InterlockedIncrement
VirtualAlloc
FlushFileBuffers
VirtualQuery
FreeEnvironmentStringsA
InterlockedDecrement
EnterCriticalSection

wininet

GopherCreateLocatorW
FindNextUrlCacheGroup
GopherGetAttributeW

user32

RegisterClassA
CreateDialogIndirectParamA
DispatchMessageW
RegisterClassExA
LoadStringW
IsClipboardFormatAvailable

comctl32

InitCommonControlsEx

comdlg32

GetOpenFileNameA
FindTextW

Sections

.text
Size: 319KB - Virtual size: 318KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6053988941ba383a8642cf93258a943f

Headers

File Characteristics

PDB Paths

Imports

shell32

kernel32

wininet

user32

comctl32

comdlg32

Sections

.text Size: 319KB - Virtual size: 318KB

.rdata Size: 38KB - Virtual size: 55KB

.data Size: 102KB - Virtual size: 102KB

.rsrc Size: 19KB - Virtual size: 19KB

.text
Size: 319KB - Virtual size: 318KB

.rdata
Size: 38KB - Virtual size: 55KB

.data
Size: 102KB - Virtual size: 102KB

.rsrc
Size: 19KB - Virtual size: 19KB