6431f72718aa3d601c756fd49954a0f0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

6431f72718aa3d601c756fd49954a0f0N.exe
Size

792KB
MD5

6431f72718aa3d601c756fd49954a0f0
SHA1

7b8d5c8cb0ad384dff7fdadee7142da757714622
SHA256

72aa8c838b5c92f2c1b5461641925ef32c9571a750e57b41dfcab8a52fd162c3
SHA512

231f8d20bd825f795cf784ec5e26369e7f8593e549cf13264b868c0601a5101c90b7f81887076aa2085548ed3921f89403c91faa0e6f3e748164d4cbc26f9ea7
SSDEEP

24576:oUsvPWgnMOy8PYeoaTid6frLQFjEpbo91tyK+r:wvPWVf69Tid6oF4Zk0K+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6431f72718aa3d601c756fd49954a0f0N.exe

Files

6431f72718aa3d601c756fd49954a0f0N.exe
.exe windows:4 windows x86 arch:x86

266e7e5eebecec087c86a1d597197c66

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

n:\tsjqjkbz\

Imports

comdlg32

GetFileTitleW

comctl32

ImageList_Merge
ImageList_Create
InitCommonControlsEx
ImageList_GetBkColor
ImageList_GetFlags

user32

WINNLSGetEnableStatus
GetTitleBarInfo
SetKeyboardState
CreateAcceleratorTableW
SwitchDesktop
ShowWindow
RegisterClipboardFormatA
RegisterDeviceNotificationW
CallWindowProcA
GetClipboardData
DdeCreateDataHandle
DdeQueryStringW
MessageBoxW
RegisterClassW
GetDesktopWindow
DefWindowProcW
EnumDesktopsW
SetMessageExtraInfo
BeginDeferWindowPos
DdeCmpStringHandles
EnumWindowStationsA
MapVirtualKeyExA
OpenWindowStationW
EnumWindows
GetWindowDC
ToUnicode
SetRect
CreateWindowExA
DialogBoxParamA
ChangeDisplaySettingsW
OemToCharBuffA
LookupIconIdFromDirectoryEx
RegisterClassA
GetKeyboardLayoutNameW
RegisterClassExA
DdeImpersonateClient
GetDlgCtrlID
ChangeDisplaySettingsA
BlockInput
GetFocus
DestroyWindow
GetActiveWindow
EndDeferWindowPos
SetLastErrorEx
EnableWindow

kernel32

HeapReAlloc
SetConsoleCtrlHandler
GetFileType
CompareStringA
HeapAlloc
SetStdHandle
GetEnvironmentStringsW
LCMapStringA
MultiByteToWideChar
SetHandleCount
GetStdHandle
CreateFileA
GetConsoleMode
DeleteCriticalSection
GetModuleHandleW
WriteConsoleW
GetTimeFormatA
RtlUnwind
GetSystemTimeAsFileTime
VirtualQuery
GetCPInfo
GetStartupInfoW
SystemTimeToFileTime
GetLastError
GetLocaleInfoW
FlushFileBuffers
WideCharToMultiByte
HeapDestroy
TlsSetValue
VirtualAlloc
GetLocaleInfoA
EnterCriticalSection
HeapFree
GetStringTypeA
LoadLibraryA
TerminateProcess
VirtualFree
GetStartupInfoA
GetConsoleOutputCP
GetACP
CompareStringW
TlsAlloc
FreeLibrary
IsValidCodePage
GetCurrentThread
GetModuleFileNameW
GetModuleHandleA
GetConsoleCP
UnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
GetCurrentThreadId
GetPrivateProfileSectionNamesW
GetCurrentProcessId
TlsFree
SetUnhandledExceptionFilter
Sleep
HeapSize
CreateMailslotA
GetCommandLineA
LCMapStringW
WriteFile
GetProcAddress
OpenMutexA
InterlockedDecrement
lstrcatW
SetFilePointer
GetStringTypeW
TlsGetValue
GetCurrentProcess
QueryPerformanceCounter
GetDriveTypeW
ReadFile
GetUserDefaultLCID
InterlockedIncrement
ExitProcess
InterlockedExchange
GetOEMCP
HeapCreate
IsDebuggerPresent
GetCommandLineW
SetEnvironmentVariableA
LocalReAlloc
LeaveCriticalSection
GetTimeZoneInformation
GetCalendarInfoA
GetDateFormatA
FreeEnvironmentStringsW
IsValidLocale
GetModuleFileNameA
FillConsoleOutputAttribute
WriteConsoleA
GetTickCount
CloseHandle
CreateMutexA
EnumSystemLocalesA

gdi32

CreateEnhMetaFileA
CreateBrushIndirect
SetMagicColors
CreateDCW
LineDDA
GetObjectW
GetTextCharsetInfo
RectInRegion
GetObjectA
CreateBitmapIndirect
DeleteDC
MoveToEx
GetObjectType
GetDeviceCaps
GetMetaFileW
SelectClipRgn
SetMapperFlags
CreateDIBSection
LineTo
StretchDIBits
GetTextExtentPointA

advapi32

CryptEnumProviderTypesA
LookupAccountNameA
RegReplaceKeyW
RegSetValueExA
CryptSignHashW
RegOpenKeyExA
RegDeleteKeyA
RegCloseKey
CryptReleaseContext
CryptGetUserKey
LookupAccountNameW
RegConnectRegistryA
RegLoadKeyA
RegNotifyChangeKeyValue
LookupPrivilegeDisplayNameA
CryptAcquireContextA
CryptGetDefaultProviderW
CryptSetProviderExA
RevertToSelf

Sections

.text
Size: 196KB - Virtual size: 195KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 388KB - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 144KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

266e7e5eebecec087c86a1d597197c66

Headers

File Characteristics

PDB Paths

Imports

comdlg32

comctl32

user32

kernel32

gdi32

advapi32

Sections

.text Size: 196KB - Virtual size: 195KB

.rdata Size: 388KB - Virtual size: 384KB

.data Size: 144KB - Virtual size: 151KB

.rsrc Size: 60KB - Virtual size: 57KB

.text
Size: 196KB - Virtual size: 195KB

.rdata
Size: 388KB - Virtual size: 384KB

.data
Size: 144KB - Virtual size: 151KB

.rsrc
Size: 60KB - Virtual size: 57KB