6a249b935a78528fced1b5d14fcb5a30N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

6a249b935a78528fced1b5d14fcb5a30N.exe
Size

342KB
MD5

6a249b935a78528fced1b5d14fcb5a30
SHA1

0097e239e943e45c1bcf819ed384ee8bc669983e
SHA256

1bb838f1a483e1644e3861328f37250c9c59faf8d1fc590386eec3c479fcc38b
SHA512

3661864193dd8e7cbfbfa91ab1b0c7b2b53d883da3433452e4d20e5af1fbcf9eaaadf5051adcbc4e9298091377cb802edc491b42f6b269497228ecada9114e93
SSDEEP

6144:y3o0JXjxvAizFN2bVhAyJYghc39bXsD1kZu3Y8OKDXrsqd1chqUCQpE0jZc7:y3XdnZ2VhJJYghc39bXsDsuI8ZDXDcha

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a249b935a78528fced1b5d14fcb5a30N.exe

Files

6a249b935a78528fced1b5d14fcb5a30N.exe
.exe windows:4 windows x86 arch:x86

15fac6b66941ae6b9341377b0cfe49a6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

gdi32

DPtoLP
InvertRgn
PlayMetaFile
GetCharABCWidthsFloatA
SetMiterLimit
Chord
SwapBuffers
GdiGetBatchLimit
ExtCreateRegion
AngleArc
EnumICMProfilesA
Ellipse
SetMetaRgn
PolylineTo
OffsetViewportOrgEx

kernel32

FreeEnvironmentStringsA
QueryPerformanceCounter
CompareStringW
TlsGetValue
GetFileType
FreeEnvironmentStringsW
HeapReAlloc
GetLocaleInfoA
GetCurrentThreadId
CreateProcessW
VirtualAlloc
CompareStringA
GetEnvironmentStringsW
GetTickCount
IsBadWritePtr
OpenMutexA
RtlUnwind
UnhandledExceptionFilter
LoadLibraryA
GetCurrentThread
SetStdHandle
VirtualQuery
EnterCriticalSection
GetProcAddress
LeaveCriticalSection
GetCommandLineA
TlsSetValue
InterlockedExchange
GetModuleHandleA
DeleteCriticalSection
HeapFree
EnumSystemLocalesA
GetTimeFormatA
GetLastError
GetLocaleInfoW
IsValidCodePage
GetStdHandle
GetUserDefaultLCID
ExitProcess
LCMapStringW
GetStartupInfoW
FlushFileBuffers
TerminateProcess
SetEnvironmentVariableA
GetACP
GetVersionExA
SetHandleCount
IsValidLocale
CreateMutexA
LCMapStringA
GetStringTypeA
GetModuleFileNameA
CloseHandle
WriteFile
HeapDestroy
GetCommandLineW
CreateThread
VirtualFree
GetSystemTimeAsFileTime
GetStartupInfoA
GetCPInfo
TlsAlloc
GetDateFormatA
InitializeCriticalSection
HeapCreate
ReadFile
SetLastError
HeapAlloc
TlsFree
GetCurrentProcessId
GetSystemInfo
MultiByteToWideChar
GetTimeZoneInformation
WideCharToMultiByte
SetFilePointer
GetModuleFileNameW
GetEnvironmentStrings
GetCurrentProcess
GetStringTypeW
VirtualProtect
HeapSize
GetOEMCP

comdlg32

GetSaveFileNameA
GetOpenFileNameW
ReplaceTextW

user32

OpenDesktopA
GetDCEx
GetClipboardViewer
CloseWindow
DestroyWindow
SetMenuDefaultItem
LoadStringW
FreeDDElParam
DestroyMenu
IsWindowEnabled
RegisterClassA
SetWindowPlacement
FlashWindow
RegisterDeviceNotificationA
CopyIcon
DefMDIChildProcA
CreateDialogIndirectParamA
ChildWindowFromPointEx
DlgDirListW
AnyPopup
MapDialogRect
RegisterClassExA
UpdateWindow
DdeReconnect
CreateMenu
BringWindowToTop

advapi32

RegCreateKeyExA
CryptEnumProvidersW
RegRestoreKeyA
RegCloseKey

shell32

SHGetSpecialFolderPathA
SHUpdateRecycleBinIcon
InternalExtractIconListW

Sections

.text
Size: 171KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 146KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

15fac6b66941ae6b9341377b0cfe49a6

Headers

File Characteristics

Imports

comctl32

gdi32

kernel32

comdlg32

user32

advapi32

shell32

Sections

.text Size: 171KB - Virtual size: 171KB

.rdata Size: 8KB - Virtual size: 20KB

.data Size: 146KB - Virtual size: 146KB

.rsrc Size: 14KB - Virtual size: 14KB

.text
Size: 171KB - Virtual size: 171KB

.rdata
Size: 8KB - Virtual size: 20KB

.data
Size: 146KB - Virtual size: 146KB

.rsrc
Size: 14KB - Virtual size: 14KB