6b5d029bd812eb3fabdf6b973fc00c50N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

6b5d029bd812eb3fabdf6b973fc00c50N.exe
Size

428KB
MD5

6b5d029bd812eb3fabdf6b973fc00c50
SHA1

436fbf978d47a0a2393f7c38c0877427012aeb83
SHA256

f6c9fb3b2100f623bc4c4defbbc22d1fde85a92a421f62772c27189ca7b7b610
SHA512

37c8aeeef8c222e4458bc817b95aa52fac8284925eef0cdbf84af301acafe0718e82071a5af3b63a8f419cca64a7b4649557c482033ae30cc24afc744bd5bf6f
SSDEEP

12288:z8TbPC5r8Z0ziXOiHD77Vilp/XXCeEapAIcUs9jZ9jiy:z8TLA70Oig1HCeps3tiy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6b5d029bd812eb3fabdf6b973fc00c50N.exe

Files

6b5d029bd812eb3fabdf6b973fc00c50N.exe
.exe windows:4 windows x86 arch:x86

b65d53b426bffa53633662d1bcbcf40e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EndDialog
CreateMenu
SetRectEmpty
VkKeyScanA
GetDlgItemInt
SetScrollRange
OemToCharBuffA
GetMenuBarInfo

shell32

RealShellExecuteW
SHUpdateRecycleBinIcon
SHGetDataFromIDListA
ShellAboutA
ShellAboutW
SHGetFileInfo
DragAcceptFiles
SHGetInstanceExplorer
SHGetFileInfoW
SHGetPathFromIDListA
ExtractIconW
FreeIconList
SHLoadInProc
FindExecutableA
InternalExtractIconListA
CommandLineToArgvW
SHGetFileInfoA
SHGetDesktopFolder
DragQueryPoint
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHBrowseForFolderA

gdi32

CreateEnhMetaFileA
CreateBitmap
GdiPlayScript
GetCharABCWidthsW
GetDeviceGammaRamp
GetICMProfileA
FlattenPath
GetPath
GetMetaFileW
GetTextMetricsW
SetMagicColors
GetColorAdjustment
GetGlyphOutlineW
CreateDCW
DeleteEnhMetaFile
SetBkMode
GetOutlineTextMetricsA
GetCharABCWidthsFloatA
PolyPolyline
GetObjectType
FloodFill
GetEnhMetaFileBits

wininet

FtpOpenFileW
InternetFindNextFileA
FindFirstUrlCacheEntryA
FtpDeleteFileW
FindNextUrlCacheEntryW
InternetGoOnlineA
InternetOpenUrlW
HttpOpenRequestW
InternetCheckConnectionA
FtpOpenFileA
HttpEndRequestW
DeleteUrlCacheGroup

kernel32

GetModuleHandleA
LeaveCriticalSection
GetVersion
UnlockFile
FreeEnvironmentStringsW
RtlUnwind
UnhandledExceptionFilter
GetFileType
GetModuleFileNameA
GetCurrentThreadId
GetProcAddress
HeapReAlloc
GetCommandLineA
VirtualAlloc
GetTimeZoneInformation
TlsAlloc
EnumDateFormatsExA
HeapDestroy
GetCurrentProcess
InterlockedExchange
TlsGetValue
GetDiskFreeSpaceA
SleepEx
GetModuleFileNameW
VirtualFree
HeapFree
DeleteCriticalSection
FreeEnvironmentStringsA
InitializeCriticalSection
GetStartupInfoA
GetCurrentThread
ExitProcess
HeapAlloc
LocalUnlock
GetLastError
SetThreadContext
GetCurrentProcessId
GetStdHandle
lstrcpyA
QueryPerformanceCounter
GetTickCount
MultiByteToWideChar
WriteFile
GetStartupInfoW
TlsSetValue
CreateMailslotA
GetEnvironmentStrings
GetSystemTimeAsFileTime
TerminateProcess
GetEnvironmentStringsW
HeapCreate
SetLastError
EnterCriticalSection
IsBadWritePtr
TlsFree
VirtualQuery
LoadLibraryA
GetCommandLineW
SetHandleCount

Sections

.text
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 302KB - Virtual size: 302KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b65d53b426bffa53633662d1bcbcf40e

Headers

File Characteristics

Imports

user32

shell32

gdi32

wininet

kernel32

Sections

.text Size: 111KB - Virtual size: 111KB

.data Size: 302KB - Virtual size: 302KB

.rsrc Size: 13KB - Virtual size: 13KB

.text
Size: 111KB - Virtual size: 111KB

.data
Size: 302KB - Virtual size: 302KB

.rsrc
Size: 13KB - Virtual size: 13KB