6d961c1ded736ae978ff3236a87de650N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

6d961c1ded736ae978ff3236a87de650N.exe
Size

528KB
MD5

6d961c1ded736ae978ff3236a87de650
SHA1

c0bbea3b17746b83791b14355915a3a5349987d4
SHA256

8e749bb8ee18410957eb9cd0556328e27ed5a7354579f78bdc09fa09b0b5fc15
SHA512

3c33cca88bcde2a15a41fdf140f2a27e7e7a864c609b7ba8e920c2fca34a5465ba3fb16f590a9b31ddc7dfe4fc1d0cb2acccd6aa5b86e75295ffcffce52d229e
SSDEEP

12288:wNqDc/2QdPZ4RgBT8UopsAk6MfBrjptIDS7Da1VcQcY:wNqDOiR6TU6A4LhuVm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6d961c1ded736ae978ff3236a87de650N.exe

Files

6d961c1ded736ae978ff3236a87de650N.exe
.exe windows:4 windows x86 arch:x86

d96a0630406b0459d2228380d96386a0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

kernel32

GetConsoleCP
WaitNamedPipeA
GetUserDefaultLCID
GetLocaleInfoA
GetCurrentProcess
ReadConsoleInputW
IsValidLocale
SetFilePointer
GetModuleHandleA
LCMapStringW
EnumDateFormatsExA
SetConsoleCtrlHandler
GetCPInfo
FreeEnvironmentStringsA
SetLastError
CreateDirectoryExW
GetCurrentProcessId
HeapDestroy
HeapFree
FreeLibrary
GetProcessHeap
InitializeCriticalSectionAndSpinCount
HeapCreate
WriteConsoleA
SetHandleCount
FindClose
GetStringTypeA
GetCurrentThreadId
GetLocaleInfoW
RtlUnwind
GetSystemDirectoryW
SetStdHandle
InitializeCriticalSection
TerminateProcess
FindFirstFileA
VirtualQuery
QueryPerformanceCounter
TlsAlloc
GetTickCount
TlsSetValue
InterlockedExchange
CreateFileA
GetStartupInfoA
GetVersionExA
SetEnvironmentVariableA
GetFileType
WriteFile
GetStdHandle
GetPrivateProfileSectionNamesW
WideCharToMultiByte
WriteConsoleW
DeleteCriticalSection
CloseHandle
VirtualFree
HeapAlloc
SetUnhandledExceptionFilter
EnterCriticalSection
LoadLibraryA
GetStartupInfoW
CommConfigDialogA
EnumSystemLocalesA
Sleep
lstrcmpiW
GetLastError
GetTimeZoneInformation
TlsGetValue
GetDateFormatA
GetCommandLineW
HeapReAlloc
CreateMutexA
FreeEnvironmentStringsW
GetACP
WaitForSingleObject
GetConsoleMode
FlushFileBuffers
GetEnvironmentVariableW
GetConsoleOutputCP
IsDebuggerPresent
LeaveCriticalSection
GetEnvironmentStringsW
InterlockedDecrement
TlsFree
FindResourceW
GetDriveTypeA
GetNamedPipeInfo
InterlockedIncrement
GetCommandLineA
CompareStringA
UnhandledExceptionFilter
GetThreadPriority
CompareStringW
SetPriorityClass
RemoveDirectoryW
GetModuleFileNameA
MultiByteToWideChar
GetSystemTimeAsFileTime
HeapSize
GetEnvironmentStrings
OpenMutexA
GetModuleFileNameW
VirtualAlloc
LCMapStringA
GetStringTypeW
GetCurrentThread
IsValidCodePage
ExitProcess
GetCalendarInfoW
GetFileAttributesW
GetTimeFormatA
GetProcAddress
ReadFile
GetOEMCP

advapi32

RegSetValueW
CryptDeriveKey
CryptSetProviderA
RegOpenKeyA
RegEnumKeyExA
CryptSetProviderExA
CryptAcquireContextA
RegSetKeySecurity
CryptEnumProvidersW
RegRestoreKeyA
CryptImportKey
RegEnumValueA

wininet

InternetGoOnlineA
InternetGoOnline
FtpCommandA

comdlg32

GetSaveFileNameA
FindTextA
GetSaveFileNameW

user32

CharUpperBuffW
RegisterClassA
PeekMessageW
GetMenuStringW
SetProcessDefaultLayout
LoadCursorA
RegisterClassExA
VkKeyScanW
wvsprintfW
ActivateKeyboardLayout
EndMenu
CreateDesktopA
DlgDirSelectExW
DdeAbandonTransaction
DdeFreeStringHandle
OpenWindowStationA
CreateWindowStationA
CountClipboardFormats
SetLastErrorEx
ReleaseDC
GrayStringA

Sections

.text
Size: 191KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 315KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d96a0630406b0459d2228380d96386a0

Headers

File Characteristics

Imports

comctl32

kernel32

advapi32

wininet

comdlg32

user32

Sections

.text Size: 191KB - Virtual size: 191KB

.rdata Size: 10KB - Virtual size: 20KB

.data Size: 315KB - Virtual size: 315KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 191KB - Virtual size: 191KB

.rdata
Size: 10KB - Virtual size: 20KB

.data
Size: 315KB - Virtual size: 315KB

.rsrc
Size: 10KB - Virtual size: 9KB