46d05720c624acde89e6d8a3441f4d80N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

46d05720c624acde89e6d8a3441f4d80N.exe
Size

1.4MB
MD5

46d05720c624acde89e6d8a3441f4d80
SHA1

807cec6ed3f9a5d231aae350daf1fe9d1786104e
SHA256

b75d5ff17f03b8cb3a26a66ecdb9a253ae05a2e9c36bf573880bdba7d6d7e94a
SHA512

884388b9ae8f5d999d7de30fac0ec9b5f4e67adecb9c6632bf2d3490d60df2b1415ad35031a11d2220ca997a0b8a539211e62bd153a121d88d42511b59e21696
SSDEEP

24576:zDIFsuFP4MgmgImi667nizFh11EQUqrBknG1Kn2AHzLVNX33va:z4Zy9zxz1EQLOG102qP3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
46d05720c624acde89e6d8a3441f4d80N.exe

Files

46d05720c624acde89e6d8a3441f4d80N.exe
.dll regsvr32 windows:6 windows x86 arch:x86

809283495e041b665af5e9393d46f5cf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msjet40.pdb

Imports

mswstr10

ord2
ord4
ord1

advapi32

GetUserNameA
OpenThreadToken
SetThreadToken
RegCloseKey
RegEnumKeyA
RegOpenKeyExA
RegQueryValueExA
RegEnumKeyW
RegEnumValueA
RegEnumValueW
RegOpenKeyExW
RegQueryInfoKeyA
RegQueryInfoKeyW
RegQueryValueExW

kernel32

SetEnvironmentVariableA
ReadConsoleW
GetDriveTypeA
SetStdHandle
DisableThreadLibraryCalls
CreateFileA
DeleteFileA
CloseHandle
GetLastError
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetLocalTime
GetTickCount
VirtualAlloc
VirtualFree
VirtualQuery
FreeLibrary
GetProcAddress
GetTempPathA
GetUserDefaultLCID
FindClose
FindFirstFileA
Sleep
LoadLibraryExA
GetLocaleInfoA
FlushFileBuffers
GetFileInformationByHandle
GetFileSize
GetFileType
LockFile
ReadFile
SetEndOfFile
SetFilePointer
UnlockFile
WriteFile
HeapAlloc
HeapFree
GetProcessHeap
SetThreadPriority
ResumeThread
GetSystemInfo
GlobalMemoryStatus
GetComputerNameA
SetEvent
ResetEvent
WaitForSingleObject
CreateEventA
CreateThread
GetCurrentThreadId
GetSystemTimeAsFileTime
GetDateFormatA
GetTimeFormatA
MultiByteToWideChar
WideCharToMultiByte
GetNumberFormatA
GetCurrencyFormatA
CreateFileW
DeleteFileW
FindFirstFileW
SetFilePointerEx
GetDriveTypeW
GetFileAttributesA
GetFileAttributesW
GetFullPathNameA
GetFullPathNameW
GetShortPathNameW
GetTempFileNameW
GetTempPathW
SetLastError
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
LoadLibraryExW
GetShortPathNameA
GetTempFileNameA
GetComputerNameW
GetLocaleInfoW
IsDBCSLeadByte
GetCurrentThread
IsDebuggerPresent
IsProcessorFeaturePresent
GetStringTypeW
HeapReAlloc
EncodePointer
DecodePointer
RtlUnwind
GetStdHandle
GetModuleHandleExW
WriteConsoleW
RaiseException
ExitThread
GetCommandLineA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
ExitProcess
AreFileApisANSI
GetTimeZoneInformation
HeapSize
OutputDebugStringW
QueryPerformanceCounter
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
CompareStringW
LCMapStringW
GetConsoleCP
GetConsoleMode

ole32

CoCreateGuid
CoCreateInstance

oleaut32

SysFreeString
SysStringByteLen
SysAllocStringByteLen
SysStringLen

user32

CharUpperW
MsgWaitForMultipleObjects
PeekMessageA
DispatchMessageA
TranslateMessage
CharUpperA

Exports

Exports

DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 304KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 171KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

809283495e041b665af5e9393d46f5cf

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mswstr10

advapi32

kernel32

ole32

oleaut32

user32

Exports

Exports

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.data Size: 29KB - Virtual size: 304KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 1024B - Virtual size: 920B

.reloc Size: 171KB - Virtual size: 171KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.data
Size: 29KB - Virtual size: 304KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 920B

.reloc
Size: 171KB - Virtual size: 171KB