42e59c588c65bc9e3808145496f9d7a0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

42e59c588c65bc9e3808145496f9d7a0N.exe
Size

227KB
MD5

42e59c588c65bc9e3808145496f9d7a0
SHA1

32ee07b81a42fb9005c4e89543990954013f8915
SHA256

0f6eb1a728d82ef5d247a1be3d1ec3b2782be95ab7afb0ece7173bdc824b5488
SHA512

e913c00faed48956365cb986e8d37dedf00c043218bd9e2b00543baebeb9766123b8175831664a269343197b7f564d1ae3ad2373f62e3f49105167dea3753111
SSDEEP

3072:ex/sOFAWqz5HHF0rD5iRS9b+2NxGfKx5M/pPh1GcZW32oBPQgJOnX9CNhZ8gmg3G:QU9WkHHFEDqSJ+UGa54pDW32ciZgH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42e59c588c65bc9e3808145496f9d7a0N.exe

Files

42e59c588c65bc9e3808145496f9d7a0N.exe
.exe windows:4 windows x86 arch:x86

76646734a780abbf81f0e3764279379a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHEmptyRecycleBinA
SHFileOperationA
SheChangeDirA
SHGetPathFromIDListA
SHInvokePrinterCommandW
DragQueryPoint
ExtractIconExA
DuplicateIcon
SheGetDirA
SHQueryRecycleBinA
FreeIconList
SHGetFileInfoA
SHGetNewLinkInfo
SHQueryRecycleBinW

wininet

InternetAlgIdToStringA
GetUrlCacheGroupAttributeA
FtpCommandW
InternetGoOnlineA
FindFirstUrlCacheContainerW
InternetCheckConnectionA
HttpAddRequestHeadersW
InternetTimeFromSystemTime
InternetSecurityProtocolToStringW
ReadUrlCacheEntryStream
SetUrlCacheEntryGroupA
InternetQueryFortezzaStatus
InternetCreateUrlA
DeleteUrlCacheContainerW
InternetAlgIdToStringW
InternetCloseHandle
InternetUnlockRequestFile
HttpQueryInfoW
UnlockUrlCacheEntryFileA
InternetConnectA
FtpCommandA
SetUrlCacheGroupAttributeA
FtpFindFirstFileA
RetrieveUrlCacheEntryFileA

user32

ValidateRect
UnhookWinEvent
DdeInitializeA
DeferWindowPos
CreateAcceleratorTableA
MsgWaitForMultipleObjects
DispatchMessageW

comdlg32

LoadAlterBitmap
PrintDlgW
ChooseColorA
GetOpenFileNameW
ReplaceTextW
ReplaceTextA
FindTextW
GetSaveFileNameW
GetFileTitleW
ChooseFontW
GetOpenFileNameA
FindTextA
PageSetupDlgA
ChooseFontA
ChooseColorW
GetFileTitleA
PageSetupDlgW

kernel32

FoldStringW
HeapDestroy
GetTickCount
CreateSemaphoreA
HeapAlloc
TerminateProcess
GetStartupInfoW
EnterCriticalSection
GetCommandLineA
TlsAlloc
FreeEnvironmentStringsW
VirtualFree
GetModuleFileNameW
InterlockedCompareExchange
HeapFree
VirtualProtect
GetVolumeInformationW
VirtualQuery
LeaveCriticalSection
ExitProcess
GetDriveTypeA
HeapReAlloc
GetModuleHandleA
HeapCreate
TlsSetValue
GetStdHandle
GetProfileSectionW
GetLastError
GetCommandLineW
GetEnvironmentStrings
GetCurrentThread
TlsGetValue
GetEnvironmentStringsW
EnumResourceNamesA
GetStartupInfoA
WriteFile
GetVersion
GetCurrentProcessId
GetModuleFileNameA
QueryPerformanceCounter
MultiByteToWideChar
SetHandleCount
GetCurrentThreadId
UnhandledExceptionFilter
RtlUnwind
WaitForSingleObject
FreeEnvironmentStringsA
SetLastError
GetCurrentProcess
GetSystemTimeAsFileTime
InitializeCriticalSection
LocalReAlloc
EnumCalendarInfoExW
GetProcAddress
GlobalHandle
VirtualAlloc
GetFileType
TlsFree
GetPrivateProfileSectionA
InterlockedExchange
IsBadWritePtr
GetWindowsDirectoryA
DeleteCriticalSection
GetLogicalDrives
lstrcpyA
LoadLibraryA

advapi32

CryptDeriveKey
RegOpenKeyW
CryptSetHashParam
CryptSetProviderExA
LookupPrivilegeDisplayNameA
CryptAcquireContextW
CreateServiceW
GetUserNameW
RegConnectRegistryA
CryptReleaseContext
LookupPrivilegeValueA
StartServiceA
RegLoadKeyA

Sections

.text
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

76646734a780abbf81f0e3764279379a

Headers

File Characteristics

Imports

shell32

wininet

user32

comdlg32

kernel32

advapi32

Sections

.text Size: 109KB - Virtual size: 108KB

.data Size: 104KB - Virtual size: 103KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 109KB - Virtual size: 108KB

.data
Size: 104KB - Virtual size: 103KB

.rsrc
Size: 13KB - Virtual size: 12KB