454345e4eec9296cdaf7febeacdd66b0N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

454345e4eec9296cdaf7febeacdd66b0N.exe
Size

305KB
MD5

454345e4eec9296cdaf7febeacdd66b0
SHA1

ea4bd2154d40ba5fa61ffd9fd10e9bcf01dfb97a
SHA256

56718ecd170133150e16dd60aebb601350e87a1e324cea7e6bae5fe344b0fe7a
SHA512

de82ae71ea767799b6087cba7ecd2bf6aa73d5bb56f6f259aba9e473ca6ff9b36cd0590ba6af7bbd52bcddb8fb31a7b9208d8b69982e6314596b074f92df03f7
SSDEEP

6144:Z87AmIPc90rCJ0RTce4glW8sn6ILwtNUroDrIgnTRvriTK72IZVRaNyw5ZGg:RmIPc+rCJ0b4g48FIloDrBnTR2caz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
454345e4eec9296cdaf7febeacdd66b0N.exe

Files

454345e4eec9296cdaf7febeacdd66b0N.exe
.exe windows:4 windows x86 arch:x86

a50cbc547fa49571d6ac6fa9649a4ab4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
CreateMutexA
InterlockedIncrement
SetTimeZoneInformation
RtlUnwind
GetStartupInfoW
CreateSemaphoreA
GetCurrentProcess
GetLocaleInfoW
VirtualAlloc
IsValidLocale
InitializeCriticalSectionAndSpinCount
HeapReAlloc
GetEnvironmentStringsW
lstrcatA
GetDateFormatA
EnterCriticalSection
IsValidCodePage
GetModuleFileNameA
FreeEnvironmentStringsW
GetStartupInfoA
ExitProcess
GetCPInfo
GetOEMCP
WriteFile
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
GetModuleFileNameW
DeleteCriticalSection
GetUserDefaultLCID
QueryPerformanceCounter
Sleep
MultiByteToWideChar
GetFileAttributesExA
LeaveCriticalSection
SetLastError
CompareStringW
HeapAlloc
GetLastError
HeapFree
GetFileAttributesW
VirtualFree
GetCurrentProcessId
CreateMailslotA
GetStdHandle
WideCharToMultiByte
SetEnvironmentVariableA
GetTimeZoneInformation
GetNamedPipeInfo
GetCommandLineW
GetStringTypeA
EnumSystemLocalesA
TlsGetValue
SetConsoleCtrlHandler
DeleteAtom
GetSystemInfo
UnhandledExceptionFilter
TlsSetValue
TlsFree
GetTempPathA
EnumSystemLocalesW
LCMapStringW
GetThreadPriority
CompareStringA
SetConsoleCP
GetTimeFormatA
GetProcAddress
GetCurrentThread
GetFileType
WriteConsoleA
InterlockedDecrement
InterlockedExchange
HeapCreate
TlsAlloc
GetLocaleInfoA
VirtualQuery
SetUnhandledExceptionFilter
SetHandleCount
GetDriveTypeW
IsDebuggerPresent
GetCurrentThreadId
HeapDestroy
CreateDirectoryW
TerminateProcess
GetACP
HeapSize
CreateFileMappingA
GetModuleHandleA
LCMapStringA
GetModuleHandleW
GetStringTypeW

comdlg32

ChooseFontW
FindTextW
GetOpenFileNameA
PageSetupDlgA
PrintDlgW
FindTextA
GetFileTitleA
PageSetupDlgW
GetFileTitleW
GetSaveFileNameW
GetOpenFileNameW
ChooseColorW
PrintDlgA
ChooseColorA
GetSaveFileNameA
LoadAlterBitmap
ReplaceTextA
ReplaceTextW

wininet

FindNextUrlCacheContainerW
DeleteUrlCacheContainerA
InternetAlgIdToStringA
InternetWriteFile

Sections

.text
Size: 150KB - Virtual size: 149KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a50cbc547fa49571d6ac6fa9649a4ab4

Headers

File Characteristics

Imports

kernel32

comdlg32

wininet

Sections

.text Size: 150KB - Virtual size: 149KB

.data Size: 141KB - Virtual size: 140KB

.rsrc Size: 13KB - Virtual size: 13KB

.text
Size: 150KB - Virtual size: 149KB

.data
Size: 141KB - Virtual size: 140KB

.rsrc
Size: 13KB - Virtual size: 13KB