5055935b628bef8a088704707fd43d30N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

5055935b628bef8a088704707fd43d30N.exe
Size

484KB
MD5

5055935b628bef8a088704707fd43d30
SHA1

8438d7f19f9fbdf9f620ff0d73de418488249689
SHA256

0af9b65ff884e713c93190e483a207adf1923b55c985517cfc612b048d9b52ab
SHA512

c1ace16793499afe63b2030afecb78bae8737337284d980c328651d434b815628673e4782233c6b9e1038c6e10a670361fb36de11740d474e03c61b13161af12
SSDEEP

12288:uPcw9dXIsbfP5sCLoc03lGy7FRsX6t/+3+J22dX/lLZXM:GR4dv/rM2zLZXM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5055935b628bef8a088704707fd43d30N.exe

Files

5055935b628bef8a088704707fd43d30N.exe
.exe windows:4 windows x86 arch:x86

e257b73a2f20c7f706bb591f207e38e8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

FindTextW
GetFileTitleW
PrintDlgA
ChooseFontW
LoadAlterBitmap
ReplaceTextA
ReplaceTextW
ChooseColorA
GetOpenFileNameA
PageSetupDlgW
GetFileTitleA
FindTextA
ChooseFontA

advapi32

CryptDecrypt
CryptSetProviderExA
LookupPrivilegeDisplayNameA
CryptExportKey
RegSetValueW
StartServiceA
DuplicateToken
CreateServiceA
CryptSetProvParam
RegCreateKeyW
RegConnectRegistryA
RegReplaceKeyA
RegCreateKeyExW
RegRestoreKeyA
InitiateSystemShutdownA
RevertToSelf
RegQueryMultipleValuesW
RegLoadKeyA
CryptGenKey
RegReplaceKeyW
DuplicateTokenEx

user32

LoadAcceleratorsA
ShowCursor
EnumPropsExA
TileChildWindows
ClipCursor
MapVirtualKeyExW
GetClassInfoW
PostThreadMessageW

shell32

SHFormatDrive
SHEmptyRecycleBinA
SHFileOperationW
SheChangeDirExW
SHQueryRecycleBinA
DragQueryFile
DragFinish
ExtractAssociatedIconA
SHFreeNameMappings
SHBrowseForFolderW
SheChangeDirA
SHLoadInProc
ShellExecuteEx
SHGetPathFromIDListA
RealShellExecuteA

kernel32

VirtualQuery
InterlockedDecrement
Sleep
CreateSemaphoreA
ReleaseMutex
SetLastError
TerminateProcess
TransmitCommChar
GetDateFormatA
WaitCommEvent
GetStringTypeW
WriteFile
FormatMessageA
EnumCalendarInfoW
GetLastError
LeaveCriticalSection
GetProcAddress
SetCriticalSectionSpinCount
GetTimeFormatA
GetCPInfo
GetVersionExA
GetLocaleInfoA
DeleteCriticalSection
GetStringTypeA
OpenWaitableTimerA
TlsFree
SetUnhandledExceptionFilter
QueryPerformanceCounter
TlsGetValue
GetTickCount
ExitProcess
MultiByteToWideChar
GetCurrentThread
GetModuleHandleA
HeapSize
GetTimeFormatW
IsValidLocale
EnterCriticalSection
HeapAlloc
GetOEMCP
HeapDestroy
VirtualFree
FreeEnvironmentStringsA
HeapReAlloc
IsDebuggerPresent
LCMapStringA
CompareStringW
GetFileType
UnhandledExceptionFilter
FreeEnvironmentStringsW
HeapCreate
WaitForMultipleObjectsEx
GetProcessHeap
SetConsoleCtrlHandler
LoadLibraryA
GetACP
GetCurrentProcessId
LCMapStringW
FreeLibrary
ConvertDefaultLocale
GetModuleFileNameA
ResumeThread
OpenEventA
GetCurrentThreadId
InterlockedExchange
RtlUnwind
GetStartupInfoA
TlsAlloc
GetSystemTimeAsFileTime
EnumSystemLocalesA
VirtualAlloc
InterlockedIncrement
GetCommandLineA
InitializeCriticalSection
IsValidCodePage
GetStdHandle
GetEnvironmentStringsW
GetUserDefaultLCID
SetEnvironmentVariableA
GetLocaleInfoW
HeapFree
GetTimeZoneInformation
CompareStringA
GetCurrentProcess
GetEnvironmentStrings
SetHandleCount
LocalShrink
WideCharToMultiByte
TlsSetValue

wininet

FtpRemoveDirectoryW
InternetCanonicalizeUrlA
FtpCommandW
InternetGetConnectedStateExW
InternetConnectW
FindFirstUrlCacheEntryExA
IsUrlCacheEntryExpiredA
FreeUrlCacheSpaceW
InternetCloseHandle
GopherFindFirstFileW
SetUrlCacheConfigInfoW
DetectAutoProxyUrl
SetUrlCacheHeaderData
HttpAddRequestHeadersA
GopherGetLocatorTypeW
InternetInitializeAutoProxyDll
FtpPutFileW

Sections

.text
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 312KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e257b73a2f20c7f706bb591f207e38e8

Headers

File Characteristics

Imports

comdlg32

advapi32

user32

shell32

kernel32

wininet

Sections

.text Size: 164KB - Virtual size: 164KB

.data Size: 312KB - Virtual size: 312KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 164KB - Virtual size: 164KB

.data
Size: 312KB - Virtual size: 312KB

.rsrc
Size: 6KB - Virtual size: 5KB