768aa3d97055a4cdc74bc061264643a0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

768aa3d97055a4cdc74bc061264643a0N.exe
Size

491KB
MD5

768aa3d97055a4cdc74bc061264643a0
SHA1

e1f9c616e37d2e79972e9848674b3e067ca67680
SHA256

6eee27a4dceaabeee40e095a752e496a6741d972e7714e6916607d10622b0613
SHA512

f04c236abf41efa3c2c318fe110d9e9d0f30320e51e436b08e31f123655f543a534d1685be37a11274260b4cfba8439f0d6d7903eea28a3c679d37bb6fc0fc9c
SSDEEP

12288:uxkEeJ3xsYE1EnBGHfDJXGsDoqGTCsoeWBf8:MkE661EBsZVIBEf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
768aa3d97055a4cdc74bc061264643a0N.exe

Files

768aa3d97055a4cdc74bc061264643a0N.exe
.exe windows:4 windows x86 arch:x86

e26972a48a0c1711af3096a2d94f9ae0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

kernel32

GetCurrentThreadId
TlsSetValue
GetPrivateProfileSectionNamesW
SetConsoleCtrlHandler
HeapDestroy
IsValidLocale
GetCurrentProcess
LeaveCriticalSection
GetTimeZoneInformation
EnumCalendarInfoExA
MultiByteToWideChar
QueryPerformanceCounter
HeapFree
GetLocaleInfoW
UnhandledExceptionFilter
EnterCriticalSection
EnumDateFormatsW
GetProcAddress
SetEnvironmentVariableA
GetStringTypeA
HeapAlloc
GetModuleHandleA
FindResourceExW
SetStdHandle
TerminateProcess
TlsAlloc
GetVersionExA
MoveFileA
GetTickCount
GetExitCodeThread
FlushFileBuffers
IsDebuggerPresent
GetStartupInfoA
VirtualAlloc
GetConsoleOutputCP
CloseHandle
SetConsoleCursorInfo
LCMapStringW
GetFileType
Sleep
EnumSystemLocalesW
DeleteCriticalSection
WriteConsoleW
GetStdHandle
GetTimeFormatA
SetLastError
GetProcessHeap
LoadLibraryA
GetEnvironmentStringsW
CreateMailslotW
CreateEventA
GetCommandLineA
HeapSize
SetUnhandledExceptionFilter
GetEnvironmentStrings
SetFilePointer
CompareStringW
GetLocaleInfoA
GetDateFormatA
EnumDateFormatsExW
lstrcmpW
FreeEnvironmentStringsW
LCMapStringA
SetHandleCount
OpenWaitableTimerA
GetCurrentThread
GetLastError
GetConsoleMode
GetCPInfo
ExitProcess
GetTempPathW
ReadFile
WriteProfileSectionW
GetSystemTimeAsFileTime
InterlockedExchange
GetModuleFileNameA
GetOEMCP
RtlUnwind
GetACP
IsValidCodePage
lstrcpyA
GetStringTypeW
HeapReAlloc
CreateFileA
InitializeCriticalSection
GetConsoleCP
OpenFileMappingW
CompareStringA
VirtualQuery
OpenMutexA
GetUserDefaultLCID
WriteFile
EnumSystemLocalesA
GetCurrentProcessId
WideCharToMultiByte
CreateMutexA
SleepEx
WriteConsoleA
FreeLibrary
VirtualFree
FreeEnvironmentStringsA
TlsGetValue
TlsFree
InterlockedDecrement
InterlockedIncrement
HeapCreate

gdi32

SetFontEnumeration
CopyEnhMetaFileW
SetICMMode
PolylineTo
StartPage
GetGlyphOutlineW
WidenPath
SetMagicColors
GdiGetBatchLimit
GetKerningPairsA
CreateScalableFontResourceW
GetArcDirection
GetGlyphOutline
GetMetaFileBitsEx

user32

ChildWindowFromPointEx
MapVirtualKeyExA
SetDeskWallpaper
RegisterClassA
RegisterClassExA

advapi32

RegCreateKeyA
RegRestoreKeyA
CryptVerifySignatureA
RegDeleteValueW
RegEnumKeyExA
RegFlushKey
LogonUserA
DuplicateTokenEx
RegDeleteValueA
LookupPrivilegeNameA
RegLoadKeyA
AbortSystemShutdownW
CryptDestroyHash
CryptDeriveKey
CryptAcquireContextW
RegRestoreKeyW
RegConnectRegistryW
CryptGetDefaultProviderA
CreateServiceW
CryptSetProviderA
RegCloseKey
InitializeSecurityDescriptor
CreateServiceA
CryptExportKey
LookupAccountNameA

wininet

InternetDial
InternetSetDialStateW
InternetGetLastResponseInfoW
HttpSendRequestW
FindCloseUrlCache
InternetAttemptConnect

comdlg32

FindTextW

Sections

.text
Size: 334KB - Virtual size: 334KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 39KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e26972a48a0c1711af3096a2d94f9ae0

Headers

File Characteristics

Imports

comctl32

kernel32

gdi32

user32

advapi32

wininet

comdlg32

Sections

.text Size: 334KB - Virtual size: 334KB

.rdata Size: 39KB - Virtual size: 49KB

.data Size: 105KB - Virtual size: 105KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 334KB - Virtual size: 334KB

.rdata
Size: 39KB - Virtual size: 49KB

.data
Size: 105KB - Virtual size: 105KB

.rsrc
Size: 11KB - Virtual size: 10KB