7289cab1f3e1d32b8383de976fa7bec0N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

7289cab1f3e1d32b8383de976fa7bec0N.exe
Size

1.4MB
MD5

7289cab1f3e1d32b8383de976fa7bec0
SHA1

18300043708d86eb7bca8b156aaab889de32a14a
SHA256

83311a82f453e91df122340ff10b60a6cd4cfb71dd2d5735c332c9927677819c
SHA512

e248037adcb1d002fcd9c46747ca3d5e03f2fca31485ff760705e18e71310d4888006d4efa1b41108bb46e4216c0287695d44470c003bb2fec4d95428c883044
SSDEEP

24576:7kstgKtTuok1ZZFr9Ha8q5GQQpfnmcUsRxPFh:7vJTU95QQnRn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7289cab1f3e1d32b8383de976fa7bec0N.exe

Files

7289cab1f3e1d32b8383de976fa7bec0N.exe
.exe windows:5 windows x86 arch:x86

4bc5045c16b588a22a656902a260cb05

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiGetClassDevsExA
SetupDiGetDeviceInfoListDetailA
CM_Get_Device_ID_ExA
SetupDiSetClassInstallParamsA
SetupDiGetDeviceInstallParamsA
SetupCopyOEMInfA
SetupDiCallClassInstaller
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiDestroyDeviceInfoList

kernel32

LocalReAlloc
DeleteCriticalSection
GlobalFlags
GetCPInfo
GetOEMCP
SetErrorMode
InitializeCriticalSection
RtlUnwind
RaiseException
HeapFree
HeapAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
ExitThread
CreateThread
GetCommandLineA
GetStartupInfoA
HeapReAlloc
ExitProcess
HeapSize
GetACP
IsValidCodePage
HeapCreate
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GlobalHandle
GlobalReAlloc
EnterCriticalSection
LeaveCriticalSection
InterlockedIncrement
GetModuleHandleW
WritePrivateProfileStringA
SuspendThread
SetThreadPriority
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
lstrcmpA
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
lstrcmpW
InterlockedDecrement
GetModuleFileNameW
GetModuleHandleA
SetLastError
GlobalFree
GlobalAlloc
FormatMessageA
ResumeThread
MulDiv
GlobalLock
GlobalUnlock
WaitNamedPipeA
GetCurrentProcessId
ProcessIdToSessionId
FlushFileBuffers
VirtualAlloc
VirtualFree
GetWindowsDirectoryA
GetModuleFileNameA
SetFilePointer
GetFileSize
ReadFile
MultiByteToWideChar
FindFirstFileA
CreateFileA
WriteFile
FindClose
DeleteFileA
lstrlenA
LocalFree
LocalAlloc
LoadLibraryA
GetProcAddress
FreeLibrary
GetCurrentProcess
GetVersionExA
GetCurrentDirectoryA
InterlockedExchange
GetStdHandle
WideCharToMultiByte
SizeofResource
Sleep
GetTickCount
TerminateThread
WaitForSingleObject
ReleaseMutex
CreateMutexA
SetEvent
CloseHandle
CreateEventA
WaitForMultipleObjects
TlsGetValue
TlsSetValue
TlsFree
TlsAlloc
GetLastError
FindResourceA
LoadResource
LockResource

user32

DestroyMenu
UnregisterClassA
LoadCursorA
GetDesktopWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
SetCursor
GetMessageA
TranslateMessage
GetActiveWindow
GetCursorPos
ValidateRect
PostQuitMessage
GetWindowThreadProcessId
IsWindowEnabled
SetWindowTextA
IsDialogMessageA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
EnableMenuItem
CheckMenuItem
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
RemovePropA
GetFocus
IsWindow
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageA
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
InvalidateRect
EnableWindow
SendMessageA
GetWindowRect
GetClientRect
GetDC
GetKeyState
SetMenu
IsWindowVisible
UpdateWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
CopyRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
PtInRect
GetMenu
SetWindowPos
IsIconic
GetWindowPlacement
GetSystemMetrics
GetWindow
EndPaint
BeginPaint
GetPropA
ReleaseDC
GetParent
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
MessageBoxA
ShowWindow
SetForegroundWindow
FindWindowA
PostMessageA
GetSysColorBrush
GetSysColor
KillTimer
SetWindowLongA
GetWindowLongA
SetTimer
LoadBitmapA
FillRect
LoadIconA
ClientToScreen
ScreenToClient
UnhookWindowsHookEx
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
SystemParametersInfoA

gdi32

GetClipBox
SetMapMode
SetTextColor
SetStretchBltMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
GetStockObject
GetDeviceCaps
StretchBlt
CreateSolidBrush
Escape
TextOutA
RectVisible
PtVisible
GetTextExtentPoint32A
ExtTextOutA
GetPixel
BitBlt
CreateCompatibleBitmap
CreateFontIndirectA
GetObjectA
SelectObject
CreateCompatibleDC
CreateBitmap
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
DeleteObject

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCreateKeyExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
ChangeServiceConfig2A
LockServiceDatabase
ChangeServiceConfigA
UnlockServiceDatabase
CreateServiceA
RegQueryInfoKeyA
RegEnumValueA
StartServiceA
CloseServiceHandle
ControlService
DeleteService
RegSetValueExA
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
OpenSCManagerA
OpenServiceA
QueryServiceStatus
QueryServiceConfigA

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameA
PathFindExtensionA

oleaut32

VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 261KB - Virtual size: 261KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4bc5045c16b588a22a656902a260cb05

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

shlwapi

oleaut32

Sections

.text Size: 261KB - Virtual size: 261KB

.rdata Size: 65KB - Virtual size: 64KB

.data Size: 9KB - Virtual size: 24KB

.rsrc Size: 1.1MB - Virtual size: 1.1MB

.reloc Size: 39KB - Virtual size: 39KB

.text
Size: 261KB - Virtual size: 261KB

.rdata
Size: 65KB - Virtual size: 64KB

.data
Size: 9KB - Virtual size: 24KB

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

.reloc
Size: 39KB - Virtual size: 39KB