7d1d215221ca0cf1399994bf3041d610N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

7d1d215221ca0cf1399994bf3041d610N.exe
Size

480KB
MD5

7d1d215221ca0cf1399994bf3041d610
SHA1

a922d865f53d3bb1cba6904852768dc59104dc26
SHA256

90742e3bfaf481b26d57dbb8e109b895e4c36c9cab8988f469715585653235bc
SHA512

3ae40ed249d45eff998184bd7417164c79184b62442b48eef6f86eab05950a3f692eb992bae1e642d619ba94d541e1a914ff843ce343916b171df22c4d0e244a
SSDEEP

12288:aVGloJrP/3o8AdFPtxeF2QOpUYzi+T3y6r+f7qtwET:aoQrP/HSFx+xPY1Ty6yf+tw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7d1d215221ca0cf1399994bf3041d610N.exe

Files

7d1d215221ca0cf1399994bf3041d610N.exe
.exe windows:4 windows x86 arch:x86

bc35c91c3d95dce921f01a436869fe69

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\NTOHMPM\MYJPXE\EGQEQYT\FLEAEALIE\TEEE\TXCN.PDB

Imports

comdlg32

FindTextA
GetFileTitleA
PrintDlgW
ChooseFontW

kernel32

GetFileType
VirtualQuery
GetCPInfo
OpenMutexA
ExitProcess
TlsGetValue
VirtualFree
SetLastError
LoadLibraryA
SetConsoleCP
TlsAlloc
DeleteCriticalSection
GetCommandLineA
SetFilePointer
HeapAlloc
SetEnvironmentVariableA
InterlockedExchange
GetStartupInfoA
GetStdHandle
GetStringTypeA
CompareStringW
GetSystemTime
LeaveCriticalSection
CompareStringA
ReadFile
GetStartupInfoW
FreeEnvironmentStringsW
InterlockedDecrement
GetProcAddress
HeapCreate
HeapDestroy
GetCurrentProcessId
GetCurrentThreadId
GetLocalTime
GetModuleFileNameW
GetTimeZoneInformation
GlobalAddAtomW
WriteFile
InitializeCriticalSection
CloseHandle
RtlUnwind
GetCurrentProcess
GetLastError
LCMapStringA
LCMapStringW
IsBadWritePtr
GetTickCount
TlsFree
TlsSetValue
SetStdHandle
GetModuleFileNameA
QueryPerformanceCounter
GetVersion
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
WideCharToMultiByte
GetStringTypeW
GetCurrentThread
TerminateProcess
EnterCriticalSection
InterlockedIncrement
MultiByteToWideChar
GetSystemTimeAsFileTime
FlushFileBuffers
GetCommandLineW
GetProcessShutdownParameters
UnhandledExceptionFilter
VirtualAlloc
HeapReAlloc
CreateMutexA
GetEnvironmentVariableW
SetHandleCount
GetModuleHandleA
HeapFree

comctl32

InitCommonControlsEx

user32

GetTabbedTextExtentW
GetTopWindow
SetMenu
GetMenuItemID
DlgDirListA
SendDlgItemMessageA
DrawFrame
CreateIconFromResourceEx
GetDCEx
RegisterClassA
CountClipboardFormats
DrawFrameControl
UnregisterHotKey
WinHelpA
RegisterClassExA

Sections

.text
Size: 341KB - Virtual size: 340KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bc35c91c3d95dce921f01a436869fe69

Headers

File Characteristics

PDB Paths

Imports

comdlg32

kernel32

comctl32

user32

Sections

.text Size: 341KB - Virtual size: 340KB

.rdata Size: 19KB - Virtual size: 37KB

.data Size: 104KB - Virtual size: 104KB

.rsrc Size: 14KB - Virtual size: 14KB

.text
Size: 341KB - Virtual size: 340KB

.rdata
Size: 19KB - Virtual size: 37KB

.data
Size: 104KB - Virtual size: 104KB

.rsrc
Size: 14KB - Virtual size: 14KB