76fbae3699a912c9617829b9cbf9ee00N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

76fbae3699a912c9617829b9cbf9ee00N.exe
Size

447KB
MD5

76fbae3699a912c9617829b9cbf9ee00
SHA1

02c1fbd43b03988f357cec44d688fb76f618374d
SHA256

ea5e9cbec812ee25ce18664b27fd1a078025245af3f06e83fe3334cace54a3d1
SHA512

35f800f531ccdeba08e707a781a358dca91045df6ac15ba67103295ed2840a388128ac904f1a6efe92ac445cf40feec167ad77b70f1be478811583cee531d8e2
SSDEEP

12288:Rbzpk4xLbzQ7CdZ+7RQoPHCDdMzX39e4/w+y+d+JNdS:dz91ssGCJCn9+GKzS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
76fbae3699a912c9617829b9cbf9ee00N.exe

Files

76fbae3699a912c9617829b9cbf9ee00N.exe
.exe windows:4 windows x86 arch:x86

df05182545e029013a5fb5770a224d00

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringW
GetStringTypeW
GlobalReAlloc
GetCurrentDirectoryW
GetLocaleInfoA
GetProcessShutdownParameters
HeapAlloc
LoadLibraryA
TlsGetValue
LCMapStringW
VirtualFree
EnumResourceLanguagesW
GetEnvironmentStringsA
EnumSystemLocalesA
TlsAlloc
TlsFree
DeleteCriticalSection
GetStartupInfoA
GetStdHandle
GetMailslotInfo
SetHandleCount
GetCPInfo
GetStringTypeA
GetCommandLineA
FreeLibrary
GetTimeZoneInformation
UnhandledExceptionFilter
GetOEMCP
GetProcAddress
lstrcpyA
GetLocaleInfoW
WriteFile
GetTempPathW
GetACP
FillConsoleOutputCharacterA
GetUserDefaultLCID
VirtualQuery
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
EnterCriticalSection
HeapCreate
TlsSetValue
GetLastError
HeapReAlloc
IsValidLocale
ExitProcess
EnumCalendarInfoExA
WritePrivateProfileSectionW
VirtualAlloc
TerminateProcess
QueryPerformanceCounter
GetCurrentProcess
InitializeCriticalSection
GetModuleHandleA
GetEnvironmentStrings
HeapDestroy
HeapSize
GetCurrentThreadId
SetEnvironmentVariableA
VirtualProtect
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
GetModuleFileNameA
IsBadWritePtr
FreeEnvironmentStringsA
GetSystemDefaultLangID
GetTickCount
GetTimeFormatA
CompareStringA
GetDateFormatA
SetLastError
LeaveCriticalSection
RtlUnwind
GetCurrentThread
GetSystemTimeAsFileTime
InterlockedExchange
IsValidCodePage
Sleep
VirtualUnlock
GetFileType
ReleaseSemaphore
GetSystemInfo
GetVersionExA
HeapFree

user32

SetPropA
DlgDirListComboBoxA
SendIMEMessageExA
DdeDisconnect
SystemParametersInfoA
GetComboBoxInfo
FillRect
DlgDirSelectComboBoxExA
InternalGetWindowText
MapVirtualKeyW
TranslateMessage
EnumWindowStationsW
RegisterClassW
DdeAddData

gdi32

DeleteColorSpace
CopyMetaFileW
PlgBlt
SetSystemPaletteUse
AddFontResourceW
GetEnhMetaFilePaletteEntries
PlayMetaFile
CreatePolygonRgn
GetViewportExtEx

comdlg32

ChooseFontW
GetOpenFileNameW
LoadAlterBitmap
GetOpenFileNameA
GetSaveFileNameW
GetFileTitleA
GetFileTitleW
ChooseFontA
PageSetupDlgW
PrintDlgA
PageSetupDlgA
PrintDlgW
ReplaceTextA
FindTextW
GetSaveFileNameA

Sections

.text
Size: 131KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 308KB - Virtual size: 308KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

df05182545e029013a5fb5770a224d00

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

Sections

.text Size: 131KB - Virtual size: 131KB

.data Size: 308KB - Virtual size: 308KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 131KB - Virtual size: 131KB

.data
Size: 308KB - Virtual size: 308KB

.rsrc
Size: 6KB - Virtual size: 6KB