78e860e642e9ab5b145ab349f0cb4760N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

78e860e642e9ab5b145ab349f0cb4760N.exe
Size

424KB
MD5

78e860e642e9ab5b145ab349f0cb4760
SHA1

77dbe2f752e1729c341953060ae18b53882bf76c
SHA256

5390c859ef0e5732ccad63792c1ebf000211827e3e4fb2c5b71502ac593cfab2
SHA512

e2b80743458611cb2e898643dba03303e095e6af43f4589305bfad5590a610b46de220e5c1cadb166bbea19ae25702b1bff8e7ef28eb26fd306c4c013c40063c
SSDEEP

6144:u6GqabBgiMUX5aPk+ODj1cwvh62Z03W8U7NxAZ1n7:BSVgiMUJawvw2IWvp61n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
78e860e642e9ab5b145ab349f0cb4760N.exe

Files

78e860e642e9ab5b145ab349f0cb4760N.exe
.exe windows:4 windows x86 arch:x86

bdbf824c50e553ffa464fbf1f8354d03

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\zooe

Imports

comctl32

MakeDragList
CreateStatusWindowW
ImageList_SetBkColor
ImageList_Remove
ImageList_GetFlags
GetEffectiveClientRect
InitCommonControlsEx

gdi32

CreateICA
GetColorAdjustment
CreateEnhMetaFileA
GetICMProfileA
CreateDCA
SelectClipRgn
DrawEscape
SetViewportExtEx
PolylineTo
DeleteColorSpace
GetWorldTransform
GetObjectW
GetLogColorSpaceW
GetDeviceCaps
ChoosePixelFormat
CreateMetaFileW
CopyMetaFileA
DeleteDC

advapi32

CryptDuplicateHash
RegReplaceKeyA
RegLoadKeyA
LookupAccountSidW
RegReplaceKeyW
CryptEnumProviderTypesW
RegCreateKeyW
CryptSignHashW
CryptContextAddRef
CryptGenRandom
AbortSystemShutdownW
RegQueryMultipleValuesW
CryptEncrypt
LogonUserW
RegOpenKeyExW

user32

CopyAcceleratorTableW
SetCursorPos
DestroyWindow
CloseClipboard
WinHelpA
GetGuiResources
SetClassLongA
SetMessageExtraInfo
DefDlgProcA
GetNextDlgGroupItem
WindowFromDC
DdeCreateStringHandleW
ChangeDisplaySettingsExW
DragDetect
LoadImageW
LoadCursorFromFileA
SetThreadDesktop
MessageBoxIndirectA
SetMenuInfo
GetListBoxInfo
ClipCursor
MapWindowPoints
DrawFrame
IsWindowEnabled
InternalGetWindowText
DlgDirSelectExW
DdeInitializeA
PtInRect
CascadeWindows
MonitorFromRect
OemToCharW
EnumDisplaySettingsExW
RegisterClassExA
IsCharUpperW
DefWindowProcA
GetThreadDesktop
IsIconic
DdeAccessData
CharUpperW
GetLastActivePopup
GetPropW
DefWindowProcW
CreateMDIWindowA
EnumClipboardFormats
MessageBoxA
GetPropA
CharToOemBuffA
GetCapture
CharLowerW
RegisterClassA
CreateWindowExA
SetClassWord
ShowWindow
MapVirtualKeyA
CharNextW
RemoveMenu
CascadeChildWindows
UnhookWindowsHook
CopyAcceleratorTableA
GetScrollBarInfo
GetDlgItemTextW
ReuseDDElParam
AppendMenuW
DdeSetUserHandle
CheckDlgButton
GetClassNameW
CharLowerA
OpenWindowStationA
GetWindowThreadProcessId
BroadcastSystemMessageA
FlashWindow
DrawIcon
PostMessageW

wininet

GetUrlCacheEntryInfoW
HttpCheckDavCompliance
InternetCrackUrlW
DeleteUrlCacheEntry
FtpOpenFileA
DeleteUrlCacheGroup
InternetSecurityProtocolToStringA
InternetOpenUrlA

kernel32

GetEnvironmentStrings
GetACP
LeaveCriticalSection
GetModuleHandleA
LocalSize
VirtualFree
GetSystemTimeAsFileTime
CompareStringA
GetStringTypeW
OpenMutexA
IsValidLocale
GetDateFormatA
VirtualQuery
ReadFile
CreateDirectoryExW
VirtualAlloc
GetLocaleInfoA
GetModuleFileNameA
LCMapStringA
EnterCriticalSection
GetProcessHeap
GlobalGetAtomNameW
GetCommandLineA
WriteConsoleA
EnumSystemLocalesA
GetUserDefaultLCID
InterlockedDecrement
Sleep
GetEnvironmentStringsW
LoadLibraryA
InterlockedIncrement
GetCurrentThreadId
LCMapStringW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetTimeZoneInformation
TlsFree
FreeLibrary
SetHandleCount
SetStdHandle
GetCurrentProcessId
InterlockedExchange
IsDebuggerPresent
WriteFile
UnhandledExceptionFilter
GetStdHandle
SetEnvironmentVariableA
TerminateProcess
GetCurrentThread
WriteConsoleW
GetTickCount
ReadFileEx
InterlockedExchangeAdd
GetPrivateProfileIntW
GetStringTypeA
TlsSetValue
GetCurrentProcess
FileTimeToDosDateTime
HeapSize
CloseHandle
QueryPerformanceCounter
FreeEnvironmentStringsA
GetFileType
HeapReAlloc
SetConsoleCtrlHandler
SetFilePointer
HeapCreate
HeapFree
EnumResourceNamesA
GetConsoleMode
GetOEMCP
CreateMutexA
IsValidCodePage
RtlUnwind
GetModuleFileNameW
GetStartupInfoW
GetVersionExA
GetCPInfo
GetProcAddress
SetUnhandledExceptionFilter
SetLastError
ConvertDefaultLocale
VirtualQueryEx
GetConsoleCP
GetLocaleInfoW
FindResourceExA
GetCommandLineW
DosDateTimeToFileTime
ExitProcess
CreateFileA
GetLastError
GetStartupInfoA
FlushFileBuffers
GetTempPathW
InitializeCriticalSection
HeapAlloc
TlsGetValue
GetModuleHandleW
GetConsoleOutputCP
GetProcessAffinityMask
WideCharToMultiByte
TlsAlloc
MultiByteToWideChar
GetTimeFormatA
CompareStringW
HeapDestroy
DeleteCriticalSection

Sections

.text
Size: 164KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bdbf824c50e553ffa464fbf1f8354d03

Headers

File Characteristics

PDB Paths

Imports

comctl32

gdi32

advapi32

user32

wininet

kernel32

Sections

.text Size: 164KB - Virtual size: 161KB

.rdata Size: 92KB - Virtual size: 90KB

.data Size: 100KB - Virtual size: 110KB

.rsrc Size: 64KB - Virtual size: 60KB

.text
Size: 164KB - Virtual size: 161KB

.rdata
Size: 92KB - Virtual size: 90KB

.data
Size: 100KB - Virtual size: 110KB

.rsrc
Size: 64KB - Virtual size: 60KB