793b7842cb9fb11f5accdbe387fc12d0N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

793b7842cb9fb11f5accdbe387fc12d0N.exe
Size

2.7MB
MD5

793b7842cb9fb11f5accdbe387fc12d0
SHA1

77bbbfadb8bcc31cda8d8bd69db8390bea6086fa
SHA256

094d326fea6e876b6f4b5c1a315e1924f898c664d2fe4eaf2bafc6ff341b2e89
SHA512

4c8ff5538a08a8257c641b95e0b1ffe12285fafc5264a7c60ee29f4796569d4e74e281b2371c9012322aabec15ab0e154ce1300bedbb776975decd998ad6257c
SSDEEP

49152:Zy1hBKKjEL0G6gchOXy+IrNUOGQnm/F3/h5n8R1KQp0J:01hBKKGhdcOXy+IrNUOGQnmJh58zKB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
793b7842cb9fb11f5accdbe387fc12d0N.exe

Files

793b7842cb9fb11f5accdbe387fc12d0N.exe
.exe windows:4 windows x86 arch:x86

5c7833ffc2f4389b481b8c7cb5aa6618

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
EnterCriticalSection
GetProcAddress
LoadLibraryA
GetLastError
GetModuleHandleA
QueryDosDeviceA
GetDriveTypeA
FreeLibrary
GetFileAttributesA
GetFullPathNameA
GetModuleFileNameA
GetCurrentDirectoryA
GlobalAddAtomA
GlobalDeleteAtom
GetTickCount
GetCurrentThreadId
FindClose
FindNextFileA
FindFirstFileA
GetWindowsDirectoryA
GetCurrentProcess
SetLastError
LockResource
LoadResource
FindResourceExA
SizeofResource
FindResourceA
CloseHandle
GetCommandLineA
lstrcmpiA
GetVersionExA
GetSystemInfo
GetSystemDirectoryA
GlobalMemoryStatus
GetDiskFreeSpaceA
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetStartupInfoA
TerminateProcess
HeapAlloc
HeapFree
GlobalFree
GlobalAlloc
MultiByteToWideChar
DeleteFileA
lstrcmpA
FlushFileBuffers
CreateFileA
lstrcatA
GetFileSize
InitializeCriticalSection
DeleteCriticalSection
QueryPerformanceFrequency
QueryPerformanceCounter
GetTempPathA
OutputDebugStringA
WriteFile
LocalFree
FormatMessageA
GetSystemDefaultLangID
GetUserDefaultLangID
WideCharToMultiByte
GetEnvironmentVariableA
GetShortPathNameA
GetLocaleInfoA
ResumeThread
SetThreadAffinityMask
CreateThread
GetProcessAffinityMask
MoveFileA
Sleep
CompareFileTime
GetFileTime
OpenFile
GetPrivateProfileStringA
WritePrivateProfileStringA
CreateMutexA
OpenMutexA
LocalAlloc
InterlockedExchange
RaiseException
GlobalUnlock
GlobalLock
lstrcpyA
GlobalFindAtomA
GlobalGetAtomNameA
GetVersion
InterlockedDecrement
InterlockedIncrement
lstrlenA
GetCurrentThread
lstrcpynA
MulDiv
DuplicateHandle
ReadFile
SetFilePointer
LockFile
UnlockFile
SetEndOfFile
GetVolumeInformationA
GetThreadLocale
GlobalFlags
TlsAlloc
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GetProcessVersion
GetCPInfo
GetOEMCP
FileTimeToSystemTime
FileTimeToLocalFileTime
SetErrorMode
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
ExitProcess
HeapReAlloc
HeapSize
GetACP
SetStdHandle
GetFileType
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA

oledlg

ord8

ole32

OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
CoRegisterMessageFilter
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID

olepro32

ord253

oleaut32

SysStringLen
SysAllocStringByteLen
SysAllocString
VariantChangeType
VariantCopy
VariantTimeToSystemTime
VariantClear
SysAllocStringLen
SysFreeString

Sections

.text
Size: 356KB - Virtual size: 352KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 48KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5c7833ffc2f4389b481b8c7cb5aa6618

Headers

File Characteristics

Imports

kernel32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 356KB - Virtual size: 352KB

.rdata Size: 68KB - Virtual size: 66KB

.data Size: 48KB - Virtual size: 128KB

.rsrc Size: 2.2MB - Virtual size: 2.2MB

.text
Size: 356KB - Virtual size: 352KB

.rdata
Size: 68KB - Virtual size: 66KB

.data
Size: 48KB - Virtual size: 128KB

.rsrc
Size: 2.2MB - Virtual size: 2.2MB