80fb18844c049bf394d30014d5546640N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

80fb18844c049bf394d30014d5546640N.exe
Size

527KB
MD5

80fb18844c049bf394d30014d5546640
SHA1

4753328883f8f12d659186be8c291ee09e5a122f
SHA256

6553aae70d3e4708539a41217c9c3235b16d919781264deb7907e238c95815fe
SHA512

68c5972c295fad583f0e3bc36fd12e4c93aab122f8f4f0bfbd09b8a36185bcfddf5005b6fbc022d0871b6e3a8f2d06d15893c3799a5816c03a275288afae25e7
SSDEEP

12288:o+HMMjY382qJ50C3g/xqn/W4TQV8M1q0wA:hHWszQCQ5qn/WKQHq0w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
80fb18844c049bf394d30014d5546640N.exe

Files

80fb18844c049bf394d30014d5546640N.exe
.exe windows:4 windows x86 arch:x86

8639b915d1670cc71b3ce92cbcf03fa8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringA
GetStartupInfoA
FlushFileBuffers
FreeEnvironmentStringsW
HeapCreate
IsValidCodePage
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
GetSystemInfo
DeleteCriticalSection
GetSystemTimeAsFileTime
GetTickCount
RtlUnwind
FreeEnvironmentStringsA
SetLastError
ContinueDebugEvent
VirtualProtect
HeapReAlloc
HeapAlloc
InterlockedExchange
IsValidLocale
HeapDestroy
ReadFile
GetThreadTimes
GetTimeZoneInformation
UnhandledExceptionFilter
TlsFree
VirtualQuery
GetVersionExA
SetEnvironmentVariableA
EnterCriticalSection
GetCurrentThreadId
GetCurrentDirectoryA
MoveFileExW
GetLastError
GetStringTypeW
LeaveCriticalSection
TlsSetValue
LCMapStringW
GetCurrentProcess
GetProcessHeap
GetStringTypeA
GetTimeFormatA
SetFilePointer
GetModuleFileNameA
GetFileType
CompareStringW
OpenMutexA
WriteFile
GetEnvironmentStrings
ExitProcess
IsBadWritePtr
UnlockFileEx
GetStdHandle
InitializeCriticalSection
GetCommandLineA
LoadLibraryA
TlsGetValue
GetTempPathW
CreateMutexA
GetOEMCP
VirtualAlloc
CloseHandle
QueryPerformanceCounter
GetACP
TerminateProcess
SetStdHandle
VirtualFree
SetHandleCount
GetCPInfo
GetCurrentThread
GetCalendarInfoW
GetEnvironmentStringsW
MultiByteToWideChar
HeapFree
HeapSize
CompareStringA
GetModuleHandleA
TlsAlloc
CreateToolhelp32Snapshot
WriteConsoleOutputW
GetDateFormatA
GetLocaleInfoW
WideCharToMultiByte
GetProcAddress
GetCurrentProcessId
GetNamedPipeHandleStateA

gdi32

GetTextMetricsW

comctl32

InitCommonControlsEx

user32

RegisterClassExA
DdeConnect
GetFocus
ChangeDisplaySettingsExW
SetWindowTextA
ShowScrollBar
ScrollDC
CheckMenuRadioItem
SetRectEmpty
DdeDisconnect
RealGetWindowClass
OemToCharW
CreateWindowExA
RegisterClassA
SetDoubleClickTime
SetCaretBlinkTime
PackDDElParam

Sections

.text
Size: 190KB - Virtual size: 189KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 313KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8639b915d1670cc71b3ce92cbcf03fa8

Headers

File Characteristics

Imports

kernel32

gdi32

comctl32

user32

Sections

.text Size: 190KB - Virtual size: 189KB

.rdata Size: 8KB - Virtual size: 12KB

.data Size: 313KB - Virtual size: 313KB

.rsrc Size: 14KB - Virtual size: 14KB

.text
Size: 190KB - Virtual size: 189KB

.rdata
Size: 8KB - Virtual size: 12KB

.data
Size: 313KB - Virtual size: 313KB

.rsrc
Size: 14KB - Virtual size: 14KB