8b78c375d91108625cea03beaf572270N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

8b78c375d91108625cea03beaf572270N.exe
Size

511KB
MD5

8b78c375d91108625cea03beaf572270
SHA1

2101ce60a7a5e12cd36428bec8abd9922f367a8c
SHA256

3559e85a26f1ead58383b24c4a28d5fb9dbda25dd23f6f85f87a346782196fbe
SHA512

4701d432e6553eba2ce81433f07daa177b1bbdbfc816f75cef3e4f75705b21182617509dcd2c0c71e9d510ac1a010ae4e118a5d3f43676ecde36d9206db8bdb3
SSDEEP

6144:CsagpPs/9u4myCKdHT6xCLyUt2hQPwc9dTN699tyTAEyYxuEHKI33U5HifvM/OI7:/aCd475YFUhwc9N4LNYgI9eHqvE7z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b78c375d91108625cea03beaf572270N.exe

Files

8b78c375d91108625cea03beaf572270N.exe
.exe windows:4 windows x86 arch:x86

c6e2d38aca769bc687e0af2b73a8ef41

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

kernel32

FindResourceW
GetEnvironmentStringsW
GetConsoleScreenBufferInfo
VirtualFree
TerminateProcess
SetStdHandle
RemoveDirectoryW
GetTickCount
GetCurrentProcessId
VirtualAlloc
CreateMutexA
SetEnvironmentVariableA
GetModuleFileNameA
RtlFillMemory
CompareStringW
GetCPInfo
HeapDestroy
UnhandledExceptionFilter
SetFilePointer
CloseHandle
GetProcAddress
FreeEnvironmentStringsW
FreeLibrary
GetSystemInfo
CreateFileA
FormatMessageW
GetStringTypeW
GetVersionExW
WriteConsoleW
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
SetHandleCount
GetCurrentProcess
InitializeCriticalSection
FreeEnvironmentStringsA
InterlockedExchange
CompareStringA
GetLastError
GetFileType
GlobalFlags
GetVersionExA
LCMapStringA
GetTimeFormatA
LCMapStringW
GetCurrentThread
IsValidLocale
GetSystemTimeAsFileTime
GetConsoleMode
HeapFree
TransmitCommChar
WideCharToMultiByte
SetLastError
IsValidCodePage
HeapReAlloc
GetStartupInfoA
TlsSetValue
GetConsoleOutputCP
TlsFree
WriteConsoleA
GetCurrentThreadId
DeleteCriticalSection
HeapCreate
MultiByteToWideChar
Sleep
InterlockedDecrement
GetDateFormatA
ExitProcess
EnumSystemLocalesA
GetEnvironmentStrings
OpenMutexA
GetConsoleCP
InterlockedIncrement
LoadLibraryA
ReadFile
WriteFile
GetLocaleInfoA
EnterCriticalSection
GetModuleHandleA
UnmapViewOfFile
GetTimeZoneInformation
HeapSize
TlsAlloc
TlsGetValue
GetLocaleInfoW
OpenFile
GetOEMCP
GetStringTypeA
SetConsoleCtrlHandler
RtlUnwind
GetACP
GetProcessHeap
VirtualQuery
FlushFileBuffers
RemoveDirectoryA
QueryPerformanceCounter
GetStdHandle
HeapAlloc
GetUserDefaultLCID
CreateSemaphoreW
LeaveCriticalSection
LocalAlloc

advapi32

CreateServiceA
LookupAccountSidA
LookupPrivilegeDisplayNameA
RegEnumValueA
CryptSetProvParam
CryptAcquireContextA
RegOpenKeyExA
RegEnumKeyExW
CryptVerifySignatureA
LookupAccountSidW
RegLoadKeyA

user32

RegisterClassA
MonitorFromRect
AnyPopup
ToAscii
SystemParametersInfoW
EmptyClipboard
RegisterClassExA
SetWindowsHookW
CreateMDIWindowA

comdlg32

FindTextA
ChooseFontW

wininet

InternetSetOptionExA
InternetCheckConnectionA

Sections

.text
Size: 178KB - Virtual size: 178KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 313KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c6e2d38aca769bc687e0af2b73a8ef41

Headers

File Characteristics

Imports

comctl32

kernel32

advapi32

user32

comdlg32

wininet

Sections

.text Size: 178KB - Virtual size: 178KB

.rdata Size: 10KB - Virtual size: 41KB

.data Size: 313KB - Virtual size: 312KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 178KB - Virtual size: 178KB

.rdata
Size: 10KB - Virtual size: 41KB

.data
Size: 313KB - Virtual size: 312KB

.rsrc
Size: 8KB - Virtual size: 8KB