9108ce10896672c1aaf2c2f64c405bb0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

9108ce10896672c1aaf2c2f64c405bb0N.exe
Size

457KB
MD5

9108ce10896672c1aaf2c2f64c405bb0
SHA1

3e1acab948b2f05a6e77216fb2962a52b45c5f38
SHA256

33dc99550d8a720bc984a9f5bdc69f4dbd3b0d36d92a3e7e57eaaef9076fc1c7
SHA512

8a8c5a9923d0dbc3a890ff228e649187867241875882b8d067fee102d53bfacfceeb6a6b899b45fa8eb9588f460058dec2297638ee53feef3c991cc6bbbc3762
SSDEEP

12288:srYLW4Dx217j1MErYWbSkL3/6OQjmGbSyCjar7VN7bu7mpT:OAW4ACkEmG2PaNNHu7M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9108ce10896672c1aaf2c2f64c405bb0N.exe

Files

9108ce10896672c1aaf2c2f64c405bb0N.exe
.exe windows:4 windows x86 arch:x86

7cf4ad2f9c1c6fbe1c1ef45c8e5e9777

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetViewportExtEx
SetDIBColorTable
SetRectRgn
StretchDIBits
ColorCorrectPalette
CreateICA
CopyEnhMetaFileA
PlayEnhMetaFileRecord
CreateBrushIndirect
Rectangle
CreateEllipticRgnIndirect
GetTextCharacterExtra

wininet

GopherOpenFileW
DeleteUrlCacheEntryA
InternetGetConnectedStateExA
ShowCertificate
ReadUrlCacheEntryStream
UnlockUrlCacheEntryStream
GopherFindFirstFileA
HttpOpenRequestA
SetUrlCacheEntryGroupA
FindNextUrlCacheEntryA
FindNextUrlCacheContainerA
HttpQueryInfoA
FtpSetCurrentDirectoryW
InternetSecurityProtocolToStringA
InternetTimeToSystemTimeW
CreateUrlCacheEntryA
InternetTimeFromSystemTimeA
GopherOpenFileA
LoadUrlCacheContent
InternetSetCookieW
SetUrlCacheGroupAttributeW
InternetWriteFileExA

shell32

DoEnvironmentSubstA
DragFinish
DragQueryFileA
SHBrowseForFolderW
SHFileOperation

advapi32

CryptEnumProvidersW
RegConnectRegistryW
RegLoadKeyW
RegReplaceKeyA
RegQueryInfoKeyW
RegCloseKey
RegSaveKeyW

kernel32

VirtualQuery
ExitProcess
GetFileType
InterlockedExchange
GetCurrentThread
WaitForMultipleObjects
GetEnvironmentStringsW
GetStartupInfoA
GetCPInfo
TlsSetValue
QueryPerformanceCounter
HeapCreate
GetTimeFormatA
LocalCompact
GetLastError
EnterCriticalSection
CompareStringA
FreeEnvironmentStringsA
GetStdHandle
CreateNamedPipeA
IsValidCodePage
IsValidLocale
SetEnvironmentVariableA
GetModuleFileNameW
TlsAlloc
HeapFree
LCMapStringW
GetACP
GetSystemInfo
GetLocaleInfoW
HeapDestroy
GetCurrentProcessId
RtlUnwind
HeapAlloc
GetSystemTimeAsFileTime
DeleteCriticalSection
GetCommandLineW
LoadLibraryA
GetUserDefaultLCID
GetStringTypeA
WideCharToMultiByte
UnhandledExceptionFilter
HeapSize
GetDateFormatA
GetEnvironmentStrings
EnumSystemLocalesA
GetTimeZoneInformation
GetLocaleInfoA
GetCommandLineA
WriteFile
GetVersionExA
GetModuleFileNameA
GetOEMCP
GetCurrentThreadId
VirtualFree
GetStartupInfoW
SetHandleCount
GetProcAddress
InitializeCriticalSection
TlsFree
MultiByteToWideChar
HeapReAlloc
SetLastError
VirtualProtect
IsBadWritePtr
GetTickCount
GetStringTypeW
LeaveCriticalSection
VirtualAlloc
TerminateProcess
FreeEnvironmentStringsW
TlsGetValue
GetModuleHandleA
LCMapStringA
CompareStringW
GetCurrentProcess

user32

DefFrameProcA
CreateIconIndirect
SetParent
DdeQueryNextServer
DlgDirListComboBoxA
GetMonitorInfoW
InvalidateRgn
MapWindowPoints
EmptyClipboard
EnumWindows
GetWindowLongW
DdeUnaccessData
GetProcessDefaultLayout
DdeImpersonateClient
EnableWindow
MessageBoxW
GetWindowTextW
DrawStateW
GetMonitorInfoA

Sections

.text
Size: 133KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 308KB - Virtual size: 307KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7cf4ad2f9c1c6fbe1c1ef45c8e5e9777

Headers

File Characteristics

Imports

gdi32

wininet

shell32

advapi32

kernel32

user32

Sections

.text Size: 133KB - Virtual size: 132KB

.data Size: 308KB - Virtual size: 307KB

.rsrc Size: 15KB - Virtual size: 15KB

.text
Size: 133KB - Virtual size: 132KB

.data
Size: 308KB - Virtual size: 307KB

.rsrc
Size: 15KB - Virtual size: 15KB