91df11efa76d6438eeaf6dcc0094b280N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

91df11efa76d6438eeaf6dcc0094b280N.exe
Size

539KB
MD5

91df11efa76d6438eeaf6dcc0094b280
SHA1

8300273ba7eb0e044efa5c4d34fe4ab0211ce590
SHA256

9401f5500b56254b0e7e30455fd929b77b7fb986fd85e46a47b77a044934a983
SHA512

da1b5597ef03556853687785218abdee7bd2a209f75fadc015b7416052241404cb0eee144a6b8f7d2c578754add1b6d8503442c89ac43bc8b693e72e51d383c6
SSDEEP

12288:25mKiAwt100n4s8OjNlLHAxdziozQVcUs9Di0IU:bKaf0clzjAxdW9cUsCU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
91df11efa76d6438eeaf6dcc0094b280N.exe

Files

91df11efa76d6438eeaf6dcc0094b280N.exe
.exe windows:4 windows x86 arch:x86

322b82be2b093e318275bec6a5f83757

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetICMMode
CreatePatternBrush
Polygon
SetMetaRgn
PtInRegion
GetFontLanguageInfo
PatBlt
GetCharABCWidthsA
Chord

user32

SetWindowLongW
SetMenuItemInfoA
GetTopWindow
EnumChildWindows
LoadCursorFromFileA
RegisterClassA
BroadcastSystemMessageW
RegisterClassExA
GetCapture
CreateIconFromResourceEx
GetDlgItemInt
SystemParametersInfoA
PaintDesktop
GetTabbedTextExtentA
CreateAcceleratorTableW

kernel32

FreeEnvironmentStringsW
LeaveCriticalSection
GetStartupInfoW
GetEnvironmentStringsW
GlobalFindAtomA
CreateMutexA
VirtualProtectEx
TlsFree
InterlockedIncrement
GetModuleHandleA
GetLocalTime
LCMapStringW
GetSystemTime
IsBadWritePtr
QueryPerformanceCounter
SetCurrentDirectoryW
HeapAlloc
GetProfileSectionA
VirtualAlloc
CompareStringW
OpenMutexA
HeapDestroy
GetStartupInfoA
InitializeCriticalSection
GetVersionExA
GetStdHandle
WaitForSingleObject
GetVersion
SetCurrentDirectoryA
OutputDebugStringA
InterlockedExchange
UnmapViewOfFile
GetCurrentThread
FindResourceW
TlsAlloc
HeapCreate
SetLastError
GetModuleFileNameW
HeapFree
DeleteCriticalSection
ExitProcess
CloseHandle
SleepEx
GetSystemTimeAsFileTime
SetFilePointer
RtlUnwind
TlsSetValue
GetCommandLineW
ReadFile
LCMapStringA
Sleep
GetModuleFileNameA
GetProcAddress
UnhandledExceptionFilter
SetEnvironmentVariableA
FlushFileBuffers
HeapReAlloc
GetTimeZoneInformation
GetCurrentThreadId
SetHandleCount
TerminateProcess
MultiByteToWideChar
GetCommandLineA
InterlockedDecrement
LoadLibraryA
GetCurrentProcess
GetLastError
GetStringTypeA
FlushViewOfFile
TlsGetValue
LocalShrink
WriteFile
FreeEnvironmentStringsA
GetStringTypeW
VirtualQueryEx
VirtualQuery
EnumResourceLanguagesW
CompareStringA
GetCurrentProcessId
EnterCriticalSection
LockFile
GetEnvironmentStrings
GetFileType
GetCPInfo
WideCharToMultiByte
GetTickCount
SetStdHandle
VirtualFree

comctl32

InitCommonControlsEx

Sections

.text
Size: 212KB - Virtual size: 212KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 313KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

322b82be2b093e318275bec6a5f83757

Headers

File Characteristics

Imports

gdi32

user32

kernel32

comctl32

Sections

.text Size: 212KB - Virtual size: 212KB

.rdata Size: 4KB - Virtual size: 32KB

.data Size: 313KB - Virtual size: 312KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 212KB - Virtual size: 212KB

.rdata
Size: 4KB - Virtual size: 32KB

.data
Size: 313KB - Virtual size: 312KB

.rsrc
Size: 8KB - Virtual size: 8KB