98f5ff17c1bec50ef57a0e7670a35630N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

98f5ff17c1bec50ef57a0e7670a35630N.exe
Size

433KB
MD5

98f5ff17c1bec50ef57a0e7670a35630
SHA1

ef2c27f365f17b4db261b914dc9b337dcee8decd
SHA256

a2081e8d528292ba68754cb4b5f2e5683e89f7be366278cb990e197f085005b2
SHA512

5196e3941bded8071d516f1b7ef1f3cad754b653675126f6f60533ef871056825baa1d2b418be3e5fd79b2649ffa45ad5a1ef94a715ff8a5ed3cf2edb9b3e21a
SSDEEP

6144:8TCPtOyl4Ja1uDBXHItglODeH7/guJyKS83IhgJ7ZvOLfswHNJ1+SrZ:SCP0JyGBXHItgqU7/8KS4/J9vOxHNpr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
98f5ff17c1bec50ef57a0e7670a35630N.exe

Files

98f5ff17c1bec50ef57a0e7670a35630N.exe
.exe windows:4 windows x86 arch:x86

dc67dbf051c4fac3fe2b17825308dcfc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapSize
GetCurrentProcess
CreateMutexA
VirtualProtect
OpenMutexA
GetStartupInfoA
HeapAlloc
GetCurrentThread
GetLocaleInfoW
GetOEMCP
FreeEnvironmentStringsW
CompareStringW
GetModuleFileNameA
OpenFile
GetCPInfo
HeapCreate
WideCharToMultiByte
EnumSystemLocalesA
GetCommandLineA
CloseHandle
HeapFree
GetVersionExA
GetTimeZoneInformation
TlsAlloc
FlushFileBuffers
GetFileType
GetStringTypeW
IsValidLocale
GetEnvironmentStrings
IsValidCodePage
GetStringTypeA
FreeEnvironmentStringsA
HeapReAlloc
SetHandleCount
LockFileEx
SetFilePointer
IsBadWritePtr
LeaveCriticalSection
GetStartupInfoW
TlsFree
SetEnvironmentVariableA
GetSystemTimeAsFileTime
ExitProcess
GetSystemInfo
GetLocaleInfoA
GetCurrentProcessId
WriteFile
GetEnvironmentStringsW
GetDateFormatA
LoadLibraryA
GetTimeFormatA
GetModuleFileNameW
HeapDestroy
RtlUnwind
TerminateProcess
CompareStringA
VirtualQuery
LCMapStringW
InterlockedExchange
GetStdHandle
GetUserDefaultLCID
EnumCalendarInfoA
VirtualFree
TlsGetValue
TlsSetValue
GetLastError
LCMapStringA
GetACP
QueryPerformanceCounter
SetStdHandle
EnterCriticalSection
GetCommandLineW
SetLastError
GetCurrentThreadId
DeleteCriticalSection
InitializeCriticalSection
UnhandledExceptionFilter
ReadFile
MultiByteToWideChar
GetProcAddress
VirtualAlloc
GetTickCount
lstrcat
GetModuleHandleA
SetLocaleInfoA

comctl32

InitCommonControlsEx

user32

DlgDirListW
LoadBitmapA
GetListBoxInfo
GetDialogBaseUnits
SetCaretBlinkTime
DdeAccessData
MessageBoxA
GetMessagePos
DefFrameProcW
RegisterWindowMessageA
SendIMEMessageExW
CopyAcceleratorTableW
WaitForInputIdle
DrawTextA
CreateCursor
GrayStringW
CharLowerBuffA
DdePostAdvise
RegisterClassA
CreatePopupMenu
InsertMenuW
DispatchMessageA
RegisterClassExA
TileWindows
SetSysColors
MapWindowPoints

shell32

SHBrowseForFolderW
SHFormatDrive
SHGetInstanceExplorer
ExtractIconEx
SHGetSpecialFolderLocation

gdi32

CreateMetaFileA
GetMetaRgn
GetTextExtentPointA
ResizePalette

wininet

InternetOpenUrlA
UpdateUrlCacheContentPath
SetUrlCacheEntryGroupW
InternetTimeToSystemTimeA
InternetSetOptionW
FtpRemoveDirectoryA
InternetInitializeAutoProxyDll
InternetOpenW

Sections

.text
Size: 201KB - Virtual size: 201KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 212KB - Virtual size: 211KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dc67dbf051c4fac3fe2b17825308dcfc

Headers

File Characteristics

Imports

kernel32

comctl32

user32

shell32

gdi32

wininet

Sections

.text Size: 201KB - Virtual size: 201KB

.rdata Size: 8KB - Virtual size: 35KB

.data Size: 212KB - Virtual size: 211KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 201KB - Virtual size: 201KB

.rdata
Size: 8KB - Virtual size: 35KB

.data
Size: 212KB - Virtual size: 211KB

.rsrc
Size: 10KB - Virtual size: 9KB