996976f9bec0fb3c24ca0b999feba2c0N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

996976f9bec0fb3c24ca0b999feba2c0N.exe
Size

1.3MB
MD5

996976f9bec0fb3c24ca0b999feba2c0
SHA1

ba78ac7f1cb2f5eaaf34be1fea76008cef9d1550
SHA256

32929076fd8b16f0dc8a301b6180804b4b8a2695a09c721bba3cf7b9751530d4
SHA512

6fbb5f636f7d99d138c1dea2c9d68fd3d32bfe90d546812ba2440fa589945a7abf7802dcbf88f01fd6008385138c0e991dd54caff8623b4ca9661e3511eab5e7
SSDEEP

24576:oUkVcTb7ZtfnDv5raAIrOaKA7Ky6vegF/8s7J3nTdyhRMuAJn:+grDRrafdKCcHF/8s7JDdyAzJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
996976f9bec0fb3c24ca0b999feba2c0N.exe

Files

996976f9bec0fb3c24ca0b999feba2c0N.exe
.exe windows:4 windows x86 arch:x86

4486ba30abd13cba79dc3b0acefca636

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptGetUserKey
ReportEventA
LookupPrivilegeDisplayNameA
AbortSystemShutdownA
RegEnumKeyW
InitiateSystemShutdownW
CryptReleaseContext
LogonUserW
LookupAccountSidW
RegQueryValueA
RegCreateKeyExW
RegQueryValueExW
GetUserNameA
CryptGetDefaultProviderW
RegQueryMultipleValuesW
RegCloseKey
RegOpenKeyExW
CryptVerifySignatureW
CryptDeriveKey
InitiateSystemShutdownA
AbortSystemShutdownW

comctl32

DestroyPropertySheetPage
InitCommonControlsEx
CreateStatusWindow
ImageList_Copy
ImageList_Merge
ImageList_GetDragImage
ImageList_AddMasked
ImageList_ReplaceIcon
CreatePropertySheetPageA
ImageList_SetOverlayImage
ImageList_GetImageInfo
ImageList_DragEnter
ImageList_LoadImage
ImageList_Remove
ImageList_SetFlags
CreateToolbarEx
ImageList_GetFlags
ImageList_DrawEx
ImageList_DragShowNolock
ImageList_Draw
CreatePropertySheetPage
DrawStatusTextW
CreatePropertySheetPageW
ImageList_Replace
ImageList_Read
ImageList_Destroy

user32

RegisterClipboardFormatW
DrawCaption
SetMenu
RegisterClassExA
ShowWindow
RemovePropA
FreeDDElParam
RemoveMenu
LoadAcceleratorsW
MessageBoxW
GetTopWindow
EnumPropsA
GetClipboardOwner
SetUserObjectInformationW
SendMessageW
InflateRect
CharLowerBuffW
CreateWindowExA
RegisterClassA

comdlg32

GetFileTitleW
ChooseFontA
GetSaveFileNameA
FindTextW

kernel32

GetStringTypeW
GetACP
GetStdHandle
MultiByteToWideChar
LCMapStringA
LoadLibraryA
GetStartupInfoW
UnhandledExceptionFilter
WriteFile
EnterCriticalSection
OutputDebugStringA
HeapValidate
ExitProcess
GetOEMCP
IsBadReadPtr
RtlUnwind
InitializeCriticalSectionAndSpinCount
TlsGetValue
TlsAlloc
lstrlenA
SetStdHandle
HeapDestroy
LoadLibraryW
RaiseException
CompareStringA
TlsFree
LCMapStringW
GetFileAttributesExA
CreateFileA
SetHandleCount
HeapReAlloc
TerminateProcess
InterlockedIncrement
CompareStringW
HeapFree
GetCommandLineW
TlsSetValue
SetConsoleMode
HeapSize
ReadFile
HeapAlloc
CreateMutexA
GetModuleFileNameA
FreeLibrary
FlushFileBuffers
GetTimeZoneInformation
GetModuleHandleW
SetConsoleTitleW
SetLastError
CreateThread
DebugBreak
GetLocaleInfoW
GetCPInfo
GetCurrentThread
GetModuleFileNameW
HeapCreate
VirtualAlloc
GetStringTypeA
IsValidLocale
GetDateFormatA
WriteConsoleA
SetFilePointer
LeaveCriticalSection
GetTickCount
QueryPerformanceCounter
GetConsoleMode
GetFileType
CompareFileTime
GetConsoleCP
SetUnhandledExceptionFilter
GetUserDefaultLCID
GetCommandLineA
GetStartupInfoA
GetCurrentProcessId
GetTimeFormatA
OutputDebugStringW
SetConsoleCtrlHandler
EnumSystemLocalesA
VirtualQuery
GetSystemTimeAsFileTime
InterlockedDecrement
GetProcAddress
InterlockedExchange
Sleep
GetLastError
WriteConsoleW
DeleteCriticalSection
SetEnvironmentVariableA
GetCurrentThreadId
GetProcessHeap
FreeEnvironmentStringsW
OpenMutexA
CloseHandle
GetLocaleInfoA
GetModuleHandleA
VirtualFree
GetCurrentProcess
IsDebuggerPresent
WideCharToMultiByte
GetEnvironmentStringsW
IsValidCodePage
GetConsoleOutputCP

Sections

.text
Size: 418KB - Virtual size: 417KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 791KB - Virtual size: 789KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4486ba30abd13cba79dc3b0acefca636

Headers

File Characteristics

Imports

advapi32

comctl32

user32

comdlg32

kernel32

Sections

.text Size: 418KB - Virtual size: 417KB

.rdata Size: 104KB - Virtual size: 131KB

.data Size: 791KB - Virtual size: 789KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 418KB - Virtual size: 417KB

.rdata
Size: 104KB - Virtual size: 131KB

.data
Size: 791KB - Virtual size: 789KB

.rsrc
Size: 8KB - Virtual size: 8KB