9335bbc9a061cb5adb6dde04434694b0N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

9335bbc9a061cb5adb6dde04434694b0N.exe
Size

270KB
MD5

9335bbc9a061cb5adb6dde04434694b0
SHA1

8e6f3d3eff3cf29cf197f02819ab0fa74078db33
SHA256

2a195fa765f970620defc2f44a2e317c116f98f3d50e2985da3d1a4f9cb3d81c
SHA512

1543312422a6b6a4b7387e66975fcac6571936b8a057f77f31c490643082e1e7aa44fafdcdc25cdb8c77d6f7137dc47e5835ebf62d84f8d9dd9199d6b9080353
SSDEEP

6144:XvO42grNFQ8oaMriz6cCp03zen98P5B7aL2eKaWVaRY:2Cedr26co0KnqmCraWVaR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9335bbc9a061cb5adb6dde04434694b0N.exe

Files

9335bbc9a061cb5adb6dde04434694b0N.exe
.exe windows:4 windows x86 arch:x86

b90b28765b190886ab69b5501103920f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCPInfo
HeapSize
GetOEMCP
DuplicateHandle
GetTimeFormatA
EnterCriticalSection
HeapAlloc
LoadLibraryA
VirtualFree
SetLastError
SetLocaleInfoA
GetConsoleScreenBufferInfo
DeleteCriticalSection
GetDateFormatA
TlsSetValue
UnhandledExceptionFilter
GetCommandLineA
GetVersionExA
HeapCreate
CompareStringA
TlsFree
GetLastError
HeapDestroy
GetLocaleInfoA
FreeResource
InterlockedIncrement
WriteFile
GetUserDefaultLCID
GetProcAddress
FreeEnvironmentStringsA
GetTimeZoneInformation
HeapFree
VirtualLock
GetFileType
FileTimeToDosDateTime
IsDebuggerPresent
VirtualQuery
SetHandleCount
IsValidCodePage
Sleep
GetCurrentThread
IsValidLocale
WideCharToMultiByte
GetStringTypeW
HeapReAlloc
SetEnvironmentVariableA
ExitProcess
EnumSystemLocalesA
CompareStringW
VirtualAlloc
TerminateProcess
QueryPerformanceCounter
GetCurrentProcess
LeaveCriticalSection
GetModuleHandleA
GetStartupInfoA
LCMapStringA
LCMapStringW
GetCurrentThreadId
TlsAlloc
InitializeCriticalSection
GetEnvironmentStringsW
GetStdHandle
GetCurrentProcessId
GetModuleFileNameA
MultiByteToWideChar
GetEnvironmentStrings
CreateMailslotA
GetTickCount
InterlockedDecrement
GetACP
GetProcessHeap
TlsGetValue
SetUnhandledExceptionFilter
RtlUnwind
GetLocaleInfoW
GetSystemTimeAsFileTime
InterlockedExchange
SetConsoleCtrlHandler
FreeLibrary
FreeEnvironmentStringsW
GetStringTypeA

shell32

ShellExecuteExA
SHGetFileInfo
SHFileOperationW

wininet

InternetWriteFileExW
FtpSetCurrentDirectoryA
GopherGetLocatorTypeW
InternetFortezzaCommand
SetUrlCacheHeaderData
FtpOpenFileA
FtpGetFileW
CreateUrlCacheEntryA
HttpSendRequestExA
InternetTimeToSystemTimeA
SetUrlCacheEntryGroup
InternetGetConnectedState
GopherOpenFileA
InternetConfirmZoneCrossingA
InternetGoOnlineW

user32

IsCharAlphaNumericA
LoadMenuIndirectA
SetWindowsHookExW
EnumPropsA
CreateDialogIndirectParamW
ShowCaret
IsRectEmpty
LoadStringA
DlgDirSelectExW
CreateDesktopW

Sections

.text
Size: 145KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b90b28765b190886ab69b5501103920f

Headers

File Characteristics

Imports

kernel32

shell32

wininet

user32

Sections

.text Size: 145KB - Virtual size: 144KB

.data Size: 114KB - Virtual size: 114KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 145KB - Virtual size: 144KB

.data
Size: 114KB - Virtual size: 114KB

.rsrc
Size: 10KB - Virtual size: 9KB