9fc5402b08ec5acf1477d5755e39ca50N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

9fc5402b08ec5acf1477d5755e39ca50N.exe
Size

542KB
MD5

9fc5402b08ec5acf1477d5755e39ca50
SHA1

bb923559d224f963ee7ac0013ceee83a750268cd
SHA256

b01ef2b31f645b5d00994774afb856ef3eb45491432a599147d439c21dd8d13e
SHA512

c675764c929ac0e5073b883230c1c2e8d76d875a5147f05b05e33692112612f8f883556fccf201ba1bc8bd9db9617313233b80cd8ea94def5bcbc4db431b0540
SSDEEP

12288:rbLG6TWUKRVFNxVQ9kMT3bqtGigVDSuhenhFoHP/:rby3Fzc9kW3bqtwV+4uhFG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9fc5402b08ec5acf1477d5755e39ca50N.exe

Files

9fc5402b08ec5acf1477d5755e39ca50N.exe
.exe windows:4 windows x86 arch:x86

28f803a6f4f2a86bebb1283c442acff2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

PageSetupDlgW

wininet

HttpSendRequestA
InternetReadFileExA
InternetWriteFileExA
FtpFindFirstFileA

kernel32

ReadFile
LCMapStringW
HeapSize
GetCPInfo
EnumTimeFormatsW
SetEnvironmentVariableA
CreateMutexA
GetStringTypeW
LoadLibraryA
FileTimeToLocalFileTime
CreateMailslotA
VirtualQuery
IsValidLocale
SetConsoleTextAttribute
GetEnvironmentStringsW
GetProcAddress
SetStdHandle
EnumTimeFormatsA
HeapFree
GetTimeFormatA
CloseHandle
EnumSystemLocalesA
GetLastError
CompareStringA
OpenWaitableTimerA
VirtualAlloc
GetModuleFileNameA
SetThreadIdealProcessor
GetSystemDefaultLangID
LCMapStringA
GetCurrentProcessId
GetCurrentThreadId
FreeEnvironmentStringsA
VirtualFree
GetStdHandle
GetOEMCP
GetCurrentProcess
InitializeCriticalSection
GetCurrentThread
GetModuleHandleA
ExitProcess
TlsFree
GetDriveTypeA
IsBadWritePtr
TlsGetValue
GetSystemInfo
GetStartupInfoA
SetLastError
EnumResourceNamesW
FindNextFileA
GetEnvironmentStrings
SetHandleCount
VirtualProtect
GetFileType
GetTimeZoneInformation
GetFileAttributesA
GetThreadLocale
GetCommandLineW
RtlUnwind
FlushFileBuffers
RaiseException
GetDateFormatA
EnterCriticalSection
InterlockedExchange
EnumDateFormatsExA
SetFilePointer
WriteFile
TlsSetValue
GetFullPathNameW
UnhandledExceptionFilter
OpenProcess
MultiByteToWideChar
CompareStringW
GetModuleFileNameW
DeleteCriticalSection
OpenMutexA
TlsAlloc
TerminateProcess
QueryPerformanceCounter
GetProfileStringW
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
GetCommandLineA
IsValidCodePage
GetPrivateProfileSectionNamesW
HeapDestroy
GetTickCount
WideCharToMultiByte
GetVersionExA
GetStartupInfoW
HeapReAlloc
HeapLock
GetStringTypeA
HeapAlloc
GetLocaleInfoA
SetConsoleTitleW
CreateDirectoryExA
LocalShrink
GetACP
GetUserDefaultLCID
WritePrivateProfileStringW
lstrlenW
HeapCreate
LeaveCriticalSection
GetLocaleInfoW

comctl32

InitCommonControlsEx

user32

IsCharUpperW
IsZoomed
CreateWindowExW
RegisterClassA
MessageBoxW
CountClipboardFormats
GetProcessDefaultLayout
RegisterClassExA
ShowWindow
DlgDirSelectComboBoxExA

Sections

.text
Size: 328KB - Virtual size: 328KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

28f803a6f4f2a86bebb1283c442acff2

Headers

File Characteristics

Imports

comdlg32

wininet

kernel32

comctl32

user32

Sections

.text Size: 328KB - Virtual size: 328KB

.rdata Size: 76KB - Virtual size: 98KB

.data Size: 115KB - Virtual size: 115KB

.rsrc Size: 20KB - Virtual size: 20KB

.text
Size: 328KB - Virtual size: 328KB

.rdata
Size: 76KB - Virtual size: 98KB

.data
Size: 115KB - Virtual size: 115KB

.rsrc
Size: 20KB - Virtual size: 20KB