9efe751967cb73b829f1d84fd8522820N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

9efe751967cb73b829f1d84fd8522820N.exe
Size

428KB
MD5

9efe751967cb73b829f1d84fd8522820
SHA1

042615daa70662021c9d0a9bd61e7d42302c774a
SHA256

6b638c52f09092fa3bf4b2bbab8d76ed5ad0b2ea0cc568c198e8601173e14575
SHA512

5e2993bb84032963754032237e43fa15d58fc8b853a737bd302fe2d571b5b15d917e9794bd063ecd6e7c85ecbbb22d93e4f1a658dc0e785fcfda4dbd1147aade
SSDEEP

12288:pf7jyaMJxb7gEGhnk11zqmImRKVDErVSuws2ORW9sY:pzGaIg2113IaKVwwuV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9efe751967cb73b829f1d84fd8522820N.exe

Files

9efe751967cb73b829f1d84fd8522820N.exe
.exe windows:4 windows x86 arch:x86

38c41c7ac6484d27e218ac70da48ecb1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DdeQueryStringA
WINNLSGetEnableStatus
DdeInitializeA
GetCaretBlinkTime
ShowCursor

advapi32

RegLoadKeyA
CryptDuplicateKey
CreateServiceW

shell32

SHBrowseForFolderW
RealShellExecuteA
SHAddToRecentDocs
SHGetDiskFreeSpaceA
DragQueryPoint
DragFinish
SHGetDataFromIDListW
SHGetSettings
SHGetMalloc
DoEnvironmentSubstW
SheGetDirA
SHFileOperation
SHGetDesktopFolder
DragQueryFileA
CheckEscapesW
SheChangeDirA

wininet

FindFirstUrlCacheContainerW
GetUrlCacheConfigInfoA
ShowClientAuthCerts
InternetGetConnectedStateEx
HttpSendRequestA
GopherCreateLocatorA
InternetGetConnectedStateExW
FtpCreateDirectoryA
HttpQueryInfoW
FtpOpenFileW
InternetConnectW
UnlockUrlCacheEntryFileA
SetUrlCacheEntryGroup
ResumeSuspendedDownload
InternetWriteFile
DeleteIE3Cache
SetUrlCacheEntryInfoW
FtpSetCurrentDirectoryA
DeleteUrlCacheGroup
SetUrlCacheGroupAttributeA
InternetSetOptionW
InternetTimeFromSystemTimeA
InternetCombineUrlA
FindNextUrlCacheEntryExW

kernel32

TerminateProcess
VirtualFree
GetConsoleOutputCP
GetTickCount
ExitProcess
VirtualAlloc
GetStringTypeA
ResetEvent
MoveFileA
SetEnvironmentVariableA
GetTimeFormatA
SetHandleCount
CreateEventW
InterlockedExchange
FlushInstructionCache
SetThreadPriority
LeaveCriticalSection
GetLocaleInfoW
GetCurrentProcess
FreeLibrary
GetEnvironmentStringsW
CreateFileA
HeapLock
TlsGetValue
HeapReAlloc
SetThreadLocale
GetConsoleMode
FlushFileBuffers
WideCharToMultiByte
OutputDebugStringA
GetProcessShutdownParameters
GetModuleFileNameA
CloseHandle
HeapValidate
lstrlenA
WriteConsoleA
HeapDestroy
TlsSetValue
RaiseException
SetConsoleCtrlHandler
FreeResource
GetStdHandle
GetACP
CreateProcessA
LCMapStringW
GetSystemTimeAsFileTime
LoadLibraryA
WritePrivateProfileStringW
EnumSystemLocalesA
GetEnvironmentStringsA
CreateNamedPipeW
GetCPInfo
InterlockedDecrement
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetConsoleCP
CompareStringA
GetModuleHandleA
SetStdHandle
GetProcessHeap
GetUserDefaultLCID
IsDebuggerPresent
GetLastError
IsValidCodePage
CompareStringW
GetProcAddress
GetModuleFileNameW
FreeEnvironmentStringsA
SetFilePointer
GetModuleHandleW
GetCurrentProcessId
HeapAlloc
MultiByteToWideChar
TlsFree
LCMapStringA
DebugBreak
GlobalHandle
InterlockedIncrement
RtlUnwind
LoadLibraryW
EnterCriticalSection
TlsAlloc
Sleep
SetLastError
IsBadReadPtr
GetStringTypeW
InitializeCriticalSectionAndSpinCount
OutputDebugStringW
WriteFile
UnhandledExceptionFilter
GetOEMCP
CreateSemaphoreA
GetLocaleInfoA
HeapSize
lstrcmpiA
VirtualQuery
GetCommandLineA
DeleteCriticalSection
GetStartupInfoA
GetFileType
GetFileTime
IsValidLocale
GetDateFormatA
GetTimeZoneInformation
GetThreadTimes
GetEnvironmentVariableW
WriteConsoleW
GetCurrentThreadId
HeapFree
LocalFileTimeToFileTime
FreeEnvironmentStringsW
HeapCreate
GetCurrentThread
GetEnvironmentStrings

comdlg32

ReplaceTextA
ReplaceTextW
GetFileTitleA
PageSetupDlgA
ChooseFontW
GetFileTitleW
GetSaveFileNameA
FindTextA
GetSaveFileNameW
PrintDlgA
GetOpenFileNameA
GetOpenFileNameW
FindTextW
LoadAlterBitmap
PageSetupDlgW
ChooseColorA
ChooseFontA

Sections

.text
Size: 243KB - Virtual size: 242KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 177KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

38c41c7ac6484d27e218ac70da48ecb1

Headers

File Characteristics

Imports

user32

advapi32

shell32

wininet

kernel32

comdlg32

Sections

.text Size: 243KB - Virtual size: 242KB

.data Size: 177KB - Virtual size: 176KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 243KB - Virtual size: 242KB

.data
Size: 177KB - Virtual size: 176KB

.rsrc
Size: 7KB - Virtual size: 7KB