a34b087b1bbdea8352315b845b451d20N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

a34b087b1bbdea8352315b845b451d20N.exe
Size

360KB
MD5

a34b087b1bbdea8352315b845b451d20
SHA1

2f1c4031a93398fbaab759fa2f384f093d6cd75a
SHA256

139f357a2d054108b06113b102079de7969f5812f4e926ba227e88d4921359f5
SHA512

cf9bd205f824f7c44a39032090e84b87b42d11b443f879a24b17b2beff47b961c73f3bf0c2b96e668080619cb284ee6cf7bcc90c3810b2ef305894291f5a4f75
SSDEEP

6144:Vqs+3cTZat9eSrDZRYblFK9DZZFtKBRQYT4KMlu+xx0RXAp29y7zCVUPB:4OTS97HZue9D70RQYT/qxx0RXc29EyO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a34b087b1bbdea8352315b845b451d20N.exe

Files

a34b087b1bbdea8352315b845b451d20N.exe
.exe windows:4 windows x86 arch:x86

6e0926897a4e93a7e29db7fa322ab628

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\dtuysojxv.pdb

Imports

wininet

RunOnceUrlCache
FtpCommandW
InternetSetDialStateW
InternetOpenA
FindNextUrlCacheEntryW
FindFirstUrlCacheGroup

comctl32

InitCommonControlsEx

kernel32

GetProcAddress
SetThreadIdealProcessor
IsValidCodePage
InterlockedExchange
GetConsoleCP
WriteConsoleW
VirtualFree
CreateMutexA
InterlockedDecrement
EnumDateFormatsA
GetCurrentThread
GetStartupInfoW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetStringTypeA
TlsFree
TlsGetValue
SetFilePointer
DeleteCriticalSection
VirtualQuery
CompareStringW
SetConsoleCtrlHandler
GetLastError
lstrlenW
InterlockedIncrement
FreeEnvironmentStringsA
GetModuleHandleA
LoadLibraryA
HeapSize
GetCurrentThreadId
HeapCreate
GetTimeFormatA
LCMapStringW
RtlUnwind
ExitProcess
LCMapStringA
GetStringTypeW
TlsSetValue
LeaveCriticalSection
VirtualAlloc
GetDateFormatA
FreeLibrary
GetCommandLineW
TlsAlloc
FlushFileBuffers
HeapAlloc
GetCPInfo
GetLocaleInfoW
SetStdHandle
CompareStringA
WriteConsoleA
TerminateProcess
UnhandledExceptionFilter
GetConsoleMode
InitializeCriticalSection
WriteFile
GetModuleFileNameW
SetEnvironmentVariableA
CreateFileA
GetProcessHeap
QueryPerformanceCounter
OpenSemaphoreA
SetLastError
GetThreadPriority
GetUserDefaultLCID
WideCharToMultiByte
CloseHandle
FoldStringW
GetModuleFileNameA
IsBadWritePtr
GetOEMCP
GetCommandLineA
GetSystemTimeAsFileTime
GetStdHandle
SetUnhandledExceptionFilter
IsDebuggerPresent
EnterCriticalSection
HeapDestroy
HeapReAlloc
GetVersionExA
GetFileType
IsValidLocale
GetCurrentProcessId
GetCompressedFileSizeW
SetHandleCount
GetTimeZoneInformation
ReadFile
OpenMutexA
MapViewOfFileEx
GetTickCount
GetStartupInfoA
GetConsoleOutputCP
GetLocaleInfoA
Sleep
EnumSystemLocalesA
GetACP
HeapFree
GetEnvironmentStrings
SetComputerNameW
GetCurrentProcess
MultiByteToWideChar

shell32

SHFreeNameMappings

comdlg32

PrintDlgW

user32

FindWindowA
ChildWindowFromPointEx
CheckMenuItem
SetSysColors
SetDebugErrorLevel
EnableWindow
GetSubMenu
CharPrevW
RegisterClassExA
ReuseDDElParam
GetMenuItemRect
PostQuitMessage
DdeImpersonateClient
DdeDisconnectList
GetClassInfoExA
GetClassLongA
GetForegroundWindow
GetAltTabInfo
ToUnicode
CharUpperA
RegisterClassA
GetWindowLongA
IsDlgButtonChecked
CreateIconFromResource
SetTimer
DrawMenuBar
GetDlgCtrlID

Sections

.text
Size: 225KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6e0926897a4e93a7e29db7fa322ab628

Headers

File Characteristics

PDB Paths

Imports

wininet

comctl32

kernel32

shell32

comdlg32

user32

Sections

.text Size: 225KB - Virtual size: 224KB

.rdata Size: 30KB - Virtual size: 44KB

.data Size: 93KB - Virtual size: 93KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 225KB - Virtual size: 224KB

.rdata
Size: 30KB - Virtual size: 44KB

.data
Size: 93KB - Virtual size: 93KB

.rsrc
Size: 10KB - Virtual size: 10KB