ac5de43dcc05651cf2084dece8914340N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

ac5de43dcc05651cf2084dece8914340N.exe
Size

215KB
MD5

ac5de43dcc05651cf2084dece8914340
SHA1

9e1a6b66cc81b9d2d9ca1cf7bf9ba6338dcbb3d4
SHA256

fe2e0406f92427b911934310519051e9425881a55eb243752ea7ee81ba1af7ef
SHA512

00cf08ddc7fe0b1aa024ebf9029ce51115c8fe49977d6cf6084729dd37ff06e9a5457292c8748025904cb6599040628284f726dc2c6a52a881b294858e1537fc
SSDEEP

6144:4dk53mJgf/Bkn4uuFHCYokHCNnJ/F2Krfp589XgPSELrNlIJ:4dIoEBK4uuFHCXJZpYXgRIJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac5de43dcc05651cf2084dece8914340N.exe

Files

ac5de43dcc05651cf2084dece8914340N.exe
.exe windows:4 windows x86 arch:x86

43576807f861c988d2430b2adc80412f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetMenuItemInfoW
TrackPopupMenuEx
PeekMessageA
GetOpenClipboardWindow
CharNextA
SetRectEmpty
TabbedTextOutA
GetQueueStatus
SetWinEventHook
GetWindowInfo
EnumChildWindows
LoadStringW
GetKBCodePage
WindowFromDC
VkKeyScanW
DefDlgProcA

wininet

InternetGetCertByURLA

comdlg32

GetFileTitleA
PrintDlgA
GetSaveFileNameA
ChooseColorW
GetSaveFileNameW
PrintDlgW
GetOpenFileNameA
ChooseFontW
ChooseColorA
ReplaceTextW
PageSetupDlgW

advapi32

CryptExportKey
LookupPrivilegeDisplayNameA
CryptGetDefaultProviderW
RegLoadKeyW
InitiateSystemShutdownW
RegQueryValueW
InitializeSecurityDescriptor
RegEnumKeyExW
StartServiceA
CryptContextAddRef
CryptSetProviderExA
RegCloseKey
RevertToSelf
RegSetValueW
RegFlushKey
RegDeleteValueW
RegEnumKeyA
RegEnumValueW
CryptEnumProviderTypesW
RegDeleteValueA
RegEnumKeyW

kernel32

GetConsoleTitleW
GetModuleFileNameW
RtlUnwind
GetCurrentThread
InterlockedExchange
GetModuleHandleA
GetProfileSectionW
GetCurrentProcess
VirtualAlloc
LoadLibraryA
WriteFile
GetProcAddress
GetEnvironmentStrings
WaitForMultipleObjects
TlsGetValue
GetComputerNameW
FindClose
GetTickCount
LeaveCriticalSection
ExitProcess
IsBadWritePtr
FreeEnvironmentStringsA
InitializeCriticalSection
GetEnvironmentStringsW
GetModuleFileNameA
HeapFree
TlsSetValue
HeapDestroy
DeleteCriticalSection
UnhandledExceptionFilter
GetFileAttributesExW
GetTempFileNameA
EnterCriticalSection
FreeEnvironmentStringsW
TlsAlloc
CreateNamedPipeA
HeapReAlloc
VirtualQuery
FindResourceW
GetACP
lstrlenW
GlobalReAlloc
TerminateProcess
MultiByteToWideChar
GetVersion
HeapAlloc
CopyFileExA
GetCommandLineW
GetFileType
WritePrivateProfileStringW
GetStartupInfoA
SetHandleCount
GetCurrentProcessId
VirtualFree
GetLastError
ReadConsoleA
QueryPerformanceCounter
TlsFree
GetStartupInfoW
SetLastError
HeapCreate
GetCommandLineA
GetCurrentThreadId
GetStdHandle
GetSystemTimeAsFileTime

gdi32

CreateDiscardableBitmap
EnumEnhMetaFile
ExtEscape
RealizePalette
CreateEllipticRgnIndirect
EnumObjects
GetCharABCWidthsA
GetEnhMetaFileHeader
GetCharWidth32W
GetLogColorSpaceW
CreatePolygonRgn
OffsetRgn
GetGlyphOutlineA
GetAspectRatioFilterEx

Sections

.text
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

43576807f861c988d2430b2adc80412f

Headers

File Characteristics

Imports

user32

wininet

comdlg32

advapi32

kernel32

gdi32

Sections

.text Size: 94KB - Virtual size: 93KB

.data Size: 103KB - Virtual size: 102KB

.rsrc Size: 17KB - Virtual size: 17KB

.text
Size: 94KB - Virtual size: 93KB

.data
Size: 103KB - Virtual size: 102KB

.rsrc
Size: 17KB - Virtual size: 17KB