b464e7a2113dd1d334ceb61e54cd5600N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

b464e7a2113dd1d334ceb61e54cd5600N.exe
Size

530KB
MD5

b464e7a2113dd1d334ceb61e54cd5600
SHA1

dacddd5459382b0ae14c542e0c0aaf804bceb928
SHA256

0d784b7d02dfd26f68c4ffb4a07776404edacfc58e9e7b41cfaa969b76d9a543
SHA512

90f4576e2fcdcb1f9b8e33bb1a34f52d42bb0a5c8b4a1d03d7358f7d43ff510855d61f65b56780c839f2a7a7093d1a87fe65e6f990037ad41ca223a2a45d00d5
SSDEEP

12288:p3RWbyAhzZf3jbRGaMuwUE1G81QuW/+Il8Zx9:p37AxZfj8a5wVc818+ws

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b464e7a2113dd1d334ceb61e54cd5600N.exe

Files

b464e7a2113dd1d334ceb61e54cd5600N.exe
.exe windows:4 windows x86 arch:x86

5252d6714068876c571350a117529ec9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\proftbesw\ojuat\hnooxe.pdb

Imports

user32

RegisterClassA
MessageBoxA
UpdateWindow
CharNextExA
TabbedTextOutW
CreateWindowExW
BroadcastSystemMessageA
DestroyCaret
DefDlgProcW
PtInRect
SetMenuInfo
GetWindowThreadProcessId
SwitchDesktop
SetWinEventHook
ShowWindow
CopyRect
GetDC
RegisterClassExA
DragObject
GetWindowModuleFileNameA
InflateRect
TrackMouseEvent
GetDlgItem

kernel32

GetUserDefaultLCID
GetVersionExW
Sleep
GetConsoleMode
GetTimeFormatA
GetTimeZoneInformation
LCMapStringW
CreateMutexA
InterlockedExchange
SetConsoleCtrlHandler
DeleteCriticalSection
ExitProcess
WaitCommEvent
LoadLibraryA
GetLocaleInfoW
FreeEnvironmentStringsW
WideCharToMultiByte
FlushFileBuffers
ReadFile
VirtualAlloc
UnhandledExceptionFilter
WritePrivateProfileStructW
TlsAlloc
DeleteFiber
GetModuleFileNameA
GetThreadLocale
CompareStringW
HeapReAlloc
HeapAlloc
MultiByteToWideChar
EnterCriticalSection
EnumResourceLanguagesA
VirtualQuery
SetStdHandle
HeapFree
IsDebuggerPresent
WaitForMultipleObjects
SetFilePointer
GetEnvironmentStrings
GetCurrentProcess
WriteConsoleA
RtlUnwind
InterlockedIncrement
GetPrivateProfileIntA
FreeLibrary
WriteConsoleW
SetEnvironmentVariableA
GetCurrentThread
GetLocaleInfoA
TlsFree
IsValidCodePage
LCMapStringA
QueryPerformanceCounter
SetConsoleOutputCP
GetCPInfo
WriteFile
VirtualFree
OpenMutexA
LoadModule
GetModuleHandleA
LeaveCriticalSection
GetCommandLineA
GetDateFormatA
SetLastError
GetFileType
InterlockedCompareExchange
IsValidLocale
GetACP
GetTickCount
CompareStringA
InitializeCriticalSectionAndSpinCount
ReadConsoleInputA
LoadLibraryExA
GlobalDeleteAtom
GetStringTypeW
TerminateProcess
GetLastError
SetUnhandledExceptionFilter
FreeEnvironmentStringsA
GetConsoleOutputCP
GetFileAttributesExW
GetStdHandle
InterlockedDecrement
GetModuleHandleW
TlsSetValue
GlobalFix
GetLocalTime
SetHandleCount
GetOEMCP
SetWaitableTimer
GetConsoleCP
HeapCreate
GetExitCodeProcess
GetProcAddress
TlsGetValue
SetThreadIdealProcessor
GetCurrentThreadId
GetStartupInfoA
HeapSize
GetCurrentProcessId
EnumSystemLocalesA
SetLocaleInfoW
GetSystemTimeAsFileTime
HeapDestroy
GetStringTypeA
GetEnvironmentStringsW
CreateFileA
CloseHandle
lstrlenW

shell32

DragQueryFileAorW
SHFileOperation
RealShellExecuteW

advapi32

RegRestoreKeyA
ReportEventA
RegRestoreKeyW
CryptDeriveKey
RegConnectRegistryW
CreateServiceA
RegEnumKeyExA

comctl32

ImageList_GetImageInfo
MakeDragList
ImageList_BeginDrag
ImageList_GetIconSize
InitCommonControlsEx
ImageList_AddMasked
ImageList_SetOverlayImage
ImageList_SetBkColor
ImageList_EndDrag
ImageList_Destroy
CreatePropertySheetPageA
ImageList_Remove
CreateMappedBitmap
ImageList_GetImageRect
ImageList_SetDragCursorImage
DrawInsert
ImageList_LoadImageW
_TrackMouseEvent
GetEffectiveClientRect
ImageList_GetImageCount

gdi32

ExcludeClipRect
GetEnhMetaFilePaletteEntries
CreateCompatibleDC
GetNearestPaletteIndex
EndDoc
SetDIBits
AbortPath
GetObjectW

Sections

.text
Size: 365KB - Virtual size: 365KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5252d6714068876c571350a117529ec9

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

shell32

advapi32

comctl32

gdi32

Sections

.text Size: 365KB - Virtual size: 365KB

.rdata Size: 21KB - Virtual size: 49KB

.data Size: 114KB - Virtual size: 113KB

.rsrc Size: 28KB - Virtual size: 28KB

.text
Size: 365KB - Virtual size: 365KB

.rdata
Size: 21KB - Virtual size: 49KB

.data
Size: 114KB - Virtual size: 113KB

.rsrc
Size: 28KB - Virtual size: 28KB