b266a807316d74225ecd1c5d238f98d0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

b266a807316d74225ecd1c5d238f98d0N.exe
Size

439KB
MD5

b266a807316d74225ecd1c5d238f98d0
SHA1

da16b16f5f76b037aed6df87dcb6201923a8296a
SHA256

903f09a8948fee2ac320ea0aa4fcef4d843bcc31a41c80c916c1810177e087ad
SHA512

162704e19512dad54f5cb42ed0a430719e21c51cda201278202729368627921c513c6475f1ab0ecfb9a010c6e745f09da7029df63f328fee8e540feca2038e8b
SSDEEP

12288:50IzlMZo4nuRnWGpJRjC3aZopFLgjepV9Tb7MxvMI:9MZaNRRjCqZSlvAxUI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b266a807316d74225ecd1c5d238f98d0N.exe

Files

b266a807316d74225ecd1c5d238f98d0N.exe
.exe windows:4 windows x86 arch:x86

b0882be214e1c236152b3fe0682dc534

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

ChooseColorW
GetSaveFileNameW
LoadAlterBitmap
GetOpenFileNameA
PrintDlgW
GetSaveFileNameA
GetFileTitleA

shell32

DragFinish
RealShellExecuteExW
RealShellExecuteA
DoEnvironmentSubstW
SHGetPathFromIDList
SHGetDataFromIDListA
SHFileOperation
SHGetPathFromIDListA

gdi32

GetPixelFormat
SetROP2
SetMetaRgn

advapi32

CreateServiceW
CryptDecrypt
RegSetValueA
RegEnumValueA
LookupAccountNameA
CryptVerifySignatureA
CryptGetUserKey
RegOpenKeyA
CryptEnumProviderTypesA
RegOpenKeyExW

kernel32

GetLocaleInfoW
GetOEMCP
GetEnvironmentStrings
GetLastError
GetUserDefaultLCID
GetStringTypeW
GetNamedPipeInfo
IsBadWritePtr
GetLocaleInfoA
GetModuleHandleA
GetTickCount
LCMapStringW
GetDateFormatA
EnumDateFormatsA
FreeEnvironmentStringsW
TlsSetValue
EnumSystemLocalesA
LCMapStringA
FoldStringW
FindResourceExA
GetStringTypeA
LoadLibraryA
CompareStringW
GetCurrentThread
GetCPInfo
GetCurrentThreadId
WaitForDebugEvent
SetLastError
GetCurrentProcessId
GetModuleFileNameW
TlsFree
HeapCreate
WritePrivateProfileSectionA
GetCurrentProcess
FreeEnvironmentStringsA
GlobalSize
RtlUnwind
LocalAlloc
TerminateProcess
HeapAlloc
CreatePipe
CreateProcessW
VirtualAlloc
EnumCalendarInfoA
GlobalFindAtomA
lstrcat
GetTimeZoneInformation
HeapDestroy
DeleteCriticalSection
FindNextFileA
EnterCriticalSection
SetHandleCount
InterlockedExchange
MultiByteToWideChar
HeapReAlloc
TlsGetValue
TlsAlloc
GetSystemTimeAsFileTime
InitializeCriticalSection
VirtualQuery
GetStartupInfoA
CompareStringA
UnhandledExceptionFilter
AddAtomW
WideCharToMultiByte
GetStdHandle
EnumDateFormatsExW
ReadConsoleOutputCharacterA
QueryPerformanceCounter
ExitProcess
HeapSize
LeaveCriticalSection
WriteFile
HeapFree
GetFileType
GetTimeFormatA
VirtualFree
GetProfileStringW
IsValidCodePage
FreeResource
IsValidLocale
GetEnvironmentStringsW
GetACP
GetCommandLineA
CreateWaitableTimerA
GetSystemInfo
InterlockedCompareExchange
GetVersionExA
GetModuleFileNameA
VirtualProtect
LoadModule
SetEnvironmentVariableA
GetProcAddress
CloseHandle

Sections

.text
Size: 123KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 307KB - Virtual size: 306KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b0882be214e1c236152b3fe0682dc534

Headers

File Characteristics

Imports

comdlg32

shell32

gdi32

advapi32

kernel32

Sections

.text Size: 123KB - Virtual size: 123KB

.data Size: 307KB - Virtual size: 306KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 123KB - Virtual size: 123KB

.data
Size: 307KB - Virtual size: 306KB

.rsrc
Size: 7KB - Virtual size: 7KB