988fab481d43dcff4f633916ca936c80N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

988fab481d43dcff4f633916ca936c80N.exe
Size

6.1MB
MD5

988fab481d43dcff4f633916ca936c80
SHA1

7f3bb927024a82c6e7ad2403227c53b07fd4b4ea
SHA256

cddb93df8ace4ea51a02c4057e16bb8b77b0afd6b5a75482faa3c387ca6decd4
SHA512

37b25310c45609e35603100f65aa60f79b3dff93a21fedc400cc7e98bb8307837d760b6f6f36a9cd41800caac5b4f2337aca9846e913d5fd1adf5c3959d45ea6
SSDEEP

49152:WVuog8XrNEnOJqx7ac7OT/+Um3RhgJIC9E+64WUOWWu0ks97zPokaoBxyPMufZ8E:dogI6nOJqxhyTX64HZ85PPH9k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
988fab481d43dcff4f633916ca936c80N.exe

Files

988fab481d43dcff4f633916ca936c80N.exe
.exe windows:4 windows x86 arch:x86

c680cd2312df277f74d0aefa3c7c47ca

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentDirectoryA
GetFullPathNameA
GetConsoleMode
SetConsoleMode
ReadConsoleInputA
FileTimeToLocalFileTime
FileTimeToSystemTime
IsBadCodePtr
IsBadReadPtr
SetConsoleCtrlHandler
RaiseException
FlushConsoleInputBuffer
lstrlenA
GetLocaleInfoA
VirtualQuery
VirtualProtect
SetStdHandle
SetEnvironmentVariableA
GetOEMCP
GetACP
CompareStringW
GetCPInfo
CompareStringA
GetStringTypeW
GetStringTypeA
LCMapStringA
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
HeapSize
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
RtlUnwind
HeapReAlloc
ExitProcess
GetCommandLineA
GetStartupInfoA
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
SetLastError
GetModuleHandleA
MoveFileExA
LocalAlloc
LocalLock
LocalUnlock
LocalFree
GetSystemInfo
GlobalMemoryStatus
GetDriveTypeA
GetTimeZoneInformation
GetCurrentThreadId
GetTickCount
GetSystemDirectoryA
SetEndOfFile
FlushFileBuffers
WriteFile
UnlockFile
LockFile
ReadFile
SetFilePointer
LockResource
LoadResource
SizeofResource
FindResourceA
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetVersionExA
FreeLibrary
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameA
SetErrorMode
GetProcAddress
LoadLibraryA
GetProfileStringA
InterlockedDecrement
MapViewOfFile
CreateFileMappingA
CreateEventA
RemoveDirectoryA
GetCurrentProcess
DuplicateHandle
ResetEvent
OpenProcess
TerminateProcess
WaitForSingleObject
GetExitCodeProcess
CreateProcessA
Beep
FindNextFileA
SetFileAttributesA
GetFileSize
CloseHandle
CreateFileA
FindClose
FindFirstFileA
GetLastError
GetDiskFreeSpaceA
WideCharToMultiByte
MultiByteToWideChar
SetUnhandledExceptionFilter
DeleteFileA
Sleep
CreateDirectoryA
LCMapStringW

user32

GetSystemMetrics
SetFocus
ShowWindow
CreateWindowExA
RegisterClassA
wsprintfA
ReleaseDC
GetWindowDC
DrawIcon
MessageBoxA
GetKeyState
GetClipboardData
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
FillRect
FrameRect
GetClientRect
GetWindowLongA
SetWindowLongA
DestroyWindow
DefWindowProcA
SetScrollPos
GetUpdateRect
GetKeyboardState
SetCaretPos
ShowCaret
HideCaret
CreateCaret
GetDC
EnumDisplaySettingsA
GetWindowThreadProcessId
SendMessageA
EnumWindows
BeginPaint
EndPaint
LoadIconA
LoadCursorA
SetRect
SystemParametersInfoA
WaitForInputIdle
PostMessageA
KillTimer
SetTimer
GetFocus
LoadImageA
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
GetQueueStatus
InvalidateRect
UpdateWindow
SetWindowPos
RegisterClassExA
GetCursorPos
PtInRect
ShowScrollBar
SetScrollInfo
PostQuitMessage
GetDesktopWindow

winspool.drv

ClosePrinter
EndDocPrinter
DeviceCapabilitiesA
DocumentPropertiesA
EndPagePrinter
OpenPrinterA
StartDocPrinterA
StartPagePrinter
WritePrinter

gdi32

RealizePalette
SelectPalette
GetDIBColorTable
CreateHalftonePalette
GetObjectA
PtInRegion
EndDoc
AbortDoc
Escape
CloseEnhMetaFile
DeleteEnhMetaFile
EndPage
StartDocA
StartPage
SetTextCharacterExtra
BitBlt
FrameRgn
GetRgnBox
CreateFontIndirectA
SetBkColor
CreatePalette
CreateBitmap
CreatePen
CreateSolidBrush
SelectClipRgn
SelectObject
SetBkMode
SetTextAlign
GetTextExtentPointA
PatBlt
StretchBlt
SetStretchBltMode
MoveToEx
TextOutA
DeleteObject
CreateCompatibleDC
CreateRectRgn
DeleteDC
GetDeviceCaps
GetStockObject
SetRectRgn
CombineRgn
PaintRgn
LineTo
GetTextMetricsA
CreateDCA
CreateCompatibleBitmap
CreateEnhMetaFileA
SetEnhMetaFileBits
GetEnhMetaFileHeader
PlayEnhMetaFile
GetDIBits
SetTextJustification
SetTextColor
GetEnhMetaFileBits

wininet

InternetCrackUrlA
InternetCanonicalizeUrlA
InternetSetFilePointer
FtpOpenFileA
HttpSendRequestExA
InternetQueryOptionA
HttpQueryInfoA
InternetWriteFile
HttpEndRequestA
InternetAttemptConnect
InternetQueryDataAvailable
InternetOpenA
InternetCloseHandle
InternetConnectA
InternetReadFile
HttpOpenRequestA
HttpSendRequestA
InternetSetOptionA
InternetCreateUrlA

wsock32

htonl
htons
socket
ntohl
WSACleanup
inet_addr
gethostbyaddr
getsockname
shutdown
connect
WSASetLastError
gethostbyname
ioctlsocket
ntohs
send
WSAGetLastError
recv
WSAAsyncSelect
accept
closesocket
WSAStartup

odbc32

ord36
ord4
ord27
ord15
ord14
ord16
ord13
ord18
ord11
ord41
ord75
ord24

advapi32

RegQueryValueExA
RegOpenKeyExA
CryptAcquireContextA
CryptReleaseContext
CryptGenRandom
RegCloseKey

rpcrt4

UuidFromStringA

rasapi32

RasHangUpA

ole32

CoInitialize
CoCreateGuid
CoCreateInstance
CoUninitialize
CLSIDFromProgID

oleaut32

VariantInit
GetErrorInfo
SysAllocString
VariantClear
SysFreeString

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 148KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 112KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c680cd2312df277f74d0aefa3c7c47ca

Headers

File Characteristics

Imports

kernel32

user32

winspool.drv

gdi32

wininet

wsock32

odbc32

advapi32

rpcrt4

rasapi32

ole32

oleaut32

Sections

.text Size: 2.1MB - Virtual size: 2.1MB

.rdata Size: 148KB - Virtual size: 145KB

.data Size: 92KB - Virtual size: 1.0MB

.data1 Size: 36KB - Virtual size: 33KB

.rsrc Size: 3.5MB - Virtual size: 3.5MB

.reloc Size: 112KB - Virtual size: 110KB

.text
Size: 2.1MB - Virtual size: 2.1MB

.rdata
Size: 148KB - Virtual size: 145KB

.data
Size: 92KB - Virtual size: 1.0MB

.data1
Size: 36KB - Virtual size: 33KB

.rsrc
Size: 3.5MB - Virtual size: 3.5MB

.reloc
Size: 112KB - Virtual size: 110KB