5230228ec2001678ef4fb2a40e0f15c0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

5230228ec2001678ef4fb2a40e0f15c0N.exe
Size

180KB
MD5

5230228ec2001678ef4fb2a40e0f15c0
SHA1

025ccd8f71ca6b20c2fe9b555d7b8ecd3069ae88
SHA256

6603c0a62d2e2ade7844584f944ad760ef4a77cb72f99fe2f617eb9012dbc785
SHA512

ddbee959a95d1de0f1ad15759277fcc5806310d56d2009469719bf4552ce053191aafd6a1a777904e6a8fa8792f5f9bd9f4659edebbfe103b782b6afce1ef2b2
SSDEEP

3072:UGUGCp29KzlcmDs2U0ezrcRqwGamSRLkPmEZpVarH/43ZJiObv:NC7zlcmDs2U03RHzUbVaU3JT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5230228ec2001678ef4fb2a40e0f15c0N.exe

Files

5230228ec2001678ef4fb2a40e0f15c0N.exe
.dll regsvr32 windows:4 windows x86 arch:x86

9c747aaccb86a9c3ed01eb29bfaf626d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WaitForSingleObject
CreateMutexA
OpenEventA
GetModuleHandleA
CreateEventA
GetCurrentProcessId
lstrcatA
CreateProcessA
GetCurrentThreadId
CloseHandle
ReleaseMutex
GetModuleFileNameA
lstrlenA
LoadLibraryA
GetLastError
GetProcAddress
InterlockedDecrement
InterlockedIncrement
GetCommandLineA
lstrcmpiA
EnterCriticalSection
MultiByteToWideChar
LeaveCriticalSection
DeleteCriticalSection
HeapDestroy
InitializeCriticalSection
DisableThreadLibraryCalls
FlushInstructionCache
GetCurrentProcess
WideCharToMultiByte
lstrlenW

user32

DrawTextA
FillRect
ReleaseDC
SetWindowPos
SetDlgItemTextA
GetDlgItem
SetWindowLongA
CallWindowProcA
GetDC
MessageBoxA
DialogBoxParamA
RegisterClassExA
wsprintfA
CreateWindowExA
GetWindowLongA
LoadCursorA
EqualRect
OffsetRect
SetWindowRgn
IsChild
DefWindowProcA
SetFocus
ShowWindow
GetFocus
GetParent
UnionRect
PtInRect
DestroyWindow
InvalidateRect
IsWindow
EndPaint
BeginPaint
GetClientRect
EndDialog
GetClassInfoExA
LoadStringA
GetKeyState
IntersectRect

gdi32

RestoreDC
SetViewportOrgEx
SetWindowOrgEx
SetMapMode
SaveDC
LPtoDP
GetDeviceCaps
CreateDCA
CreateRectRgnIndirect
DeleteDC

advapi32

RegDeleteValueA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegDeleteKeyA
RegEnumKeyExA

ole32

CoTaskMemFree
OleLoadFromStream
OleRegGetMiscStatus
CreateOleAdviseHolder
OleRegGetUserType
OleRegEnumVerbs
OleSaveToStream
WriteClassStm
CLSIDFromString
CoUninitialize
CoInitialize

oleaut32

SysStringByteLen
VariantChangeType
OleCreatePropertyFrame
VariantClear
SysFreeString
SysAllocString
SysAllocStringByteLen

msvcrt

getenv
memcmp
strcat
sprintf
??2@YAPAXI@Z
_EH_prolog
_except_handler3
strstr
_local_unwind2
__CxxFrameHandler
??3@YAXPAX@Z
free
_purecall
memcpy
memset
_strdup
_initterm
malloc
_adjust_fdiv

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
NP_GetEntryPoints
NP_Initialize
NP_Shutdown
NSCanUnload
NSGetFactory
NSRegisterSelf
NSUnregisterSelf

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9c747aaccb86a9c3ed01eb29bfaf626d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

msvcrt

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 20KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 32KB - Virtual size: 29KB

.reloc Size: 4KB - Virtual size: 2KB

.text Size: 104KB - Virtual size: 104KB

.text
Size: 24KB - Virtual size: 20KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 32KB - Virtual size: 29KB

.reloc
Size: 4KB - Virtual size: 2KB

.text
Size: 104KB - Virtual size: 104KB