8e835926101e52fda6eb78bfd19de530N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

8e835926101e52fda6eb78bfd19de530N.exe
Size

277KB
MD5

8e835926101e52fda6eb78bfd19de530
SHA1

79f7dccd0988846548fd6117d1a5efa9a29a0a5a
SHA256

039fc087b3471228b0be1f67091597e17f33e4cd04b0d2b4be5428657e314631
SHA512

7d463ab209a3bf7915b72bedcf04e1c9fb4e6040f646abe5c32647a4d133593998590abe1f6f2cbe0d1049530a74b71ca0bcc4d82b431c3e804b117289a2cf7e
SSDEEP

6144:pKc/IhkkuPEO9JgoJc7Heh9O1rYVBEbdIaCO1XbTEZFK5m:pKcMEPE4go/GJbdkO1LT9m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e835926101e52fda6eb78bfd19de530N.exe

Files

8e835926101e52fda6eb78bfd19de530N.exe
.exe windows:5 windows x86 arch:x86

cc62b75adce9b70627c15876c4f2e2b3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetPriorityClass
SetStdHandle
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
SetLastError
UnhandledExceptionFilter
VirtualFree
VirtualProtect
VirtualQuery
WideCharToMultiByte
WriteFile
WritePrivateProfileStringA
SetHandleInformation
SetHandleCount
SetFilePointer
GetModuleHandleA
SetFileAttributesA
SetEvent
SetErrorMode
SetEnvironmentVariableW
SetEnvironmentVariableA
SetEndOfFile
SetCurrentDirectoryW
SetCurrentDirectoryA
RtlUnwind
ResumeThread
ReplaceFileW
RemoveDirectoryW
RemoveDirectoryA
ReadFile
RaiseException
QueryPerformanceFrequency
QueryPerformanceCounter
Process32Next
PeekNamedPipe
MultiByteToWideChar
MoveFileW
MoveFileA
LocalFree
LocalAlloc
LoadLibraryW
LoadLibraryA
LeaveCriticalSection
LCMapStringW
LCMapStringA
IsValidCodePage
IsBadWritePtr
IsBadReadPtr
IsBadCodePtr
InterlockedIncrement
InterlockedExchange
InitializeCriticalSection
HeapSize
HeapReAlloc
HeapFree
HeapDestroy
HeapCreate
HeapAlloc
GlobalUnfix
GetVolumeInformationW
GetVolumeInformationA
GetUserDefaultLangID
GetUserDefaultLCID
GetTimeZoneInformation
GetTickCount
GetSystemTimeAsFileTime
GetSystemTime
GetSystemInfo
GetSystemDirectoryA
GetStringTypeW
GetStringTypeA
GetStdHandle
GetStartupInfoA
GetProcAddress
GetPrivateProfileStringA
GetPrivateProfileSectionA
GetOverlappedResult
GetOEMCP
GetModuleHandleW
GetModuleFileNameW
GetModuleFileNameA
GetLogicalDrives
GetLastError
GetFullPathNameW
GetFullPathNameA
GetFileType
GetFileSize
GetFileInformationByHandle
GetFileAttributesW
GetFileAttributesA
GetEnvironmentStringsW
GetEnvironmentStrings
GetDriveTypeW
GetDriveTypeA
GetDiskFreeSpaceW
GetDiskFreeSpaceExW
GetDiskFreeSpaceExA
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetCurrentDirectoryW
GetCurrentDirectoryA
GetCurrencyFormatA
GetCommandLineA
GetCPInfo
GetBinaryTypeW
GetACP
FreeLibrary
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FormatMessageW
FormatMessageA
FlushFileBuffers
FindNextVolumeA
FindNextFileW
FindNextFileA
FindFirstFileW
FindFirstFileA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
ExitThread
ExitProcess
EnumUILanguagesW
EnumSystemLocalesA
EnterCriticalSection
DeleteFileW
DeleteFileA
DeleteCriticalSection
CreateThread
CreateProcessW
CreateProcessA
CreatePipe
CreateMutexW
CreateMutexA
CreateFileW
CreateFileA
CreateEventA
CreateDirectoryW
CreateDirectoryA
CopyFileExW
CompareStringW
CompareStringA
CloseHandle
CancelIo
AddAtomW
VirtualAlloc
TlsSetValue

user32

TrackPopupMenu
SetScrollInfo
SetMessageExtraInfo
SetClassLongA
SendDlgItemMessageA
RegisterWindowMessageA
OpenDesktopW
IsCharUpperW
GetMenuStringA
GetMenuItemInfoW
GetMenuBarInfo
GetIconInfo
DispatchMessageW
DispatchMessageA
DefFrameProcW
DdeCreateDataHandle
CreateMDIWindowA
CloseWindowStation
CallNextHookEx
AdjustWindowRectEx
LoadCursorW
GetSystemMetrics
IsCharAlphaA
GetWindowTextLengthA
GetTopWindow
WindowFromDC
GetThreadDesktop
VkKeyScanW
GetSysColorBrush
GetWindowDC
GetWindowContextHelpId
GetWindowTextLengthW
ScreenToClient

gdi32

PolyTextOutW
PolyBezier
Pie
PatBlt
PaintRgn
OffsetRgn
MoveToEx
ModifyWorldTransform
MaskBlt
LineTo
InvertRgn
GetWindowExtEx
GetTextMetricsW
GetTextMetricsA
GetTextExtentPoint32W
GetTextCharsetInfo
GetSystemPaletteUse
GetSystemPaletteEntries
GetStockObject
GetRgnBox
GetRegionData
GetPaletteEntries
GetObjectW
GetObjectA
GetNearestPaletteIndex
GetGlyphOutlineW
GetGlyphOutlineA
GetFontData
GetDeviceCaps
GetDIBits
GetCurrentPositionEx
GetClipRgn
GetCharABCWidthsW
GetCharABCWidthsFloatW
GetCharABCWidthsA
GdiPlayPrivatePageEMF
GdiPlayJournal
GdiPlayEMF
GdiFlush
FillPath
ExtTextOutW
ExtCreateRegion
ExtCreatePen
EqualRgn
EnumFontFamiliesExW
EnumFontFamiliesExA
EngDeleteSemaphore
EndPath
Ellipse
DeleteObject
DeleteDC
CreateSolidBrush
Polygon
CreatePolygonRgn
CreatePen
CreatePatternBrush
CreatePalette
CreateHatchBrush
CreateFontIndirectW
CreateFontIndirectA
CreateEllipticRgn
CreateDIBSection
CreateCompatibleDC
CreateCompatibleBitmap
CreateBitmap
CombineRgn
ColorCorrectPalette
Chord
BitBlt
BeginPath
Arc
AddFontResourceA
GetLayout
GetDCPenColor
GetPolyFillMode
GetEnhMetaFileW
GetObjectType
GetMapMode
GetDCBrushColor
GetBkMode
GetEnhMetaFileA
GetPixelFormat
GetBkColor
GetFontLanguageInfo
GetGraphicsMode
GetColorSpace
GetROP2
Polyline
PtInRegion
RealizePalette
RectInRegion
Rectangle
ResizePalette
SetDIBitsToDevice
RoundRect
STROBJ_dwGetCodePage
SelectClipRgn
SelectObject
SetGraphicsMode
SetMapMode
SetPaletteEntries
SetPixelV
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextAlign
SetTextColor
SetWindowOrgEx
SetWorldTransform
StretchBlt
StretchDIBits
StrokePath
TextOutA
TextOutW
UnrealizeObject
SelectPalette
SetBkColor
SetBkMode
CreateRectRgn
SetBrushOrgEx

advapi32

OpenProcessToken
AdjustTokenPrivileges
RegOpenKeyW
RegQueryValueExW
RegSetValueExW
RegSetValueExA
RegQueryValueExA
RegOpenKeyExW
RegOpenKeyExA
RegFlushKey
RegCreateKeyExW
RegCreateKeyExA
RegCloseKey
LookupPrivilegeValueA

shell32

SHFileOperation
Shell_NotifyIconW
ShellExecuteExW
ShellExecuteExA
ShellAboutW
ShellAboutA
SHGetSpecialFolderPathW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetPathFromIDListA
SHGetMalloc
SHFormatDrive
SHBrowseForFolderA
SHBrowseForFolder
ExtractIconExA
ExtractIconEx
ExtractAssociatedIconW
DragQueryFileW
CheckEscapesW

ole32

CoLockObjectExternal
CoUninitialize
DoDragDrop
OleInitialize
OleUninitialize
RegisterDragDrop
ReleaseStgMedium
RevokeDragDrop
StringFromGUID2
CoGetMalloc
CoCreateInstance
CoCreateGuid
CoInitialize

shlwapi

StrCmpNW
StrStrIW
StrCmpNIW

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 246KB - Virtual size: 246KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cc62b75adce9b70627c15876c4f2e2b3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 246KB - Virtual size: 246KB

.data Size: 20KB - Virtual size: 20KB

.rsrc Size: 512B - Virtual size: 16B

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 246KB - Virtual size: 246KB

.data
Size: 20KB - Virtual size: 20KB

.rsrc
Size: 512B - Virtual size: 16B