0c86ba81b28a42718d19ec346517ddb0N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

0c86ba81b28a42718d19ec346517ddb0N.exe
Size

215KB
MD5

0c86ba81b28a42718d19ec346517ddb0
SHA1

e75a936dd4bfb056bd767bfa9292b083eff4e1c8
SHA256

64b1f5269dbf3a12dfa3c5ba8c89cd26f94b84dd0aeee68478e463327b4aab0d
SHA512

dd90c1d0845076f6247d8b28b8084730d2a45617d2ee38cda635fe4b63fdbf553d2cd9ba715217ce57fc1f49a78a3e1d2c8fe982b0340b8200d0322a2b815631
SSDEEP

3072:VoAbvJrZ/CEp1Td3INNAILgwKRpP3fJ2pwLAt/iw1JmWTe1eyfLUH+xW6Lyk:V7vJN/CE/TZINiPPBIwcuWTegi9W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c86ba81b28a42718d19ec346517ddb0N.exe

Files

0c86ba81b28a42718d19ec346517ddb0N.exe
.exe windows:1 windows x86 arch:x86

a0f41bd5de82cbb844f692b48ffd09bd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddAtomA
GetFileTime
GetPriorityClass
OpenMutexW
lstrcatA
GetShortPathNameW
GlobalFindAtomW
GetWindowsDirectoryW
GetProcAddress
GetDateFormatW
CreateMutexA
GetModuleHandleA
CopyFileA
lstrcmpW
CreateFileMappingW
FindAtomW
GetLastError
GetExpandedNameA
OpenEventA
GetUserDefaultLangID
CreateFileMappingA
CreateDirectoryA
ReadDirectoryChangesW
GetCurrentDirectoryA
lstrcmpA
FatalAppExitW
SetEvent
GetEnvironmentStringsW
GetExpandedNameW
lstrlenA
GetNumberFormatW
GetFileType
EnumDateFormatsW
DosDateTimeToFileTime
GetStringTypeA
lstrcmpW
IsBadReadPtr
EndUpdateResourceA
TlsAlloc
OpenSemaphoreW
GetStartupInfoW
GetCurrentProcess
GetFullPathNameA
GetTickCount
GetHandleInformation
GetCurrentThread
GetTempPathW
OpenEventW
GetFullPathNameW
EnumTimeFormatsW
GetVolumeInformationW
FatalAppExitA
lstrcpyA
lstrlenW
CreateNamedPipeW
lstrcmp
FileTimeToSystemTime
GetAtomNameW
DisconnectNamedPipe

user32

CharNextW
EnumDesktopsW
MessageBeep
DialogBoxParamA
GetClassNameW
CallWindowProcA
InsertMenuItemA
SetCursor
FlashWindow
WaitForInputIdle
EnumDesktopsA
RegisterClassExW
ChildWindowFromPoint
LoadBitmapW
CharLowerA
GetForegroundWindow
DrawTextW
UnregisterClassA
CopyImage
CreateDialogParamA
GetDlgItemInt
CopyRect
SetWindowLongW
DefDlgProcW
SetWindowTextW
EnableMenuItem
CreateDialogParamW
GetScrollPos
GetSysColor
GetMenuItemInfoA
RegisterClassA
LoadImageW
DialogBoxParamW
DefWindowProcA
GetClassInfoW
PeekMessageW
GetDC
DefFrameProcW
GetClassInfoExW
wvsprintfA
GetWindowTextLengthA
DeleteMenu
CopyIcon
SetCursorPos
SendMessageW
FindWindowW
CreatePopupMenu
ActivateKeyboardLayout
LoadCursorW
IsIconic
wvsprintfW
MessageBoxA
GetSubMenu
SetDlgItemTextA
IsWindow

gdi32

SelectClipPath
SetROP2
SetDIBits
CreateFontW
GetFontData
GetDeviceCaps
GetArcDirection
GetGraphicsMode
CloseMetaFile
SetViewportOrgEx
EnumFontFamiliesW
EnumFontFamiliesExW
ExtEscape
CreateSolidBrush
GetClipRgn
GetPaletteEntries
CreateMetaFileA
GetEnhMetaFileHeader
RemoveFontResourceW
GetICMProfileW
GetCharABCWidthsFloatA

advapi32

RegSetValueA
RegEnumValueW
RegEnumKeyW
RegFlushKey
RegDeleteKeyW
RegRestoreKeyW
RegDeleteValueA
RegQueryInfoKeyA

shell32

StrNCmpIA
StrCmpNIW
ShellExecuteW
SHBrowseForFolderW

comdlg32

PrintDlgA
GetFileTitleW
PrintDlgExA
PageSetupDlgW
ReplaceTextA
ReplaceTextW
GetSaveFileNameW
ChooseFontA
PrintDlgExW
PageSetupDlgA
LoadAlterBitmap

ole32

CoGetClassObject
GetClassFile
CoGetInstanceFromIStorage
BindMoniker
CoGetDefaultContext
OleUninitialize
CoCreateInstance
CoGetMalloc

ws2_32

WSADuplicateSocketW
send
getservbyport
WSADuplicateSocketA
accept
gethostname

winmm

mixerClose
midiInAddBuffer
PlaySound
midiInPrepareHeader
midiInGetID
mmioAscend
waveInGetNumDevs
mmioClose

winspool.drv

EnumPrintProcessorsW
EnumPrintersA
StartDocDlgA
EnumPrintProcessorsA
ConvertAnsiDevModeToUnicodeDevmode
StartPagePrinter
GetPrintProcessorDirectoryW
AddPrinterW
SetPrinterDataA

inetcomm

EssReceiptRequestDecodeEx
MimeOleParseMhtmlUrl
EssSecurityLabelEncodeEx
MimeOleGetCodePageInfo
MimeOleSMimeCapAddSMimeCap
MimeOleOpenFileStream
MimeOleSMimeCapGetEncAlg
MimeEditDocumentFromStream

oledlg

OleUIObjectPropertiesA
OleUIEditLinksW
OleUIInsertObjectA
OleUIPasteSpecialA
OleUIChangeSourceA
OleUIBusyW
OleUIChangeIconW
OleUIInsertObjectW

wsock32

WSAStartup
GetNameByTypeW
WSASetBlockingHook
EnumProtocolsA
htons
WSAStartup
select
send

Sections

.rdata
Size: 1KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 7KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 1024B - Virtual size: 22KB

IMAGE_SCN_MEM_READ

.edata
Size: 1KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 1KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 1KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 171KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a0f41bd5de82cbb844f692b48ffd09bd

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

comdlg32

ole32

ws2_32

winmm

winspool.drv

inetcomm

oledlg

wsock32

Sections

.rdata Size: 1KB - Virtual size: 26KB

.edata Size: 1024B - Virtual size: 7KB

.rdata Size: 13KB - Virtual size: 12KB

.rdata Size: 6KB - Virtual size: 6KB

.edata Size: 1024B - Virtual size: 22KB

.edata Size: 1KB - Virtual size: 17KB

.rdata Size: 1024B - Virtual size: 4KB

.edata Size: 1KB - Virtual size: 12KB

.data Size: 12KB - Virtual size: 15KB

.rdata Size: 1024B - Virtual size: 6KB

.edata Size: 1KB - Virtual size: 15KB

.rsrc Size: 171KB - Virtual size: 171KB

.reloc Size: 1024B - Virtual size: 36KB

.rdata
Size: 1KB - Virtual size: 26KB

.edata
Size: 1024B - Virtual size: 7KB

.rdata
Size: 13KB - Virtual size: 12KB

.rdata
Size: 6KB - Virtual size: 6KB

.edata
Size: 1024B - Virtual size: 22KB

.edata
Size: 1KB - Virtual size: 17KB

.rdata
Size: 1024B - Virtual size: 4KB

.edata
Size: 1KB - Virtual size: 12KB

.data
Size: 12KB - Virtual size: 15KB

.rdata
Size: 1024B - Virtual size: 6KB

.edata
Size: 1KB - Virtual size: 15KB

.rsrc
Size: 171KB - Virtual size: 171KB

.reloc
Size: 1024B - Virtual size: 36KB