7e2fc0218f6ad8a0d2a6a0d08d910260N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

7e2fc0218f6ad8a0d2a6a0d08d910260N.exe
Size

480KB
MD5

7e2fc0218f6ad8a0d2a6a0d08d910260
SHA1

0f0bc675144234f04172f648a007b369be2d4ef1
SHA256

f54e409d33c1fc22b83407f6172c9d3d6798693df4a0151d35cab53d0062c598
SHA512

93ea23dd5a7e22cadc8c743bb21742b4f551053e76dc4211048ca2bb85c0ea57594f289a82b39160d6ffcfc7c63ef7a4b04e678c0a6f99c339425c5f158c6f66
SSDEEP

12288:Y1TK9ETz+mPm1tJ3tn3ILoi3PT2x+xc+abVBQ23:kTKGz+mY3iKx7j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7e2fc0218f6ad8a0d2a6a0d08d910260N.exe

Files

7e2fc0218f6ad8a0d2a6a0d08d910260N.exe
.exe windows:4 windows x86 arch:x86

0f41874b19f2f68656ee61dcebd21c34

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocalTime
GetModuleFileNameA
HeapDestroy
GetStartupInfoA
DeleteCriticalSection
LCMapStringW
GetModuleFileNameW
SetStdHandle
RtlUnwind
CompareStringW
FlushFileBuffers
IsBadWritePtr
HeapReAlloc
FreeEnvironmentStringsA
GetStringTypeW
FreeEnvironmentStringsW
GetFileType
InterlockedIncrement
lstrcat
MultiByteToWideChar
CloseHandle
GetCurrentThread
SetLastError
EnterCriticalSection
GetSystemTime
GetCurrentProcess
GetEnvironmentStrings
GetModuleHandleA
ReadFile
WriteFile
GetTickCount
OpenFileMappingA
GetStdHandle
InterlockedDecrement
GetCurrentProcessId
GetCommandLineW
TlsSetValue
GetVersion
LCMapStringA
QueryPerformanceCounter
TlsGetValue
GetCurrentThreadId
TlsAlloc
SetEnvironmentVariableA
HeapAlloc
TerminateProcess
LeaveCriticalSection
OpenMutexA
InitializeCriticalSection
HeapCreate
TlsFree
CreateMutexA
WideCharToMultiByte
CompareStringA
GetProfileStringW
VirtualFree
HeapFree
VirtualAlloc
GetProcAddress
GetCalendarInfoW
UnhandledExceptionFilter
GetLastError
FormatMessageA
InterlockedExchange
GetEnvironmentStringsW
GetTimeZoneInformation
GetCPInfo
GetCommandLineA
SetFilePointer
ExitProcess
GetStringTypeA
GetStartupInfoW
SetFileAttributesW
LoadLibraryA
VirtualQuery
SetHandleCount
GetSystemTimeAsFileTime

user32

ShowScrollBar
OemToCharBuffW
GetMonitorInfoW
ScreenToClient
RegisterClassExA
GetClipboardViewer
DdeDisconnect
GetThreadDesktop
RegisterClassA
SendDlgItemMessageW
GetClassNameW
DrawTextExW
GetClipboardData

comctl32

ImageList_Duplicate
ImageList_Destroy
InitCommonControlsEx
ImageList_Create
ImageList_DrawEx
ImageList_GetImageCount
ImageList_Remove
ImageList_Write
ImageList_GetIcon
ImageList_DragEnter
DrawInsert
_TrackMouseEvent
ImageList_SetFlags
ImageList_LoadImageA
ImageList_SetOverlayImage
ImageList_GetFlags
ImageList_GetDragImage
CreateStatusWindowW
CreateUpDownControl
DrawStatusText
ImageList_Draw
ImageList_DragMove

Sections

.text
Size: 316KB - Virtual size: 316KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0f41874b19f2f68656ee61dcebd21c34

Headers

File Characteristics

Imports

kernel32

user32

comctl32

Sections

.text Size: 316KB - Virtual size: 316KB

.rdata Size: 35KB - Virtual size: 51KB

.data Size: 99KB - Virtual size: 99KB

.rsrc Size: 28KB - Virtual size: 28KB

.text
Size: 316KB - Virtual size: 316KB

.rdata
Size: 35KB - Virtual size: 51KB

.data
Size: 99KB - Virtual size: 99KB

.rsrc
Size: 28KB - Virtual size: 28KB