9abaabe491b02caf4d1e23097c9169f0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

9abaabe491b02caf4d1e23097c9169f0N.exe
Size

214KB
MD5

9abaabe491b02caf4d1e23097c9169f0
SHA1

aba5399c8c2c9235cf9f034916d71d74750593d6
SHA256

e0c7eec1167731b43804994f2b301b23941ce3190fb95118f81f0a35b5222804
SHA512

8a05ac4226b4debcde5b1a602949ba49eb7ff22f4f30d2632b1c4ef02efc4509ff43dec8446f04274e7183e5850b514ae04b6c8d28dd62707e9e711f35f2e81e
SSDEEP

3072:9PvH5D8Z+5l/7nTReoDZRbSs7AOAY2YCmoCMihpJ5R/IMXBJLtc689TeJYYi:9XHe+7XxzCihpJLPLsgmr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9abaabe491b02caf4d1e23097c9169f0N.exe

Files

9abaabe491b02caf4d1e23097c9169f0N.exe
.dll windows:6 windows x86 arch:x86

2f6cd2f442df4c2e229bc1391d7c2eb9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

olecli32.pdb

Imports

msvcrt

_except_handler4_common
memcpy
memset
_amsg_exit
_initterm
free
malloc
_XcptFilter

kernel32

SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
InterlockedCompareExchange
Sleep
InterlockedExchange
OpenFile
CompareStringA
GetCurrentThreadId
CloseHandle
GetDriveTypeA
LoadLibraryA
GetProcAddress
GetModuleHandleA
FreeLibrary
lstrcmpiA
lstrcmpA
LocalHandle
WinExec
lstrlenA
GlobalAddAtomA
GlobalGetAtomNameA
GlobalFindAtomA
LocalAlloc
LocalLock
LocalUnlock
LocalFree
GlobalReAlloc
GlobalSize
GlobalDeleteAtom
MulDiv
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetLastError
GetCurrentThread
IsWow64Process

advapi32

RegQueryValueA
RegOpenKeyExA
OpenProcessToken
RegOpenUserClassesRoot
OpenThreadToken
SetThreadToken
RegCloseKey

user32

EnumThreadWindows
DialogBoxParamA
GetPropA
SendDlgItemMessageA
GetDlgItemTextA
RemovePropA
EndDialog
LoadStringA
MessageBoxA
SetPropA
SetDlgItemTextA
IsWindowVisible
GetDlgItem
UnregisterClassA
RegisterClassA
EnumClipboardFormats
PeekMessageA
IsWindow
CloseClipboard
CharUpperBuffA
RegisterClipboardFormatA
GetClipboardFormatNameA
FreeDDElParam
PackDDElParam
GetWindowLongA
DefWindowProcA
CreateWindowExA
SetWindowLongA
SendMessageA
DestroyWindow
SetTimer
KillTimer
PostMessageA
UnpackDDElParam
GetClipboardData
SetClipboardData
GetDC
ReleaseDC
OpenClipboard
GetWindowThreadProcessId
IsClipboardFormatAvailable

gdi32

CopyEnhMetaFileA
GetEnhMetaFileBits
GetWinMetaFileBits
DeleteEnhMetaFile
DeleteObject
GetBitmapBits
GetObjectA
CreateBitmap
SetBitmapDimensionEx
SetBitmapBits
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
StretchBlt
SelectObject
GetEnhMetaFileHeader
SetWindowExtEx
PlayEnhMetaFileRecord
GetStockObject
StretchDIBits
RealizePalette
SelectPalette
CreatePalette
SetViewportExtEx
PlayMetaFileRecord
EnumEnhMetaFile
GetDIBits
EnumMetaFile
RestoreDC
IntersectClipRect
SaveDC
DeleteDC
CreateCompatibleDC
SetViewportOrgEx
SetMapMode
LPtoDP
DeleteMetaFile
CopyMetaFileA
CloseMetaFile
CreateMetaFileA
GetBitmapDimensionEx
SetEnhMetaFileBits
SetWindowOrgEx
SetWinMetaFileBits
Rectangle
GetMetaFileBitsEx
SetMetaFileBitsEx

mpr

WNetGetConnectionA
WNetAddConnectionA

ntdll

EtwTraceMessage

Exports

Exports

BmChangeData
BmClone
BmCopy
BmDraw
BmEnumFormat
BmEqual
BmGetData
BmQueryBounds
BmRelease
BmSaveToStream
CheckNetDrive
ConnectDlgProc
DefCreate
DefCreateFromClip
DefCreateFromFile
DefCreateFromTemplate
DefCreateInvisible
DefCreateLinkFromClip
DefCreateLinkFromFile
DefLoadFromStream
DibChangeData
DibClone
DibCopy
DibDraw
DibEnumFormat
DibEqual
DibGetData
DibQueryBounds
DibRelease
DibSaveToStream
DocWndProc
ErrActivate
ErrClose
ErrCopyFromLink
ErrExecute
ErrGetUpdateOptions
ErrObjectConvert
ErrObjectLong
ErrQueryOpen
ErrQueryOutOfDate
ErrQueryProtocol
ErrReconnect
ErrSetBounds
ErrSetData
ErrSetHostNames
ErrSetTargetDevice
ErrSetUpdateOptions
ErrShow
ErrUpdate
GenChangeData
GenClone
GenCopy
GenDraw
GenEnumFormat
GenEqual
GenGetData
GenQueryBounds
GenRelease
GenSaveToStream
GenSetData
GetTaskVisibleWindow
LeActivate
LeChangeData
LeClone
LeClose
LeCopy
LeCopyFromLink
LeCreateInvisible
LeDraw
LeEnumFormat
LeEqual
LeExecute
LeGetData
LeGetUpdateOptions
LeObjectConvert
LeObjectLong
LeQueryBounds
LeQueryOpen
LeQueryOutOfDate
LeQueryProtocol
LeQueryType
LeReconnect
LeRelease
LeSaveToStream
LeSetBounds
LeSetData
LeSetHostNames
LeSetTargetDevice
LeSetUpdateOptions
LeShow
LeUpdate
MfCallbackFunc
MfChangeData
MfClone
MfCopy
MfDraw
MfEnumFormat
MfEqual
MfGetData
MfQueryBounds
MfRelease
MfSaveToStream
ObjQueryName
ObjQuerySize
ObjQueryType
ObjRename
OleActivate
OleClone
OleClose
OleCopyFromLink
OleCopyToClipboard
OleCreate
OleCreateFromClip
OleCreateFromFile
OleCreateFromTemplate
OleCreateInvisible
OleCreateLinkFromClip
OleCreateLinkFromFile
OleDelete
OleDraw
OleEnumFormats
OleEnumObjects
OleEqual
OleExecute
OleGetData
OleGetLinkUpdateOptions
OleIsDcMeta
OleLoadFromStream
OleLockServer
OleObjectConvert
OleQueryBounds
OleQueryClientVersion
OleQueryCreateFromClip
OleQueryLinkFromClip
OleQueryName
OleQueryOpen
OleQueryOutOfDate
OleQueryProtocol
OleQueryReleaseError
OleQueryReleaseMethod
OleQueryReleaseStatus
OleQuerySize
OleQueryType
OleReconnect
OleRegisterClientDoc
OleRelease
OleRename
OleRenameClientDoc
OleRequestData
OleRevertClientDoc
OleRevokeClientDoc
OleSaveToStream
OleSavedClientDoc
OleSetBounds
OleSetColorScheme
OleSetData
OleSetHostNames
OleSetLinkUpdateOptions
OleSetTargetDevice
OleUnlockServer
OleUpdate
PbCopyToClipboard
PbCreate
PbCreateFromClip
PbCreateFromFile
PbCreateFromTemplate
PbCreateInvisible
PbCreateLinkFromClip
PbCreateLinkFromFile
PbDraw
PbEnumFormats
PbGetData
PbLoadFromStream
PbQueryBounds
SetNetName
SetNextNetDrive
SrvrWndProc
WEP

Sections

.text
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2f6cd2f442df4c2e229bc1391d7c2eb9

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

advapi32

user32

gdi32

mpr

ntdll

Exports

Exports

Sections

.text Size: 69KB - Virtual size: 68KB

.data Size: 3KB - Virtual size: 3KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 139KB - Virtual size: 139KB

.text
Size: 69KB - Virtual size: 68KB

.data
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 139KB - Virtual size: 139KB