2d01c0b25eeab471086e03158a966670N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

2d01c0b25eeab471086e03158a966670N.exe
Size

507KB
MD5

2d01c0b25eeab471086e03158a966670
SHA1

42cb26364ad1639dad324b664f531a80dc32195c
SHA256

b103f57b3e68ce20578676f3d915d2528279def2c355066c2ee8d9ed3855d25b
SHA512

ea0c20b4ac94559a6955c556c5b380bbd69bf02ac2b48733dc0d5d371a095c8a67ef1d0ce6ec43b36c5e2d7bcc9e49ea8b92726f9da4bbcf0e026fcba83f400c
SSDEEP

6144:QeDghoH4aigqnq3OuXh/hJao1gO4TJyIlhpJnjvTB3BKfdkagu7Q6jVictfY:QCcoH4BtU/GjOoJzB3Aiad7QYVisfY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d01c0b25eeab471086e03158a966670N.exe

Files

2d01c0b25eeab471086e03158a966670N.exe
.dll windows:6 windows x86 arch:x86

5c60696ac90c244e096b25546a13f2ab

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetModuleFileNameA
GetOEMCP
GetACP
IsValidCodePage
GetFileType
GetStdHandle
HeapSize
GetModuleHandleExW
ExitProcess
GetProcessHeap
IsDebuggerPresent
GetUserDefaultLCID
IsValidLocale
LCMapStringW
GetProcAddress
GetModuleHandleW
WriteFile
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
Sleep
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
HeapAlloc
RtlUnwind
RaiseException
GetCPInfo
GetCurrentThreadId
HeapFree
GetLastError
GetStringTypeW
MultiByteToWideChar
DeleteCriticalSection
LeaveCriticalSection
DecodePointer
CloseHandle
FlushFileBuffers
GetConsoleCP
GetConsoleMode
ReadFile
SetFilePointerEx
HeapReAlloc
GetWindowsDirectoryA
OutputDebugStringW
SetStdHandle
WriteConsoleW
ReadConsoleW
CreateFileW
EnumSystemLocalesW
GetLocaleInfoW
GetTickCount
GetEnvironmentVariableW
DeleteFileA
EnterCriticalSection
GetSystemDirectoryA
Beep
InitializeCriticalSectionAndSpinCount
CreatePipe
ExpandEnvironmentStringsA
SetCommBreak
LoadLibraryExW
MapViewOfFile
CreateFileA
GetCommandLineW
LocalFree
GetCurrentProcessId
FindNextFileW
CompareStringW
TerminateProcess
CreateProcessA
WaitForSingleObjectEx
GetCurrentProcess
QueryPerformanceCounter
GetTimeZoneInformation
GetModuleFileNameW
GetCommandLineA
GetStartupInfoW
WideCharToMultiByte
EncodePointer

user32

DestroyWindow
DrawIconEx
InflateRect
ScrollWindow
PostQuitMessage
MessageBeep
CreateIconIndirect
ShowCursor
GetWindowPlacement
CreateCaret
UnregisterClassA
DrawStateW
DestroyCaret
IsWindow
GetSystemMetrics
InsertMenuA
ClientToScreen
SetCursor
MapDialogRect
MsgWaitForMultipleObjects
IsZoomed
CreateMenu
SetWindowLongA
SetClassLongA
RemoveMenu
CheckRadioButton
BeginDeferWindowPos
GetWindowThreadProcessId
SetKeyboardState
GetWindowTextLengthA
SetScrollRange
DrawFocusRect
SetPropA
InvalidateRect
GetSysColor
SetMenu
PostMessageA
SetCaretPos
LoadCursorA
ToUnicode
TranslateMDISysAccel
GetMessageTime
IsRectEmpty
SetWindowRgn
GetKeyboardLayout
ScrollWindowEx
IsIconic
SetCapture
SetParent
GetDC
GetQueueStatus
CheckMenuRadioItem
MessageBoxA
SetScrollPos
DestroyCursor
GetDesktopWindow
EnableScrollBar
MessageBoxW
SetWindowTextA

gdi32

SetTextColor
GetCharacterPlacementW
SetMapMode
ExtTextOutA
ExtFloodFill
CreateBitmap
Ellipse
GetObjectType
SetLayout
GetMetaFileBitsEx
CreateFontIndirectA
SelectObject
PolyPolyline
OffsetRgn
GetCurrentPositionEx
CloseEnhMetaFile
GetBitmapBits
MoveToEx
EndPage
BitBlt
GetWindowOrgEx
PatBlt
StretchBlt
GetDIBits
GetTextExtentExPointA
CreateRectRgn
RectVisible
GetStockObject
CreateEnhMetaFileW
RestoreDC
ExtCreatePen
TranslateCharsetInfo
CreatePalette
GetPaletteEntries
Rectangle
ExtCreateRegion
GetTextExtentPointW
CreatePen
CreateHalftonePalette

advapi32

RegOpenKeyExA
SetSecurityDescriptorDacl
GetUserNameA

Sections

.text
Size: 388KB - Virtual size: 388KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5c60696ac90c244e096b25546a13f2ab

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 388KB - Virtual size: 388KB

.rdata Size: 83KB - Virtual size: 82KB

.data Size: 19KB - Virtual size: 54KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 15KB - Virtual size: 14KB

.text
Size: 388KB - Virtual size: 388KB

.rdata
Size: 83KB - Virtual size: 82KB

.data
Size: 19KB - Virtual size: 54KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 15KB - Virtual size: 14KB