7545454d25b2cffe52e2a3e9a582f390N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

7545454d25b2cffe52e2a3e9a582f390N.exe
Size

6.1MB
MD5

7545454d25b2cffe52e2a3e9a582f390
SHA1

2bce0b3fae7af4c1e6ce80967347801f624f1cd8
SHA256

cedd90043e5fbd8c7989640dbcddfafcea5df1a60e9ae9fe46d29a8127b44b4e
SHA512

e9248f77b67b8e31feecb962163952e325fbf941838b45c13f6866d3ce88e9ea3edc2ddae87354de2703051888ff7b3db3f21e196c8205ddf609829a8c6c1e4a
SSDEEP

98304:aCY4SxyZCHYpd1p2YpxpYjYpSkM6pYqXRDLZGJr/GdfFolz0GyffU/B+yYkvueB9:aCDZGJSMnJ2s9A00i5pjMpUs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7545454d25b2cffe52e2a3e9a582f390N.exe

Files

7545454d25b2cffe52e2a3e9a582f390N.exe
.exe windows:6 windows x86 arch:x86

e7991b5cc3bfec77dc54630e08b560a5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEnvironmentVariableW
GetVersionExA
MoveFileExW
CreateThread
SetUnhandledExceptionFilter
GetTickCount
CreateFileW
GetLastError
GetEnvironmentVariableA
GetCurrentThread
EncodePointer
GetConsoleMode
GetCurrentDirectoryW
CloseHandle
IsValidCodePage
ExitThread
FlushFileBuffers
LeaveCriticalSection
GetSystemDirectoryA
DeleteFileW
RaiseException
GetFileSizeEx
GetOEMCP
GetStartupInfoW
FreeEnvironmentStringsW
GetEnvironmentStringsW
InitializeCriticalSection
IsProcessorFeaturePresent
SetEndOfFile
SetStdHandle
FindNextFileW
FindFirstFileExW
RtlUnwind
SystemTimeToTzSpecificLocalTime
ReadConsoleW
FileTimeToSystemTime
GetStringTypeW
GetModuleHandleExW
TlsGetValue
GetCurrentThreadId
GetFileSize
DecodePointer
TlsFree
GetStdHandle
HeapSize
GetModuleHandleW
PeekNamedPipe
GetFullPathNameW
TlsAlloc
GetCurrentProcess
GetProcAddress
GetModuleFileNameW
WaitForMultipleObjects
InitializeSListHead
WriteFile
SetFilePointerEx
GetTimeZoneInformation
GetCurrentProcessId
IsDebuggerPresent
LoadLibraryExW
GetCommandLineA
ReadFile
LCMapStringW
WriteConsoleW
HeapFree
FreeLibraryAndExitThread
GetCommandLineW
CreateFileA
FormatMessageA
GetSystemTimeAsFileTime
TlsSetValue
MultiByteToWideChar
MoveFileExA
FreeLibrary
HeapAlloc
FindClose
GetConsoleOutputCP
SetLastError
WaitForSingleObject
SleepEx
ExitProcess
GetFileInformationByHandle
GetCPInfo
Sleep
GetACP
GetFileType
LoadLibraryA
UnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
QueryPerformanceCounter
EnterCriticalSection
GetModuleHandleA
WideCharToMultiByte
TerminateProcess
GetProcessHeap
GetDriveTypeW
DeleteCriticalSection
CompareStringW
HeapReAlloc
QueryPerformanceFrequency
GetFileAttributesExW

user32

UpdateWindow
TranslateMessage
DrawTextW
PostMessageW
GetClientRect
SetWindowPos
ShowWindow
GetWindowRect
EndPaint
GetSystemMetrics
SendMessageA
BeginPaint
GetMessageW
PostQuitMessage
FillRect
MessageBoxA
RegisterClassExW
DispatchMessageW
RedrawWindow
DefWindowProcW
LoadIconW
CreateWindowExW

gdi32

DeleteObject
SetTextColor
SetBkMode
CreateSolidBrush

advapi32

CryptHashData
CryptDestroyHash
CryptImportKey
CryptCreateHash
CryptReleaseContext
CryptAcquireContextA
CryptGenRandom
CryptDestroyKey
CloseServiceHandle
CryptEncrypt
CryptGetHashParam

crypt32

CertEnumCertificatesInStore
CertFreeCertificateChain
CertGetCertificateChain
CryptDecodeObjectEx
CertAddCertificateContextToStore
CryptStringToBinaryA
PFXImportCertStore
CertCreateCertificateChainEngine
CertOpenStore
CertFindCertificateInStore
CertCloseStore
CertFindExtension
CryptQueryObject
CertFreeCertificateContext
CertFreeCertificateChainEngine

wldap32

ord46
ord41
ord27
ord301
ord33
ord79
ord35
ord32
ord200
ord30
ord45
ord60
ord22
ord211
ord217
ord143
ord50
ord26

ws2_32

closesocket
send
WSAGetLastError
WSACleanup
WSAStartup
recv
ntohs
getsockname
getpeername
WSASetLastError
getsockopt
setsockopt
connect
WSAIoctl
bind
htons
socket
inet_ntoa
htonl
gethostbyname
inet_addr
getservbyname
gethostbyaddr
getservbyport
accept
listen
sendto
recvfrom
__WSAFDIsSet
ioctlsocket
gethostname
ntohl
select

Sections

.text
Size: 5.8MB - Virtual size: 5.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e7991b5cc3bfec77dc54630e08b560a5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

crypt32

wldap32

ws2_32

Sections

.text Size: 5.8MB - Virtual size: 5.8MB

.rdata Size: 136KB - Virtual size: 135KB

.data Size: 44KB - Virtual size: 59KB

.rsrc Size: 68KB - Virtual size: 67KB

.reloc Size: 74KB - Virtual size: 73KB

.text
Size: 5.8MB - Virtual size: 5.8MB

.rdata
Size: 136KB - Virtual size: 135KB

.data
Size: 44KB - Virtual size: 59KB

.rsrc
Size: 68KB - Virtual size: 67KB

.reloc
Size: 74KB - Virtual size: 73KB