ce03220fc16de26c66252cfbe9947490N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

ce03220fc16de26c66252cfbe9947490N.exe
Size

934KB
MD5

ce03220fc16de26c66252cfbe9947490
SHA1

1bf0cb1df9d4ba497aeeaaa6bb094dd7a11f8c6e
SHA256

dff9351a0341bd50189e5f4dd7f6d2c41185fefb16418690519880895b60fa6a
SHA512

6dae66604de2853656207f8e7e90d27298ac121848ea7184fe99a062ddb545119e9bd51d748430a3b0a43807dc2be6ae656bce7b84feaf98863333b70f3d4859
SSDEEP

24576:2NHGT8jMKkZkbbbbpce8TTw5CFV8LoCe1c4HSj:2FoybbbbpcNTmfeS4yj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ce03220fc16de26c66252cfbe9947490N.exe

Files

ce03220fc16de26c66252cfbe9947490N.exe
.exe windows:6 windows x86 arch:x86

c79c9e65e4e60813bf705dcff2a90f49

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathRenameExtensionW
SHAutoComplete
StrFormatByteSizeW
PathRemoveFileSpecW
PathCombineW

kernel32

SearchPathA
SetLastError
SetEvent
ReleaseMutex
WaitForSingleObject
CreateMutexW
CreateEventW
Sleep
CreateThread
TerminateThread
GetSystemTimeAsFileTime
GetShortPathNameA
MulDiv
lstrcpyW
FileTimeToLocalFileTime
lstrcpynW
FileTimeToSystemTime
CreateFileW
FindClose
FindFirstFileW
FindFirstFileExW
FindNextFileW
WriteFile
CloseHandle
FindResourceExW
LockResource
GlobalAlloc
GlobalUnlock
GlobalLock
lstrcmpW
lstrcatW
lstrlenA
lstrlenW
WideCharToMultiByte
GetFileAttributesW
ExpandEnvironmentStringsA
LoadLibraryExA
IsDebuggerPresent
ReadFile
SetEndOfFile
SetFilePointerEx
GetConsoleMode
GetConsoleCP
HeapAlloc
GetStringTypeW
SetStdHandle
GetCurrentDirectoryW
SetEnvironmentVariableW
GetProcessHeap
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
DeleteFileW
GetFileType
LCMapStringW
CompareStringW
GetStdHandle
GetModuleHandleExW
ExitProcess
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
RtlUnwind
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoW
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
ResetEvent
VirtualFree
VirtualAlloc
OutputDebugStringW
IsProcessorFeaturePresent
FlushInstructionCache
GetCurrentProcess
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
EncodePointer
MultiByteToWideChar
lstrcmpiW
LoadLibraryW
FindResourceW
SizeofResource
LoadResource
LoadLibraryExW
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
FreeLibrary
LeaveCriticalSection
GetCurrentThreadId
EnterCriticalSection
DeleteCriticalSection
HeapDestroy
GetLastError
RaiseException
DecodePointer
ReadConsoleW
InitializeCriticalSectionAndSpinCount
HeapSize
HeapFree
FreeEnvironmentStringsW
HeapReAlloc
FlushFileBuffers
WriteConsoleW

user32

SetCursor
UnregisterClassW
DefWindowProcW
DestroyWindow
CharNextW
TrackMouseEvent
GetMessageW
GetMonitorInfoW
MonitorFromWindow
LoadIconW
GetWindow
GetDlgCtrlID
SetDlgItemTextW
SetFocus
MessageBoxW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
LoadImageW
GetDesktopWindow
FillRect
GetSysColorBrush
GetSysColor
MapWindowPoints
GetClientRect
InvalidateRect
EnableWindow
CallWindowProcW
LoadCursorW
GetParent
GetWindowTextW
GetWindowTextLengthW
SetWindowTextW
ReleaseDC
GetDialogBaseUnits
GetDlgItem
PostMessageW
SendMessageW
RegisterWindowMessageW
EnumDisplaySettingsW
ChangeDisplaySettingsW
SetWindowLongW
GetWindowLongW
ShowCursor
AdjustWindowRect
GetWindowRect
GetDC
SetForegroundWindow
GetActiveWindow
SetWindowPos
ShowWindow
CreateWindowExA
PeekMessageW
DispatchMessageW

gdi32

GetObjectW
Polygon
CreatePen
CreateCompatibleDC
CreateCompatibleBitmap
GetTextMetricsW
SelectObject
GetDeviceCaps
DeleteDC
CreateFontIndirectW
SetDIBitsToDevice
DeleteObject

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

RegOpenKeyExA
RegQueryValueExA
RegQueryValueExW
RegSetValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey

shell32

SHGetSpecialFolderPathA
SHGetPathFromIDListW
SHBrowseForFolderW
Shell_NotifyIconW

ole32

CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

oleaut32

VarUI4FromStr
VarI4FromStr
VarR8FromStr
VarDecCmp
VarDecFromStr
VarDateFromStr

comctl32

InitCommonControlsEx
PropertySheetW
CreatePropertySheetPageW
DestroyPropertySheetPage

Sections

.text
Size: 325KB - Virtual size: 325KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 303KB - Virtual size: 303KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 267KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c79c9e65e4e60813bf705dcff2a90f49

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

Sections

.text Size: 325KB - Virtual size: 325KB

.rdata Size: 303KB - Virtual size: 303KB

.data Size: 20KB - Virtual size: 24KB

.rsrc Size: 267KB - Virtual size: 266KB

.reloc Size: 16KB - Virtual size: 16KB

.text
Size: 325KB - Virtual size: 325KB

.rdata
Size: 303KB - Virtual size: 303KB

.data
Size: 20KB - Virtual size: 24KB

.rsrc
Size: 267KB - Virtual size: 266KB

.reloc
Size: 16KB - Virtual size: 16KB