23ae69131a9a46ef53e67106ecb998f43b41914aa07f858f7ac74f9a7498de22[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

23ae69131a9a46ef53e67106ecb998f43b41914aa07f858f7ac74f9a7498de22.exe
Size

18.6MB
MD5

10a0e8dbf074b007d6b96ba09c32fcdb
SHA1

17e3b3e10d60c014201385a2fd5910fc931fe627
SHA256

23ae69131a9a46ef53e67106ecb998f43b41914aa07f858f7ac74f9a7498de22
SHA512

8c6305879350f7060d3e5dc8abc9b8e5b564c2b2b8f6acaacfd2041ccdce0b251b39ee6df1ada97707045f20f321646265059ebea8bde798799ee64892dc89b4
SSDEEP

393216:XZZZMBYP1ov7MPjit1K3QYDez3QzCQSPIaXSz69II65rUVp:/1ov7MPjifK3ivhdS+9Ix5rUVp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
23ae69131a9a46ef53e67106ecb998f43b41914aa07f858f7ac74f9a7498de22.exe

Files

23ae69131a9a46ef53e67106ecb998f43b41914aa07f858f7ac74f9a7498de22.exe
.exe windows:6 windows x86 arch:x86

63a5778a34f0b6ebc466975d817d2376

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsW

kernel32

CreateEventA
FormatMessageA
CloseHandle
GetSystemTimeAsFileTime
WaitForMultipleObjects
GetCurrentProcess
LoadLibraryExW
WaitForSingleObjectEx
LCMapStringEx
FormatMessageW
SetFilePointer
FindFirstFileExA
WideCharToMultiByte
GetModuleHandleExW
ExitProcess
CreateSemaphoreA
FileTimeToSystemTime
SetEvent
GetSystemDirectoryW
GetProcAddress
GetLocaleInfoEx
SetEndOfFile
DeleteFileA
EncodePointer
LoadLibraryA
HeapSize
TerminateProcess
GlobalMemoryStatus
InitializeCriticalSectionEx
MultiByteToWideChar
LCMapStringW
FlushFileBuffers
GetVersion
GetTickCount64
GetUserDefaultLCID
ExitThread
WriteConsoleW
SetFileTime
CreateFileA
GetProcessAffinityMask
InitializeCriticalSectionAndSpinCount
GetLocaleInfoW
IsDebuggerPresent
LeaveCriticalSection
GetVersionExA
GetEnvironmentVariableA
GetCurrentProcessId
GetFileAttributesExW
GetFileSize
GetCurrentDirectoryW
WaitForSingleObject
GetStartupInfoW
QueryPerformanceFrequency
FindFirstFileW
SetCurrentDirectoryA
GetFileSizeEx
GetCPInfo
UnhandledExceptionFilter
FindNextFileW
CreateThread
GetDateFormatW
TlsGetValue
GetModuleHandleA
GetFinalPathNameByHandleW
GetModuleFileNameA
GetFileType
SetFilePointerEx
ReleaseSRWLockExclusive
SetFileAttributesA
GetFullPathNameW
SetCurrentDirectoryW
CreateDirectoryA
GetDriveTypeW
SetUnhandledExceptionFilter
GetFileInformationByHandle
CompareStringW
SetEnvironmentVariableA
GetConsoleMode
GetProcessHeap
CreateFileW
EnterCriticalSection
GetTickCount
GetCurrentDirectoryA
IsValidLocale
RemoveDirectoryA
GetEnvironmentStringsW
GetTimeZoneInformation
lstrlenA
PeekNamedPipe
FreeLibraryAndExitThread
HeapFree
GetModuleHandleW
SleepEx
GetFileAttributesA
TlsSetValue
AreFileApisANSI
InitializeCriticalSection
ReleaseSemaphore
RtlUnwind
SetLastError
GetCurrentThreadId
SetFileAttributesW
DecodePointer
LocalFree
GetFileAttributesW
GetOEMCP
VirtualFree
GetLastError
HeapReAlloc
SetStdHandle
SystemTimeToTzSpecificLocalTime
GetTempPathW
RemoveDirectoryW
MoveFileExW
GetCommandLineW
GetModuleFileNameW
VerifyVersionInfoW
EnumSystemLocalesW
GetStringTypeW
IsValidCodePage
GetACP
WriteFile
InitializeSListHead
FindFirstFileA
HeapAlloc
FreeEnvironmentStringsW
DeleteCriticalSection
TryAcquireSRWLockExclusive
GetSystemInfo
GetConsoleCP
DeleteFileW
lstrcatA
CreateDirectoryW
ReadFile
IsProcessorFeaturePresent
TlsFree
FindNextFileA
GetTimeFormatW
WakeAllConditionVariable
ReadConsoleW
QueryPerformanceCounter
ResetEvent
VirtualAlloc
Sleep
TlsAlloc
GetCommandLineA
AcquireSRWLockExclusive
LoadLibraryW
FindClose
VerSetConditionMask
GetStdHandle
GetTempPathA
FreeLibrary
RaiseException

user32

SetWindowTextW
MessageBoxA
GetDlgItem
wsprintfA
LoadStringW
SendMessageA
ShowWindow
SetWindowLongA
MessageBoxW
DialogBoxParamW
CharUpperW
LoadStringA
KillTimer
CharUpperA
SetWindowTextA
DialogBoxParamA
DestroyWindow
SetTimer
LoadIconA
GetWindowLongA
PostMessageA
EndDialog

shell32

ShellExecuteExA

oleaut32

VariantClear
SysAllocStringLen
SysStringLen

bcrypt

BCryptGenRandom

advapi32

CryptReleaseContext
CryptHashData
CryptEncrypt
CryptCreateHash
CryptImportKey
CryptAcquireContextW
CryptDestroyKey
CryptGetHashParam
CryptDestroyHash

crypt32

CryptDecodeObjectEx
CertOpenStore
CertGetNameStringW
CryptQueryObject
CertGetCertificateChain
CertCreateCertificateChainEngine
CertEnumCertificatesInStore
CertFindCertificateInStore
CertAddCertificateContextToStore
CertFreeCertificateContext
CryptStringToBinaryW
CertCloseStore
CertFreeCertificateChain
CertFreeCertificateChainEngine
CertFindExtension
PFXImportCertStore

wldap32

ord216
ord301
ord145
ord219
ord46
ord14
ord147
ord73
ord208
ord41
ord117
ord26
ord27
ord127
ord167
ord142
ord79
ord133

ws2_32

gethostname
htons
getsockopt
send
WSAWaitForMultipleEvents
WSACreateEvent
WSAEnumNetworkEvents
WSACloseEvent
freeaddrinfo
getaddrinfo
closesocket
WSAGetLastError
ntohs
WSASetLastError
WSAStartup
WSACleanup
ioctlsocket
setsockopt
WSAIoctl
__WSAFDIsSet
select
accept
bind
connect
getsockname
htonl
listen
recv
socket
WSAResetEvent
WSAEventSelect
recvfrom
sendto
getpeername

Sections

.text
Size: 6.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 201KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

63a5778a34f0b6ebc466975d817d2376

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

user32

shell32

oleaut32

bcrypt

advapi32

crypt32

wldap32

ws2_32

Sections

.text Size: 6.0MB - Virtual size: 6.0MB

.rdata Size: 201KB - Virtual size: 200KB

.data Size: 7KB - Virtual size: 19KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 71KB - Virtual size: 71KB

.text
Size: 6.0MB - Virtual size: 6.0MB

.rdata
Size: 201KB - Virtual size: 200KB

.data
Size: 7KB - Virtual size: 19KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 71KB - Virtual size: 71KB