c61f12507e3b91422d9b607d32b5dcb0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

c61f12507e3b91422d9b607d32b5dcb0N.exe
Size

2.0MB
MD5

c61f12507e3b91422d9b607d32b5dcb0
SHA1

c820a147c6016ed684651bde54e7b72273c56179
SHA256

f1149745faebc21467fe8dd782d1da9e0c241aeb6b4a415f564159761b89ab4a
SHA512

a6b9147d49511348f3c1c3117c0328a90f51b75907ce79cc2235703d4da25148d4ffe36c5ccea8f828d910a7945099d6188eee45dc32f1b1ff8b564f899e03de
SSDEEP

49152:Vn2WXcPmlq0EYd2fCErUQgsvORK+DtTN3ARkbueKK:dlq0EYd2bIQgsvOA+L3ASbcK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c61f12507e3b91422d9b607d32b5dcb0N.exe

Files

c61f12507e3b91422d9b607d32b5dcb0N.exe
.exe windows:5 windows x86 arch:x86

483cf7b4eb96a78d6c3b4b92d2c00e10

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEvent
WaitForSingleObject
TerminateThread
ResetEvent
DebugBreak
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
VirtualAlloc
OpenProcess
WriteProcessMemory
ReadProcessMemory
VirtualFree
SetLastError
lstrcmpiA
GetWindowsDirectoryA
ExitThread
CreateThread
WaitForMultipleObjects
SetThreadPriority
GetCurrentDirectoryA
SetCurrentDirectoryA
GetVersionExA
GetSystemDirectoryA
FreeLibrary
HeapCreate
HeapDestroy
CreateMutexA
CreateDirectoryA
DeleteFileA
GetModuleFileNameA
GetCurrentProcess
GetTickCount
TerminateProcess
ExpandEnvironmentStringsA
LoadLibraryA
DuplicateHandle
GetSystemInfo
ReleaseSemaphore
GetThreadPriority
CreateSemaphoreA
CreateFileW
GetProcessHeap
SetEndOfFile
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetStringTypeW
WriteConsoleW
FlushFileBuffers
SetStdHandle
LoadLibraryW
InterlockedExchange
CreateEventA
FatalAppExitA
LCMapStringW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetCurrentThread
InterlockedDecrement
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetLocaleInfoW
GetModuleFileNameW
HeapSize
GetConsoleMode
GetConsoleCP
WideCharToMultiByte
GetFileType
GetStdHandle
SetHandleCount
RtlUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
IsProcessorFeaturePresent
RaiseException
ExitProcess
GetModuleHandleW
HeapReAlloc
GetStartupInfoW
HeapSetInformation
GetCommandLineA
GetCurrentThreadId
DecodePointer
EncodePointer
LocalFree
OutputDebugStringA
QueryPerformanceFrequency
FormatMessageA
QueryPerformanceCounter
FileTimeToLocalFileTime
GetFileTime
FileTimeToSystemTime
GlobalFree
GlobalAlloc
HeapFree
HeapAlloc
HeapCompact
FreeResource
SizeofResource
LockResource
LoadResource
VirtualQuery
FindResourceA
MultiByteToWideChar
Sleep
WriteFile
GetLastError
GetProcAddress
GetModuleHandleA
GetFileSize
GetFileAttributesA
CloseHandle
CreateFileA
SetFilePointer
ReadFile
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
SetConsoleCtrlHandler
EnterCriticalSection

user32

PostThreadMessageA
MsgWaitForMultipleObjects
GetQueueStatus
GetDlgItemTextA
GetDlgItem
EndDialog
SetDlgItemTextA
wvsprintfA
CreateWindowExA
SendMessageA
DestroyWindow
LoadStringA
GetDC
wsprintfA
SetRect
GetClientRect
InvalidateRect
ShowCursor
GetMonitorInfoA
EnumDisplaySettingsExA
EnumDisplayMonitors
ReleaseCapture
DefWindowProcA
DestroyMenu
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetCapture
GetParent
DialogBoxParamA
RegisterClassExA
LoadCursorA
LoadIconA
GetMessageA
KillTimer
SetTimer
RegisterWindowMessageA
LoadAcceleratorsA
GetLastActivePopup
SetForegroundWindow
IsIconic
SetWindowTextA
SetClassLongA
SetCursor
LoadImageA
GetAsyncKeyState
MessageBoxA
DispatchMessageA
TranslateMessage
TranslateAcceleratorA
PostQuitMessage
PeekMessageA
PostMessageA
SystemParametersInfoA
GetDesktopWindow
GetWindow
GetClassNameA
GetTopWindow
ClientToScreen
ScreenToClient
SetCursorPos
GetCursorPos
EnumDisplaySettingsA
GetSystemMetrics
SetFocus
BringWindowToTop
UpdateWindow
GetWindowLongA
GetForegroundWindow
ShowWindow
SetWindowLongA
ChangeDisplaySettingsExA
MonitorFromWindow
IsZoomed
GetWindowRect
GetWindowThreadProcessId
FindWindowExA
FindWindowA
SetWindowPlacement
EnumWindows
SetWindowPos
GetWindowPlacement
IsWindowVisible
SetCapture

gdi32

GetTextMetricsA
SelectObject
CreateFontA
GetGlyphOutlineW
DeleteObject
DeleteDC
EnumFontFamiliesExA
GetCharWidth32A
AddFontMemResourceEx
CreateCompatibleDC
RemoveFontMemResourceEx

advapi32

RegOpenKeyExA
RegCloseKey
RegSetValueExA
RegOpenKeyA
RegQueryValueExA

shell32

ShellExecuteA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetMalloc

ole32

CoTaskMemAlloc
CoUninitialize
CoInitialize
CoCreateInstance
CoTaskMemFree
CoFreeUnusedLibraries

imagehlp

MakeSureDirectoryPathExists

ddraw

DirectDrawCreateEx

dsound

ord1

winmm

timeGetTime
joyGetDevCapsA
joyGetPosEx
joyGetNumDevs
timeEndPeriod
timeKillEvent
timeSetEvent
timeBeginPeriod
timeGetDevCaps

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

d3d9

Direct3DCreate9

oleaut32

SysFreeString
SysAllocString

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 339KB - Virtual size: 339KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 292KB - Virtual size: 292KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

483cf7b4eb96a78d6c3b4b92d2c00e10

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

imagehlp

ddraw

dsound

winmm

version

d3d9

oleaut32

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 339KB - Virtual size: 339KB

.data Size: 29KB - Virtual size: 252KB

.rsrc Size: 292KB - Virtual size: 292KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 339KB - Virtual size: 339KB

.data
Size: 29KB - Virtual size: 252KB

.rsrc
Size: 292KB - Virtual size: 292KB