d24df888ed954e52bb5f63417d6b8a70N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

d24df888ed954e52bb5f63417d6b8a70N.exe
Size

228KB
MD5

d24df888ed954e52bb5f63417d6b8a70
SHA1

25437d4ce0a4aa376a0c1c144478db95c38d0dd4
SHA256

39ef0d4ea7e1245525c11800a122130fda53928bd5647738a10e3b33790f5324
SHA512

d18a2170ed86ba1d225198878e7a245249121f37baaf564965a4a3eb407a0f1a0f1d3e2ff65360aca00933c815d14b870c24848037a36840236c91d8cad87f32
SSDEEP

6144:QHeW7fdEEQv5m5EtM4hRJ+5k3OklSBVkpmjm6j:QHeMdEVRDM4hrTZrGm+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d24df888ed954e52bb5f63417d6b8a70N.exe

Files

d24df888ed954e52bb5f63417d6b8a70N.exe
.exe windows:4 windows x86 arch:x86

22bf50efed00fe899acc365f81f89e50

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointer
lstrcpyA
SetCurrentDirectoryA
FindClose
FindNextFileA
FindFirstFileA
GetCurrentDirectoryA
lstrcmpA
WritePrivateProfileStringA
GetLastError
GetPrivateProfileStringA
GetFileTime
CopyFileA
GetVersionExA
MoveFileExA
SetEndOfFile
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
lstrcatA
GetWindowsDirectoryA
CreateProcessA
OpenProcess
GetCurrentProcessId
GetTempFileNameA
GetTempPathA
GetModuleFileNameA
WaitForSingleObject
GetProcAddress
FreeLibrary
LoadLibraryExA
LoadLibraryA
GetModuleHandleA
SetThreadPriority
ResumeThread
CreateSemaphoreA
OpenSemaphoreA
ReleaseSemaphore
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateEventA
WriteFile
GetFileSize
ResetEvent
Sleep
lstrcpynA
SetFileAttributesA
GetFileAttributesA
CompareStringW
CompareStringA
GetLocaleInfoW
GetTimeZoneInformation
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
FlushFileBuffers
LCMapStringW
LCMapStringA
SetStdHandle
SetConsoleCtrlHandler
GetOEMCP
GetACP
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
IsBadCodePtr
IsBadReadPtr
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetFileType
SetEnvironmentVariableA
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
OpenEventA
ReadFile
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
CloseHandle
CreateFileA
RemoveDirectoryA
lstrlenA
CreateDirectoryA
MoveFileA
SetEvent
DeleteFileA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
FatalAppExitA
HeapSize
HeapReAlloc
GetCurrentThread
TlsGetValue
SetLastError
TlsFree
TlsAlloc
HeapAlloc
RtlUnwind
RaiseException
ExitProcess
TerminateProcess
GetCurrentProcess
CreateThread
GetCurrentThreadId
TlsSetValue
ExitThread
GetStartupInfoA
GetCommandLineA
GetVersion
HeapFree

user32

DestroyWindow
DialogBoxParamA
BeginPaint
EndPaint
PostMessageA
PostQuitMessage
LoadImageA
GetDlgItem
EnableWindow
SetWindowPos
DeferWindowPos
EndDeferWindowPos
BeginDeferWindowPos
CreateWindowExA
RegisterClassExA
ShowWindow
EndDialog
LoadIconA
SendMessageA
GetSystemMetrics
DefWindowProcA
LoadCursorA
LoadMenuA
GetMessageA
TranslateMessage
DispatchMessageA
MessageBoxA
wsprintfA
SetWindowTextA
IsDialogMessageA
GetWindowLongA
SetWindowLongA
GetDesktopWindow
GetWindowRect
OffsetRect

gdi32

RemoveFontResourceA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

advapi32

RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegDeleteValueA
RegCloseKey
RegDeleteKeyA
RegQueryValueExA

shell32

SHGetPathFromIDListA
SHGetMalloc
SHBrowseForFolderA

ole32

CoUninitialize
CoInitialize

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

Sections

.text
Size: 108KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

22bf50efed00fe899acc365f81f89e50

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

version

Sections

.text Size: 108KB - Virtual size: 104KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 21KB

.rsrc Size: 84KB - Virtual size: 84KB

.text
Size: 108KB - Virtual size: 104KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 21KB

.rsrc
Size: 84KB - Virtual size: 84KB