73dfa9f6be1da3d55ec69af4ff55e950N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

73dfa9f6be1da3d55ec69af4ff55e950N.exe
Size

3.6MB
MD5

73dfa9f6be1da3d55ec69af4ff55e950
SHA1

12b39713da12c7638a465b2dbd0b08e670fe93ce
SHA256

2f2ba21d06ff341a2f70a9afa89ad487e8f954cea243df986015c0d9c6e1f16b
SHA512

02eea2d67de02d92070cc39067e04175413dfb94827ee9c6aaf9de14506cf81ddd8f2f04d058429fa5022a960441ea88a38688315ea45483a6a411e463023d81
SSDEEP

98304:wxnXd0+y9lQ8Uj0zCYvJohlJhsacQr8bSk:wxXTClQjj0WYvqh6F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73dfa9f6be1da3d55ec69af4ff55e950N.exe

Files

73dfa9f6be1da3d55ec69af4ff55e950N.exe
.exe windows:5 windows x86 arch:x86

8074c7be3714b4268f99be5c4c70767e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM

Imports

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailW
SetupDiGetClassDevsW
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceRegistryPropertyW

kernel32

GetLogicalDriveStringsW
GetModuleFileNameW
GetModuleHandleW
GetPrivateProfileIntW
GetProcAddress
GetProcessHeap
GetShortPathNameW
GetStartupInfoW
GetSystemDirectoryW
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetTempPathW
GetThreadContext
GetThreadPriority
GetUserDefaultLangID
GlobalAddAtomW
GlobalAlloc
GlobalDeleteAtom
GlobalFree
GlobalGetAtomNameW
GlobalHandle
GlobalLock
GlobalSize
GlobalUnlock
HeapAlloc
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
IsProcessorFeaturePresent
LoadLibraryW
LoadResource
LocalAlloc
LocalFree
LockResource
lstrlenA
lstrlenW
MapViewOfFile
MoveFileW
MulDiv
MultiByteToWideChar
OutputDebugStringW
QueryPerformanceCounter
GetLocalTime
ReadFile
RemoveDirectoryW
ResetEvent
ResumeThread
SetEndOfFile
SetErrorMode
SetEvent
SetFileAttributesW
SetFilePointer
SetLastError
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
Sleep
SuspendThread
SystemTimeToFileTime
TerminateProcess
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
VirtualProtect
VirtualQuery
WaitForSingleObjectEx
WideCharToMultiByte
WriteFile
LCMapStringA
GetStringTypeW
GetStringTypeA
GetOEMCP
GetACP
GetCPInfo
VirtualFree
HeapCreate
GetVersionExA
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
ExitProcess
GetVersion
GetStartupInfoA
GetModuleHandleA
RtlUnwind
GetLocaleInfoW
GetLastError
GetFileTime
GetFileSize
GetFileAttributesW
GetExitCodeThread
GetEnvironmentVariableW
GetDriveTypeW
GetDiskFreeSpaceW
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetComputerNameA
FormatMessageW
FlushInstructionCache
FlushFileBuffers
FindResourceW
FindResourceExW
FindNextFileW
FindFirstFileW
FindClose
FileTimeToSystemTime
ExpandEnvironmentStringsW
DisconnectNamedPipe
DeviceIoControl
DeleteFileW
DeleteCriticalSection
CreateFileW
CreateFileMappingW
CreateEventW
CreateDirectoryW
CompareFileTime
CloseHandle
CallNamedPipeW
CreateProcessA
GetCommandLineA
InitializeCriticalSection
EnterCriticalSection
GetTickCount
LeaveCriticalSection
LoadLibraryA
GetTimeZoneInformation
GetSystemDefaultLCID
lstrcpyW
RaiseException
LCMapStringW

user32

OemToCharBuffA
MsgWaitForMultipleObjects
MessageBeep
MapWindowPoints
LoadIconW
LoadCursorW
KillTimer
IsWindowEnabled
IsRectEmpty
IsChild
InvalidateRect
IntersectRect
InsertMenuW
InflateRect
OffsetRect
GetWindowRect
GetWindowLongW
GetSystemMenu
GetNextDlgTabItem
GetMenuItemInfoW
GetMenuItemID
GetMenuItemCount
OpenClipboard
PeekMessageW
PostMessageW
RedrawWindow
GetSysColor
GetFocus
MessageBoxA
AppendMenuW
AttachThreadInput
CharLowerA
GetKeyState
GetForegroundWindow
RegisterWindowMessageW
RemoveMenu
SendMessageTimeoutW
SendMessageW
SetClipboardData
SetCursor
SetForegroundWindow
SetRectEmpty
SetTimer
ShowWindow
SystemParametersInfoW
TranslateMessage
UpdateWindow
GetWindowThreadProcessId
GetDlgItem
GetClientRect
GetClassNameW
GetClassInfoW
FrameRect
FindWindowExW
EnableWindow
EmptyClipboard
DispatchMessageW
DestroyAcceleratorTable
DeleteMenu
DefWindowProcW
CreateMenu
CopyRect
CloseClipboard
CharUpperW
CharUpperA
CharToOemBuffA
CharPrevW

gdi32

SetBrushOrgEx
SetBkColor
SelectObject
BitBlt
DeleteObject
ExtTextOutW
GetObjectW
GetStockObject
LineTo
MoveToEx
CreateCompatibleDC
CreatePatternBrush
CreateSolidBrush
CreateCompatibleBitmap

advapi32

GetSecurityDescriptorLength
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
RevertToSelf
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
OpenThreadToken
OpenProcessToken
MapGenericMask
AccessCheck
AddAccessAllowedAce
AddAce
AllocateAndInitializeSid
CopySid
DuplicateToken
FreeSid
GetAclInformation
GetFileSecurityW
GetLengthSid
GetSecurityDescriptorControl
GetSecurityDescriptorDacl
GetSecurityDescriptorGroup
GetSecurityDescriptorOwner
GetSecurityDescriptorSacl
GetSidLengthRequired
GetSidSubAuthority
GetTokenInformation
ImpersonateSelf
InitializeAcl
InitializeSecurityDescriptor
IsValidSecurityDescriptor
IsValidSid
MakeAbsoluteSD
MakeSelfRelativeSD

shell32

ShellExecuteExW
StrCmpNIW
SHGetFileInfoW

ole32

OleRun
CreateBindCtx
CoUninitialize
CoCreateInstance
CoInitialize

oleaut32

VariantInit

shlwapi

PathIsURLW
PathIsUNCW
PathIsUNCServerW
PathIsUNCServerShareW
PathRemoveFileSpecW
PathIsRelativeW
PathIsDirectoryW
PathFindFileNameW
PathFindExtensionW
PathAppendW
PathSkipRootW
PathStripToRootW
PathIsRootW
StrToIntW

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_vga_2
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8074c7be3714b4268f99be5c4c70767e

Headers

File Characteristics

Imports

setupapi

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

Sections

.text Size: 2.4MB - Virtual size: 2.4MB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 12KB - Virtual size: 4.0MB

.rsrc Size: 60KB - Virtual size: 56KB

_vga_2 Size: 1.2MB - Virtual size: 1.2MB

.text
Size: 2.4MB - Virtual size: 2.4MB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 12KB - Virtual size: 4.0MB

.rsrc
Size: 60KB - Virtual size: 56KB

_vga_2
Size: 1.2MB - Virtual size: 1.2MB