a86eb8983235269384e39bfc9421c820N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

a86eb8983235269384e39bfc9421c820N.exe
Size

3.7MB
MD5

a86eb8983235269384e39bfc9421c820
SHA1

cdea391ff76958bdf5ad0f714e5016a46070d512
SHA256

80ecd30aa297993ed1a9023e654a52e3a1a36d4d3223d4eb1891df7117bc06cf
SHA512

236ddc2b09baa1a2f330969a49dd08e1aceded532d9d5ff87944f2477f2d3711b7be8feda30f0b605fb4239387020fb354a1948ffd9e3dba7aaaa0fb72ae66b1
SSDEEP

98304:40A+zbYBDXK4nr9Xf7VpmAKkrw63fL04nCwOxe56:40ednnxXTj72wpY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a86eb8983235269384e39bfc9421c820N.exe

Files

a86eb8983235269384e39bfc9421c820N.exe
.exe windows:5 windows x86 arch:x86

de60bbb12fc791ed7212708ef5e82f7b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM

Imports

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailW
SetupDiGetClassDevsW
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceRegistryPropertyW

kernel32

GetLocaleInfoW
GetLocalTime
GetLogicalDriveStringsW
GetModuleFileNameW
GetModuleHandleW
GetPrivateProfileIntW
GetProcAddress
GetProcessHeap
GetShortPathNameW
GetStartupInfoW
GetSystemDirectoryW
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetTempPathW
GetThreadContext
GetThreadPriority
GetUserDefaultLangID
GlobalAddAtomW
GlobalAlloc
GlobalDeleteAtom
GlobalFree
GlobalGetAtomNameW
GlobalHandle
GlobalLock
GlobalSize
GlobalUnlock
HeapAlloc
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
IsProcessorFeaturePresent
LoadLibraryW
LoadResource
LocalAlloc
LocalFree
LockResource
lstrlenA
lstrlenW
MapViewOfFile
MoveFileW
MulDiv
MultiByteToWideChar
OutputDebugStringW
GetLastError
RaiseException
ReadFile
RemoveDirectoryW
ResetEvent
ResumeThread
SetEndOfFile
SetErrorMode
SetEvent
SetFileAttributesW
SetFilePointer
SetLastError
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
Sleep
SuspendThread
SystemTimeToFileTime
TerminateProcess
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
VirtualProtect
VirtualQuery
WaitForSingleObjectEx
WideCharToMultiByte
WriteFile
LCMapStringA
GetStringTypeW
GetStringTypeA
GetOEMCP
GetACP
GetCPInfo
VirtualFree
HeapCreate
GetVersionExA
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
ExitProcess
GetVersion
GetStartupInfoA
GetFileTime
GetModuleHandleA
RtlUnwind
GetFileSize
GetFileAttributesW
GetExitCodeThread
GetEnvironmentVariableW
GetDriveTypeW
GetDiskFreeSpaceW
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetComputerNameA
FormatMessageW
FlushInstructionCache
FlushFileBuffers
FindResourceW
FindResourceExW
FindNextFileW
FindFirstFileW
FindClose
FileTimeToSystemTime
ExpandEnvironmentStringsW
DisconnectNamedPipe
DeviceIoControl
DeleteFileW
DeleteCriticalSection
CreateFileW
CreateFileMappingW
CreateEventW
CreateDirectoryW
CompareFileTime
CreateProcessA
GetCommandLineA
InitializeCriticalSection
EnterCriticalSection
GetTickCount
LeaveCriticalSection
LoadLibraryA
GetTimeZoneInformation
GetSystemDefaultLCID
lstrcpyW
QueryPerformanceCounter
LCMapStringW

user32

OemToCharBuffA
MsgWaitForMultipleObjects
MessageBeep
MapWindowPoints
LoadIconW
LoadCursorW
KillTimer
IsWindowEnabled
IsRectEmpty
IsChild
InvalidateRect
IntersectRect
InsertMenuW
OffsetRect
GetWindowThreadProcessId
GetWindowRect
GetWindowLongW
GetSystemMenu
GetNextDlgTabItem
GetMenuItemInfoW
OpenClipboard
PeekMessageW
PostMessageW
RedrawWindow
GetSysColor
MessageBoxA
GetFocus
CharLowerA
CharPrevW
CharToOemBuffA
GetMenuItemID
GetMenuItemCount
RegisterWindowMessageW
RemoveMenu
SendMessageTimeoutW
SendMessageW
SetClipboardData
SetCursor
SetForegroundWindow
SetRectEmpty
SetTimer
ShowWindow
SystemParametersInfoW
TranslateMessage
UpdateWindow
InflateRect
GetKeyState
GetForegroundWindow
GetDlgItem
GetClientRect
GetClassNameW
GetClassInfoW
FrameRect
FindWindowExW
EnableWindow
EmptyClipboard
DispatchMessageW
DestroyAcceleratorTable
DeleteMenu
DefWindowProcW
CreateMenu
CopyRect
CloseClipboard
CharUpperW
CharUpperA

gdi32

SetBrushOrgEx
ExtTextOutW
GetObjectW
GetStockObject
LineTo
MoveToEx
SelectObject
CreatePatternBrush
CreateSolidBrush
DeleteObject
SetBkColor

advapi32

GetSecurityDescriptorSacl
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
RevertToSelf
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
AddAccessAllowedAce
AddAce
AllocateAndInitializeSid
CopySid
DuplicateToken
FreeSid
GetAclInformation
GetFileSecurityW
GetLengthSid
GetSecurityDescriptorControl
GetSecurityDescriptorDacl
GetSecurityDescriptorGroup
GetSecurityDescriptorLength
GetSecurityDescriptorOwner
GetSidLengthRequired
GetSidSubAuthority
GetTokenInformation
ImpersonateSelf
InitializeAcl
InitializeSecurityDescriptor
IsValidSecurityDescriptor
IsValidSid
MakeAbsoluteSD
MakeSelfRelativeSD
MapGenericMask
OpenProcessToken
OpenThreadToken

shell32

ShellExecuteExW
StrCmpNIW
SHGetFileInfoW

ole32

OleRun
CreateBindCtx
CoInitialize
CoCreateInstance
CoUninitialize

oleaut32

VariantInit

shlwapi

PathIsURLW
PathIsUNCW
PathIsUNCServerW
PathIsUNCServerShareW
PathRemoveFileSpecW
PathIsRelativeW
PathIsDirectoryW
PathFindFileNameW
PathFindExtensionW
PathAppendW
PathSkipRootW
PathStripToRootW
PathIsRootW
StrToIntW

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 144KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss2
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

de60bbb12fc791ed7212708ef5e82f7b

Headers

File Characteristics

Imports

setupapi

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

Sections

.text Size: 2.4MB - Virtual size: 2.4MB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 12KB - Virtual size: 4.0MB

.rsrc Size: 144KB - Virtual size: 141KB

.bss2 Size: 1.2MB - Virtual size: 1.2MB

.text
Size: 2.4MB - Virtual size: 2.4MB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 12KB - Virtual size: 4.0MB

.rsrc
Size: 144KB - Virtual size: 141KB

.bss2
Size: 1.2MB - Virtual size: 1.2MB