205d366359a27e32591e573e8a59b7a0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

205d366359a27e32591e573e8a59b7a0N.exe
Size

416KB
MD5

205d366359a27e32591e573e8a59b7a0
SHA1

f6af3802aae6da488481c70b97c81a815179f440
SHA256

0e0c73d58c619d27e430ab20976f20a0ed7d1b938a607187595ea079b19dd6c6
SHA512

224a3fd55e3a4576b413366fad1d2b4e2f816f47db8e1dae589a55b7809faa663c88dddd47bec4c340a4b85664a00905e95008efcaa922633b8335913da8c9d3
SSDEEP

6144:4xNg+lyusDu65QYAZSoGb82v/SABbwtvJdz4xNg+lyusDu65QYAZSoGb82v/SAB0:WIWN4Y2CAdwp/zWIWN4Y2CAdwp/z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
205d366359a27e32591e573e8a59b7a0N.exe

Files

205d366359a27e32591e573e8a59b7a0N.exe
.exe windows:4 windows x86 arch:x86

00f0cb2eb2cf989efbc9c98f144014af

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
GetProcAddress
DosDateTimeToFileTime
GetLogicalDriveStringsA
CreateNamedPipeW
GetModuleHandleA
SetCalendarInfoA
MultiByteToWideChar
GetVersionExA
TlsAlloc

user32

GetClassNameA
GetMenuItemInfoW
GetTopWindow
GetDlgItem
SetDlgItemTextW
SetActiveWindow
CloseWindow
LoadMenuA
IsWindow
GetWindowRect
UnregisterClassW
DeleteMenu
RegisterClassW
CreateAcceleratorTableA
WinHelpW
CreateWindowExA
CreatePopupMenu
InsertMenuItemA
EnableWindow
CreateDialogIndirectParamW
GetForegroundWindow
SendDlgItemMessageA
CheckMenuItem
ClientToScreen
SendMessageA
wvsprintfA
GetSysColorBrush
InvalidateRgn
MessageBeep
GetScrollPos
InvalidateRect
DefDlgProcA
ActivateKeyboardLayout
TrackPopupMenuEx
GetDCEx
CallWindowProcA
SetWindowRgn

gdi32

CreateEnhMetaFileA
ResetDCA
GetCharWidthW
CreateEnhMetaFileW
GetLayout
PolylineTo
GetColorSpace
GetTextExtentExPointW

advapi32

RegDeleteKeyA
RegOpenKeyW
RegDeleteValueA
RegCreateKeyExW
RegOpenKeyW
RegReplaceKeyA

shlwapi

PathRemoveBackslashA
DllGetVersion
PathBuildRootA
SHDeleteValueW
StrStrNW
PathCommonPrefixW
SHRegSetUSValueW
PathRemoveBlanksA
StrRChrIA
SHCreateStreamOnFileEx
UrlGetLocationA

comdlg32

GetSaveFileNameA
LoadAlterBitmap
ChooseFontA
GetOpenFileNameW
GetSaveFileNameW
GetFileTitleW

oleaut32

VarI4FromUI1
VarBstrFromR8
VarUI1FromR8
VarUI1FromStr
VarDateFromDisp
VarIdiv
VectorFromBstr

Sections

.FrbNhz
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.oMkBIA
Size: 3KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.YsUsFU
Size: 2KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.kJecJt
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bl
Size: 5KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 171KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 964B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

00f0cb2eb2cf989efbc9c98f144014af

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shlwapi

comdlg32

oleaut32

Sections

.FrbNhz Size: 11KB - Virtual size: 10KB

.oMkBIA Size: 3KB - Virtual size: 26KB

.YsUsFU Size: 2KB - Virtual size: 51KB

.kJecJt Size: 13KB - Virtual size: 12KB

.bl Size: 5KB - Virtual size: 296KB

.rsrc Size: 171KB - Virtual size: 170KB

.reloc Size: 1024B - Virtual size: 964B

.FrbNhz
Size: 11KB - Virtual size: 10KB

.oMkBIA
Size: 3KB - Virtual size: 26KB

.YsUsFU
Size: 2KB - Virtual size: 51KB

.kJecJt
Size: 13KB - Virtual size: 12KB

.bl
Size: 5KB - Virtual size: 296KB

.rsrc
Size: 171KB - Virtual size: 170KB

.reloc
Size: 1024B - Virtual size: 964B