c369987a2e3a63fb9946a643415c5000N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

c369987a2e3a63fb9946a643415c5000N.exe
Size

6.5MB
MD5

c369987a2e3a63fb9946a643415c5000
SHA1

3947e9bb8458522363c89d3acdf4d725d76fdcd0
SHA256

ec532e9059279268910a245d472b3077739926bb3511240bf68cbb2982f76329
SHA512

e4fc7cd21b893e2c166743f51ad7b3a0c981a880e7e496a52b7daf58efc7e383f3ce2ced48453a29f5ce347906dbcc3fbc6e6734001d2b40ee0b32ac72644acd
SSDEEP

196608:nJDsAORdctWWxFk/bC8PE98HXxIKYnrchg6tS5Eq6K8ClZumwu/Yo:nWdXgk/bNPEeKKgchg64Oq6Btxg5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c369987a2e3a63fb9946a643415c5000N.exe

Files

c369987a2e3a63fb9946a643415c5000N.exe
.dll windows:6 windows x86 arch:x86

64f3f068a384e56319300c5a48f423f8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateFileW
ReadConsoleW
WriteConsoleW
SetStdHandle
OutputDebugStringW
LoadLibraryExW
SetFilePointerEx
ReadFile
GetConsoleMode
GetConsoleCP
CloseHandle
WriteFile
FreeEnvironmentStringsW
GetEnvironmentStringsW
DeleteFileA
QueryPerformanceCounter
GetModuleFileNameA
GetFileType
GetStdHandle
GetOEMCP
GetACP
IsValidCodePage
IsDebuggerPresent
GetProcessHeap
HeapSize
ExitProcess
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
LCMapStringW
LocalFree
OpenFileMappingA
GetThreadTimes
FindNextFileA
CreatePipe
GetLocalTime
FlushFileBuffers
GetSystemDirectoryA
IsProcessorFeaturePresent
GetWindowsDirectoryA
ExpandEnvironmentStringsA
WaitForSingleObject
GetModuleHandleExW
InitializeSListHead
GetCommState
SetDllDirectoryW
GetCPInfo
GlobalMemoryStatus
UnmapViewOfFile
GetLocaleInfoA
TlsGetValue
DeleteCriticalSection
ResetEvent
MultiByteToWideChar
GetModuleFileNameW
Beep
Sleep
GetLocaleInfoW
GetProcessTimes
GetSystemTimeAsFileTime
WaitForSingleObjectEx
GetCurrentProcess
VirtualQuery
GetCurrentProcessId
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
EncodePointer
DecodePointer
GetStringTypeW
GetLastError
HeapReAlloc
RaiseException
RtlUnwind
HeapFree
GetCommandLineA
GetCurrentThreadId
HeapAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
TerminateProcess
TlsAlloc
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
GetProcAddress

user32

GetCaretBlinkTime
GetMessageA
DestroyAcceleratorTable
MapDialogRect
SetFocus
WaitMessage
GetCapture
CreateDialogIndirectParamA
OffsetRect
GetKeyboardLayout
SetRect
SetClassLongA
DefWindowProcA
GetSysColor
EnableScrollBar
AppendMenuA
CheckRadioButton
DrawFrameControl
ValidateRect
CopyRect
GetMessageTime
SetTimer
PostQuitMessage
GetParent
GetClientRect
GetDC
DrawFocusRect
GetWindowTextA
UnregisterClassA
GetDlgItem
ScrollWindow
DestroyCursor
GetDesktopWindow
DrawMenuBar

gdi32

MoveToEx
SetLayout
TranslateCharsetInfo
LineTo
GetCharacterPlacementW
DeleteDC
CreateFontIndirectA
SetDIBColorTable
GetRgnBox
SetPixel
GetPaletteEntries
CreateCompatibleDC
PolyPolyline
SelectPalette
GetCharABCWidthsW
SetStretchBltMode
CreatePatternBrush
RoundRect
IntersectClipRect
GetPixel
EndDoc
StretchBlt
GetEnhMetaFileHeader
CreateRectRgnIndirect
GetTextExtentPointW
GetNearestPaletteIndex
CloseEnhMetaFile
DeleteObject

advapi32

AllocateAndInitializeSid
RegQueryValueExW
OpenProcessToken
AdjustTokenPrivileges

ole32

CoTaskMemFree

Sections

.text
Size: 558KB - Virtual size: 558KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5.9MB - Virtual size: 5.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

64f3f068a384e56319300c5a48f423f8

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

Sections

.text Size: 558KB - Virtual size: 558KB

.data Size: 5.9MB - Virtual size: 5.9MB

.idata Size: 4KB - Virtual size: 4KB

.reloc Size: 12KB - Virtual size: 12KB

.text
Size: 558KB - Virtual size: 558KB

.data
Size: 5.9MB - Virtual size: 5.9MB

.idata
Size: 4KB - Virtual size: 4KB

.reloc
Size: 12KB - Virtual size: 12KB