14c5d11e5e2647383ba9b3ba2c2aec00N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

14c5d11e5e2647383ba9b3ba2c2aec00N.exe
Size

2.0MB
MD5

14c5d11e5e2647383ba9b3ba2c2aec00
SHA1

615564e5aa5d69e7751341804ac3115515953366
SHA256

b30459691c7fa3000aa4814b43509ffc029fa62c97b32267d6e395c2ca41562b
SHA512

73a97ba39c688377a8104b9eed6bfa66c12128ab77463708cce1d24258e9b751beb19d37d87319966b33eb7d2c25c6c33df0d118dd16ff707dd133947eeda63c
SSDEEP

49152:F+rdTGFeO22UF3weJrnCuD9HVUKYPyXZU7Y1D1z3bD:YcdKvJr19HVUPqUy1z3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14c5d11e5e2647383ba9b3ba2c2aec00N.exe

Files

14c5d11e5e2647383ba9b3ba2c2aec00N.exe
.exe windows:10 windows x64 arch:x64

4104cf876c2e2570afb2ff65c56dd170

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

WMPDMC.pdb

Imports

advapi32

EventWriteTransfer
TraceMessage
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
EventRegister
EventUnregister
GetTraceLoggerHandle
GetTraceEnableLevel
GetTraceEnableFlags
RegisterTraceGuidsW
UnregisterTraceGuids
RegQueryInfoKeyW
RegEnumKeyExW
RegDeleteValueW
TraceEvent

kernel32

GetCurrentThreadId
HeapSetInformation
RegisterApplicationRestart
GlobalLock
WakeAllConditionVariable
MultiByteToWideChar
GetModuleHandleW
LoadLibraryExW
CreateMutexW
LocalFree
FormatMessageW
FreeLibrary
SetErrorMode
GlobalFree
GlobalAlloc
WaitForMultipleObjects
OutputDebugStringA
QueryActCtxW
GetModuleHandleExW
GetModuleFileNameW
CreateActCtxW
FindActCtxSectionStringW
ActivateActCtx
GetProcAddress
SetLastError
LoadLibraryW
DeactivateActCtx
lstrcmpiW
ResetEvent
PowerSetRequest
PowerCreateRequest
CreateThread
GetCurrentProcess
DuplicateHandle
Sleep
SetEvent
CompareStringOrdinal
OpenEventW
CreateEventW
PowerClearRequest
FindResourceExW
LoadResource
LockResource
SizeofResource
GetTickCount
TryEnterCriticalSection
GetLastError
WaitForSingleObject
InitializeCriticalSection
DeleteCriticalSection
CloseHandle
RaiseException
HeapFree
HeapAlloc
GetProcessHeap
LeaveCriticalSection
DelayLoadFailureHook
ResolveDelayLoadedAPI
EnterCriticalSection
DebugBreak
IsDebuggerPresent
VirtualQuery
GlobalUnlock
WaitForSingleObjectEx
ReleaseSemaphore
UnmapViewOfFile
MapViewOfFile
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
GetModuleFileNameA
VirtualQueryEx
SetThreadPreferredUILanguages
InitOnceExecuteOnce
GetThreadPreferredUILanguages
InitializeCriticalSectionEx
LCIDToLocaleName
GetTickCount64
QueryPerformanceFrequency
LocalAlloc
InitializeCriticalSectionAndSpinCount
CreateEventExW
AcquireSRWLockShared
ReleaseSRWLockShared
InitializeSRWLock
TlsSetValue
TlsFree
TlsAlloc
GetVersion
GetSystemDirectoryW
FindAtomW
SetProcessWorkingSetSizeEx
GetLocaleInfoW
GetUserDefaultUILanguage
GetThreadUILanguage
GetThreadLocale
FreeLibraryAndExitThread
GetAtomNameW
DeleteAtom
AddAtomW
TlsGetValue
RegGetValueW
GetDateFormatW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDurationFormatEx
FindResourceW
GetVersionExW
lstrlenA
lstrlenW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStartupInfoW
CompareStringW
HeapDestroy
HeapReAlloc
HeapSize
ReleaseActCtx
MulDiv
CreateSemaphoreW
SleepConditionVariableSRW

gdi32

GetPixel
DeleteEnhMetaFile
CreateRectRgn
GetClipRgn
IntersectClipRect
SelectClipRgn
GetLayout
SetTextAlign
GetTextAlign
GetCurrentObject
SetTextColor
SetBkColor
SetBkMode
PatBlt
StretchDIBits
GetStockObject
SetDCBrushColor
CreateSolidBrush
SetStretchBltMode
PlayEnhMetaFile
GdiGradientFill
ExtTextOutW
GetTextColor
GdiTransparentBlt
SetPixel
CreatePatternBrush
GetTextExtentPoint32W
CreateHalftonePalette
SelectPalette
RealizePalette
GetBrushOrgEx
SetBrushOrgEx
GetDIBits
GetBkMode
OffsetWindowOrgEx
SetWindowOrgEx
RectVisible
GetRegionData
ExtCreateRegion
CombineRgn
OffsetRgn
GetRgnBox
CreateFontIndirectW
CreateDIBPatternBrushPt
SetLayout
LPtoDP
GetBkColor
GetTextMetricsW
GetDCBrushColor
GetTextExtentPointW
StretchBlt
CreateBitmap
CreateCompatibleBitmap
GetDeviceCaps
Polyline
CreatePen
DeleteDC
GdiAlphaBlend
DeleteObject
GetObjectW
CreateCompatibleDC
CreateDIBSection
SelectObject
BitBlt

user32

MoveWindow
GetDpiForWindow
LoadStringW
SetScrollInfo
GetScrollInfo
EnableWindow
RedrawWindow
SetWindowsHookExW
GetWindowRgnBox
UpdateWindow
GetClassLongW
SetParent
CallWindowProcW
GetPropW
GetAncestor
IsChild
UnregisterPowerSettingNotification
GetFocus
SetFocus
RegisterWindowMessageW
IsProcessDPIAware
UnhookWindowsHookEx
CallNextHookEx
RemovePropW
SetPropW
GetActiveWindow
GetDC
EnumChildWindows
MonitorFromWindow
SetWindowLongW
DrawFocusRect
DrawIconEx
GetKeyNameTextW
MapVirtualKeyW
SubtractRect
GetKeyState
UnionRect
SetWindowRgn
IsCharAlphaNumericW
DrawFrameControl
InflateRect
DrawTextW
IntersectRect
NotifyWinEvent
GetGUIThreadInfo
CreateIconIndirect
DestroyIcon
GetIconInfo
SetRect
GetWindowTextLengthW
GetWindowTextW
CharUpperW
CharUpperA
UnregisterClassA
ReleaseDC
RegisterClipboardFormatW
GetDoubleClickTime
GetCursorPos
FillRect
GetSysColorBrush
FrameRect
GetSysColor
SetRectEmpty
PostMessageW
SetCursor
LoadCursorW
ClientToScreen
SetTimer
KillTimer
GetWindowRect
PtInRect
IsWindow
PostThreadMessageW
GetSystemMetrics
IsRectEmpty
LoadImageW
CreateWindowExW
RegisterClassExW
DefWindowProcW
GetClassInfoExW
TranslateAcceleratorW
PeekMessageW
LoadAcceleratorsW
ChangeWindowMessageFilterEx
SetProcessDPIAware
SendMessageTimeoutW
FindWindowW
CharNextW
IsIconic
GetClassNameW
GetDesktopWindow
GetWindowThreadProcessId
IsWindowVisible
GetWindow
SystemParametersInfoW
SetWindowLongPtrW
GetWindowLongPtrW
MapWindowPoints
PostQuitMessage
DestroyWindow
GetParent
SetWindowPos
GetWindowLongW
AdjustWindowRectEx
GetClientRect
GetMonitorInfoW
MonitorFromRect
BringWindowToTop
mouse_event
GetForegroundWindow
SetForegroundWindow
SetWindowTextW
DispatchMessageW
TranslateMessage
IsDialogMessageW
SendMessageW
ShowWindow
CreateDialogParamW
DestroyMenu
TrackPopupMenu
GetSubMenu
EnableMenuItem
LoadMenuW
ScreenToClient
CopyRect
EqualRect
InvalidateRect
OffsetRect

msvcrt

_cexit
memmove
memcpy
memcmp
floorf
floor
_exit
expf
cosf
ceilf
_vsnwprintf
iswspace
iswdigit
wcspbrk
iswalpha
wcschr
wcsstr
wcsspn
_wcsnicmp
_wtol
wcsncmp
_wcstoui64
_wcsicmp
wcstol
_wcsdup
qsort
wcstok_s
_vsnprintf
_isnan
_snwscanf_s
_wtof
iswalnum
swprintf_s
strncpy_s
strnlen
_CxxThrowException
wcscmp
realloc
_errno
??1type_info@@UEAA@XZ
_onexit
__dllonexit
_unlock
_lock
?terminate@@YAXXZ
_commode
_fmode
exit
__set_app_type
__wgetmainargs
_amsg_exit
_wcmdln
_initterm
memset
powf
sin
sqrt
_XcptFilter
_callnewh
wcsncpy_s
vswprintf_s
_vscwprintf
calloc
memmove_s
memcpy_s
free
malloc
__C_specific_handler
_purecall
__CxxFrameHandler3
__setusermatherr

ntdll

RtlLookupFunctionEntry
RtlVirtualUnwind
RtlCaptureContext

oleaut32

SafeArrayGetVartype
SafeArrayGetDim
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreateVector
SafeArrayGetElement
SafeArrayGetLBound
SafeArrayGetUBound
SysAllocString
VariantInit
SysStringLen
SysStringByteLen
SysAllocStringByteLen
SysAllocStringLen
SafeArrayCreate
SafeArrayPutElement
SafeArrayDestroy
VarUI4FromStr
VarBstrCmp
VariantCopy
SysFreeString
VariantClear

ole32

OleUninitialize
CoTaskMemRealloc
CreateStreamOnHGlobal
RevokeDragDrop
CoDisconnectObject
CoTaskMemFree
StringFromGUID2
CoCreateGuid
CoWaitForMultipleHandles
CoUninitialize
CoInitializeEx
PropVariantClear
CoTaskMemAlloc
CoCreateInstance
ReleaseStgMedium
CLSIDFromString
RegisterDragDrop
CoGetApartmentType
OleInitialize

gdiplus

GdipCreateImageAttributes
GdipSetInterpolationMode
GdipGetImageGraphicsContext
GdipCreateBitmapFromScan0
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipCloneImage
GdipAlloc
GdipFree
GdipCreateBitmapFromStream
GdipSetImageAttributesWrapMode
GdipDrawImageRectRectI
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromHICON
GdipDisposeImageAttributes
GdipDeleteGraphics
GdipCreateBitmapFromHBITMAP
GdiplusShutdown
GdiplusStartup

uxtheme

BufferedPaintInit
CloseThemeData
OpenThemeData
GetThemeMargins
GetThemeFont
GetThemeColor
GetThemeMetric
GetThemeAppProperties
GetThemePartSize
DrawThemeTextEx
ord47
EndBufferedPaint
BufferedPaintClear
GetBufferedPaintBits
BeginBufferedPaint
GetThemeAnimationProperty
GetThemeBackgroundExtent
GetThemeAnimationTransform
BufferedPaintUnInit
IsAppThemed

wmpdui

InvalidateLayeredDescendants
LookupGadgetTicket
GetStdColorBrushI
GetStdColorI
GetDUserModule
FindStdColor
InitGadgets
DUserFlushMessages
DUserFlushDeferredMessages
SetWindowResizeFlag
GadgetTransCompositionChanged
SetGadgetBufferInfo
GetGadget
AttachWndProcW
ForwardGadgetMessage
DetachWndProc
GetGadgetRgn
CreateAction
EnsureGadgetTransInitialized
GetGadgetLayerInfo
DetachGadgetVisuals
SetGadgetRootInfo
ReleaseDetachedObjects
ReleaseLayeredRef
AddLayeredRef
SetGadgetFlags
GetGadgetVisual
SetGadgetOrder
SetTransitionVisualProperties
DestroyPendingDCVisuals
ChangeCurrentAnimationScenario
GetGadgetRootInfo
GetCachedDWriteRenderTarget
CacheDWriteRenderTarget
ReleaseMouseCapture
AdjustClipInsideRef
DUserStopPVLAnimation
UtilDrawBlendRect
GetGadgetFlags
MapGadgetPoints
GetGadgetTicket
FindGadgetFromPoint
CustomGadgetHitTestQuery
GetGadgetStyle
SetGadgetFocusEx
GetGadgetAnimation
GetGadgetSize
BuildAnimation
BuildInterpolation
SetGadgetFocus
GetGadgetFocus
GetGadgetRect
DUserPostEvent
DUserSendEvent
CreateGadget
DeleteHandle
InvalidateGadget
SetGadgetRect
SetGadgetMessageFilter
SetGadgetStyle
GetMessageExW
DisableContainerHwnd
SetGadgetParent
SetGadgetLayerInfo

api-ms-win-core-winrt-l1-1-0

RoActivateInstance
RoGetActivationFactory

api-ms-win-core-winrt-string-l1-1-0

WindowsCompareStringOrdinal
WindowsCreateStringReference
WindowsIsStringEmpty
WindowsDeleteString
WindowsCreateString
WindowsGetStringLen
WindowsDuplicateString
WindowsGetStringRawBuffer

api-ms-win-core-winrt-error-l1-1-0

RoTransformError
RoOriginateError

api-ms-win-core-path-l1-1-0

PathCchAppend

oleacc

CreateStdAccessibleObject
LresultFromObject
AccessibleObjectFromWindow
GetRoleTextW
ObjectFromLresult

dwmapi

DwmRenderGesture
DwmTetherContact
DwmIsCompositionEnabled

windowscodecs

WICCreateImagingFactory_Proxy

api-ms-win-shcore-scaling-l1-1-0

GetScaleFactorForDevice
RevokeScaleChangeNotifications
RegisterScaleChangeNotifications

api-ms-win-shcore-scaling-l1-1-1

GetScaleFactorForMonitor

Sections

.text
Size: 933KB - Virtual size: 932KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 214KB - Virtual size: 214KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 320KB - Virtual size: 320KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 588KB - Virtual size: 592KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4104cf876c2e2570afb2ff65c56dd170

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

advapi32

kernel32

gdi32

user32

msvcrt

ntdll

oleaut32

ole32

gdiplus

uxtheme

wmpdui

api-ms-win-core-winrt-l1-1-0

api-ms-win-core-winrt-string-l1-1-0

api-ms-win-core-winrt-error-l1-1-0

api-ms-win-core-path-l1-1-0

oleacc

dwmapi

windowscodecs

api-ms-win-shcore-scaling-l1-1-0

api-ms-win-shcore-scaling-l1-1-1

Sections

.text Size: 933KB - Virtual size: 932KB

.rdata Size: 214KB - Virtual size: 214KB

.data Size: 6KB - Virtual size: 15KB

.pdata Size: 35KB - Virtual size: 34KB

.didat Size: 512B - Virtual size: 152B

.rsrc Size: 320KB - Virtual size: 320KB

.reloc Size: 588KB - Virtual size: 592KB

.text
Size: 933KB - Virtual size: 932KB

.rdata
Size: 214KB - Virtual size: 214KB

.data
Size: 6KB - Virtual size: 15KB

.pdata
Size: 35KB - Virtual size: 34KB

.didat
Size: 512B - Virtual size: 152B

.rsrc
Size: 320KB - Virtual size: 320KB

.reloc
Size: 588KB - Virtual size: 592KB