9d098db3e09509230f98206c37407020N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

9d098db3e09509230f98206c37407020N.exe
Size

363KB
MD5

9d098db3e09509230f98206c37407020
SHA1

3addbc8b47583d9380fb661c007c33b6e6ad6f19
SHA256

d13c4a9f1f8372e6d0c457c793e70b7f01292a6d11b95e5a4d65f11f13099a1e
SHA512

a18390aa334fe4e918cc383df50385511deb1ea03d0b358ca1e5cc72055f124adcbcf47f922e7aef4358098cd3df29e4d9943528b68465ffcd8e6fbcc7736771
SSDEEP

3072:KSoBaQLrLv5FJWUg8LU0bTTU1G5Qv530erlGgsLD3OdC/Bev0C9z4Al0VDl:KpBP/L4v8LJYc5S06oNLD39/xefqx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9d098db3e09509230f98206c37407020N.exe

Files

9d098db3e09509230f98206c37407020N.exe
.exe windows:5 windows x86 arch:x86

129ee856bce6e25105abea852acada54

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\vmagent_new\bin\joblist\273958\out\Release\360ZipPdfView.pdb

Imports

gdiplus

GdiplusShutdown
GdiplusStartup

kernel32

LoadLibraryExW
GetModuleHandleW
InitializeCriticalSection
LoadLibraryW
LeaveCriticalSection
GetModuleFileNameW
CreateFileW
GetLastError
GetProcAddress
EnterCriticalSection
DeviceIoControl
DeleteCriticalSection
CloseHandle
GetCurrentProcessId
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
FreeLibrary
SetStdHandle
GetConsoleMode
GetConsoleCP
SetFilePointer
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
GetCurrentProcess
TerminateProcess
LocalFree
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
LCMapStringA
InitializeCriticalSectionAndSpinCount
LoadLibraryA
VirtualAlloc
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapCreate
WriteConsoleA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
RaiseException
CreateFileA
SystemTimeToFileTime
GetSystemTimeAsFileTime
LocalFileTimeToFileTime
SetFilePointerEx
WriteFile
ReadFile
GetFileSizeEx
SetLastError
CreateMutexW
TlsGetValue
WaitForSingleObject
OutputDebugStringW
TlsSetValue
HeapUnlock
OpenThread
HeapLock
HeapWalk
GetCurrentThreadId
ReleaseMutex
TlsAlloc
TlsFree
GetStartupInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
InterlockedIncrement
InterlockedDecrement
Sleep
ExitProcess
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA

user32

LoadStringW
LoadAcceleratorsW
GetMessageW
TranslateMessage
BeginPaint
DispatchMessageW
PostMessageW
EndDialog
PostQuitMessage
EndPaint
LoadIconW
DefWindowProcW
DestroyWindow
DialogBoxParamW
UpdateWindow
ShowWindow
CreateWindowExW
RegisterClassExW
LoadCursorW
TranslateAcceleratorW

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegEnumKeyExW

shell32

CommandLineToArgvW

ole32

CoUninitialize
CoInitialize

shlwapi

PathFileExistsW
PathFindExtensionW
PathAppendW
PathRemoveFileSpecW

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

129ee856bce6e25105abea852acada54

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

gdiplus

kernel32

user32

advapi32

shell32

ole32

shlwapi

Sections

.text Size: 88KB - Virtual size: 87KB

.rdata Size: 17KB - Virtual size: 16KB

.data Size: 6KB - Virtual size: 17KB

.rsrc Size: 164KB - Virtual size: 164KB

.reloc Size: 72KB - Virtual size: 72KB

.text
Size: 88KB - Virtual size: 87KB

.rdata
Size: 17KB - Virtual size: 16KB

.data
Size: 6KB - Virtual size: 17KB

.rsrc
Size: 164KB - Virtual size: 164KB

.reloc
Size: 72KB - Virtual size: 72KB