a533337d5a7685e8f83fd3a9a8495cc0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

a533337d5a7685e8f83fd3a9a8495cc0N.exe
Size

2.9MB
MD5

a533337d5a7685e8f83fd3a9a8495cc0
SHA1

cc9e0a472958101de70fba50c64dbffd7216e683
SHA256

a9a2bd374784987f11389eb8af8812b0fe1f066abf728ef9b1c667b166a969b0
SHA512

83baa9ef3a44ec50227a7b57d3981f87c367a3e56555029ca63d11b103886eb358e400e270ccdfa786b86f663df28d173d5a35965510685c95d790455ed6e826
SSDEEP

49152:WUyoSCvMxEiyiiZkZbhKXdPlZTvpWNJPpKu2sr0rpjQHHVdwMm8/gC:WUyNWiyiiZCb+dPlZcisr0qH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a533337d5a7685e8f83fd3a9a8495cc0N.exe

Files

a533337d5a7685e8f83fd3a9a8495cc0N.exe
.exe windows:6 windows x86 arch:x86

6e52ca4cca5e8c1147b553346b453de8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
WideCharToMultiByte
IsBadReadPtr
VirtualQuery
CreateEventW
SetEvent
ResetEvent
GetSystemTimeAsFileTime
lstrcmpiW
LoadLibraryExW
VirtualProtect
VirtualFree
VirtualAlloc
LoadLibraryA
GetNativeSystemInfo
WriteConsoleW
CreateFileW
FlushFileBuffers
GetStringTypeW
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetACP
IsValidCodePage
FindFirstFileExW
LCMapStringW
GetConsoleMode
GetConsoleOutputCP
GetFileType
SetFilePointerEx
WriteFile
GetStdHandle
GetCommandLineA
GetModuleHandleExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
RtlUnwind
QueryPerformanceCounter
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
LoadLibraryExA
IsProcessorFeaturePresent
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
EncodePointer
OutputDebugStringW
GetSystemInfo
CloseHandle
GlobalFlags
MultiByteToWideChar
GetFileAttributesW
FindClose
GetModuleFileNameW
TerminateProcess
GetCurrentProcess
FindNextFileW
GetCommandLineW
SetLastError
FreeLibrary
GetProcAddress
LoadLibraryW
GetTickCount
ExitProcess
FindResourceW
LoadResource
LockResource
FreeResource
SizeofResource
MulDiv
GlobalUnlock
GlobalLock
GlobalFree
GlobalAlloc
LeaveCriticalSection
GetCurrentThreadId
GetModuleHandleW
IsDebuggerPresent
TryEnterCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetProcessHeap
DeleteCriticalSection
HeapDestroy
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionAndSpinCount
GetOEMCP
HeapFree

user32

IsRectEmpty
SetCapture
GetClassInfoExW
ReleaseCapture
BeginPaint
EndPaint
DeleteMenu
DestroyAcceleratorTable
GetSysColor
DestroyMenu
TranslateAcceleratorW
PostQuitMessage
GetCursorPos
GetWindowThreadProcessId
MonitorFromWindow
SetActiveWindow
GetMonitorInfoW
ClientToScreen
CopyRect
GetCapture
RegisterClassExW
CharNextW
CallWindowProcW
UnregisterClassW
GetSystemMetrics
MessageBoxW
SendMessageW
ShowWindow
MoveWindow
DestroyWindow
IsWindow
DefWindowProcW
DispatchMessageW
TranslateMessage
GetWindowTextW
GetNextDlgTabItem
IsIconic
GetDlgItem
GetClassNameW
SetFocus
IntersectRect
WinHelpW
SetMenu
IsWindowEnabled
IsChild
GetDlgCtrlID
IsDialogMessageW
FillRect
GetTopWindow
SetWindowRgn
IsWindowVisible
GetFocus
GetSystemMenu
GetLastActivePopup
GetWindowTextLengthW
SetRect
IsZoomed
RedrawWindow
DestroyIcon
EnumWindows
GetMessageW
PeekMessageW
GetWindowLongW
SetWindowTextW
InvalidateRect
SetWindowPos
SetWindowLongW
GetWindowRect
GetParent
ScreenToClient
GetClientRect
UpdateWindow
GetKeyState
SetCursor
GetWindow
EnableWindow
AdjustWindowRectEx
ReleaseDC
GetDC
LoadImageW
GetDesktopWindow
LoadCursorW
LoadIconW
EnumDisplaySettingsW
PostMessageW
CreateWindowExW
LoadStringW
GetActiveWindow
DrawIcon

gdi32

ExtTextOutW
CreateSolidBrush
SetBkColor
GetClipBox
PatBlt
CreateEllipticRgn
CreateRoundRectRgn
CombineRgn
CreateFontIndirectW
CreateRectRgn
BitBlt
CreateCompatibleBitmap
SelectObject
CreateDIBSection
SetDIBColorTable
CreateCompatibleDC
GdiAlphaBlend
GetStockObject
GetDeviceCaps
DeleteDC
GetObjectW
DeleteObject
SetStretchBltMode

advapi32

RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
RegEnumKeyExW
RegDeleteValueW
RegCloseKey

shell32

Shell_NotifyIconW
DragFinish
DragQueryFileW
SHAppBarMessage

ole32

CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
CoInitializeEx
CoUninitialize
CreateStreamOnHGlobal
CoTaskMemRealloc

oleaut32

VarUI4FromStr

comctl32

ImageList_AddMasked
ImageList_Create
ImageList_Destroy
InitCommonControlsEx

ws2_32

WSACleanup

gdiplus

GdipCreateBitmapFromStream
GdipAlloc
GdipDrawImageRectI
GdipDisposeImage
GdipGetImagePixelFormat
GdipFree
GdipCloneImage
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipGetImagePalette
GdipSetCompositingMode
GdipGetImageWidth
GdipCreateBitmapFromFile
GdipCreateBitmapFromScan0
GdipBitmapUnlockBits
GdipGetImageHeight
GdipGetImagePaletteSize
GdiplusStartup
GdiplusShutdown
GdipBitmapLockBits

Sections

.text
Size: 265KB - Virtual size: 265KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6e52ca4cca5e8c1147b553346b453de8

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

ws2_32

gdiplus

Sections

.text Size: 265KB - Virtual size: 265KB

.rdata Size: 76KB - Virtual size: 76KB

.data Size: 7KB - Virtual size: 11KB

.rsrc Size: 2.6MB - Virtual size: 2.6MB

.reloc Size: 22KB - Virtual size: 22KB

.text
Size: 265KB - Virtual size: 265KB

.rdata
Size: 76KB - Virtual size: 76KB

.data
Size: 7KB - Virtual size: 11KB

.rsrc
Size: 2.6MB - Virtual size: 2.6MB

.reloc
Size: 22KB - Virtual size: 22KB