54771441c5c927891fd1411263b97dc0N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

54771441c5c927891fd1411263b97dc0N.exe
Size

4.1MB
MD5

54771441c5c927891fd1411263b97dc0
SHA1

db0c20d93944a7157e067f25bb1b6d9efb75b232
SHA256

bf44dfb68c6df814abd8aa42a19875fffef9824224781c8b9cac57c567d3a4a7
SHA512

f543990a153c5723abf7e5100e49f000640c371f098f578482697680a59e29f02f5a6eef460dbee8877a284b267d364b2ea400be1a3e55400bd9fe436bf92241
SSDEEP

49152:gp817KKQketFsNJCChSjdH/AQclyiTGNApTxuFD3sxG15WDuWJm/5dhlLhMI7:48pKBtFsNThSBfZcw6DhkvxWe5dhxhh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
54771441c5c927891fd1411263b97dc0N.exe

Files

54771441c5c927891fd1411263b97dc0N.exe
.exe windows:5 windows x86 arch:x86

aa9fe45f09a50f3afa1f5e6862e89b73

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM

Imports

setupapi

SetupDiGetDeviceRegistryPropertyW
SetupDiGetDeviceInterfaceDetailW
SetupDiGetClassDevsW

kernel32

GetLastError
GetLocaleInfoW
GetLocalTime
GetLogicalDriveStringsW
GetModuleFileNameW
GetModuleHandleW
GetPrivateProfileIntW
GetProcAddress
GetProcessHeap
GetShortPathNameW
GetStartupInfoW
GetSystemDirectoryW
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetTempPathW
GetThreadContext
GetThreadPriority
GetUserDefaultLangID
GlobalAddAtomW
GlobalAlloc
GlobalDeleteAtom
GlobalFree
GlobalGetAtomNameW
GlobalHandle
GlobalLock
GlobalSize
GlobalUnlock
HeapAlloc
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
IsProcessorFeaturePresent
LoadLibraryW
LoadResource
LocalAlloc
LocalFree
LockResource
lstrlenA
lstrlenW
MapViewOfFile
MoveFileW
MulDiv
MultiByteToWideChar
OutputDebugStringW
QueryPerformanceCounter
GetFileTime
ReadFile
RemoveDirectoryW
ResetEvent
ResumeThread
SetEndOfFile
SetErrorMode
SetEvent
SetFileAttributesW
SetFilePointer
SetLastError
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
Sleep
SuspendThread
SystemTimeToFileTime
TerminateProcess
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
VirtualProtect
VirtualQuery
WaitForSingleObjectEx
WideCharToMultiByte
WriteFile
LCMapStringA
GetStringTypeW
GetStringTypeA
GetOEMCP
GetACP
GetCPInfo
VirtualFree
HeapCreate
GetVersionExA
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
GetFileSize
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
ExitProcess
GetVersion
GetStartupInfoA
GetModuleHandleA
RtlUnwind
GetFileAttributesW
GetExitCodeThread
GetEnvironmentVariableW
GetDriveTypeW
GetDiskFreeSpaceW
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetComputerNameA
FormatMessageW
FlushInstructionCache
FlushFileBuffers
FindResourceW
FindResourceExW
FindNextFileW
FindFirstFileW
FindClose
FileTimeToSystemTime
ExpandEnvironmentStringsW
DisconnectNamedPipe
DeviceIoControl
DeleteFileW
DeleteCriticalSection
CreateFileW
CreateFileMappingW
CreateEventW
CreateProcessA
GetCommandLineA
InitializeCriticalSection
EnterCriticalSection
GetTickCount
LeaveCriticalSection
LoadLibraryA
GetTimeZoneInformation
GetSystemDefaultLCID
lstrcpyW
RaiseException
LCMapStringW

user32

PostMessageW
PeekMessageW
OpenClipboard
OffsetRect
OemToCharBuffA
MsgWaitForMultipleObjects
MessageBeep
MapWindowPoints
LoadIconW
LoadCursorW
KillTimer
IsWindowEnabled
RedrawWindow
IsChild
InvalidateRect
IntersectRect
InsertMenuW
InflateRect
GetWindowThreadProcessId
GetWindowRect
GetWindowLongW
RegisterWindowMessageW
RemoveMenu
GetSysColor
MessageBoxA
GetSystemMenu
GetNextDlgTabItem
SendMessageTimeoutW
SendMessageW
SetClipboardData
SetCursor
SetForegroundWindow
SetRectEmpty
SetTimer
ShowWindow
SystemParametersInfoW
TranslateMessage
UpdateWindow
IsRectEmpty
GetMenuItemInfoW
GetMenuItemID
GetMenuItemCount
GetKeyState
GetForegroundWindow
GetFocus
GetDlgItem
GetClientRect
GetClassInfoW
FrameRect
FindWindowExW
EnableWindow
EmptyClipboard
DispatchMessageW
DestroyAcceleratorTable
DeleteMenu
DefWindowProcW
CreateMenu
CopyRect
CloseClipboard
CharUpperW
CharUpperA
GetClassNameW

gdi32

SelectObject
SetBkColor
SetBrushOrgEx
MoveToEx
GetObjectW
GetStockObject
LineTo

advapi32

GetSidSubAuthority
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
AddAce
AllocateAndInitializeSid
CopySid
DuplicateToken
FreeSid
GetAclInformation
GetFileSecurityW
GetLengthSid
GetSecurityDescriptorControl
GetSecurityDescriptorDacl
GetSecurityDescriptorGroup
GetSecurityDescriptorLength
GetSecurityDescriptorOwner
GetSecurityDescriptorSacl
GetSidLengthRequired
GetTokenInformation
ImpersonateSelf
InitializeAcl
InitializeSecurityDescriptor
IsValidSecurityDescriptor
IsValidSid
MakeAbsoluteSD
MakeSelfRelativeSD
MapGenericMask
OpenProcessToken
OpenThreadToken
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RevertToSelf

shell32

StrCmpNIW

ole32

OleRun

oleaut32

VariantInit

shlwapi

PathSkipRootW
PathRemoveFileSpecW
PathIsURLW
PathIsUNCW
PathStripToRootW
PathIsUNCServerShareW
PathIsRootW
PathIsRelativeW
PathIsDirectoryW
PathFindFileNameW
PathIsUNCServerW
StrToIntW

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 552KB - Virtual size: 549KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss7
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

aa9fe45f09a50f3afa1f5e6862e89b73

Headers

File Characteristics

Imports

setupapi

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

Sections

.text Size: 2.4MB - Virtual size: 2.4MB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 12KB - Virtual size: 4.0MB

.rsrc Size: 552KB - Virtual size: 549KB

.bss7 Size: 1.2MB - Virtual size: 1.2MB

.text
Size: 2.4MB - Virtual size: 2.4MB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 12KB - Virtual size: 4.0MB

.rsrc
Size: 552KB - Virtual size: 549KB

.bss7
Size: 1.2MB - Virtual size: 1.2MB