007f966fb285625dc807e7f1b372f810N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

007f966fb285625dc807e7f1b372f810N.exe
Size

85KB
MD5

007f966fb285625dc807e7f1b372f810
SHA1

a455b14f47690ea72253275a436eae79570d3e2a
SHA256

4f431230e468b8d7fc2a91d69f7f8358e23e711db2902aabdb5b7eb25cd116d1
SHA512

e11169aef440a9e0b94d56d294970bf9d67cc3c2b785f072ce244753a19ba88ab500de5df7d64381dece1d6109b9653cbd846eee361c390de46bf3652f40eeb7
SSDEEP

1536:tHbCzIjbnYMtTgsmcSTRZBPtNK3QaFJ8E:tHbCz2YYZ3SBPA1f8E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
007f966fb285625dc807e7f1b372f810N.exe

Files

007f966fb285625dc807e7f1b372f810N.exe
.exe windows:4 windows x86 arch:x86

9affb6c919304cb49c7370f4e5cb0fe9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

SafeArrayGetElement
VariantChangeType
SafeArrayCreate
SysFreeString
SysReAllocStringLen
SafeArrayUnaccessData
GetErrorInfo
OleLoadPicture
SysAllocStringLen

user32

GetParent
SetCapture
CharLowerA
ShowScrollBar
DrawIconEx
GetLastActivePopup
SetClassLongA
GetKeyboardLayoutNameA
DefFrameProcA
DefMDIChildProcA
SetScrollPos
GetWindowDC
CheckMenuItem
ShowWindow
SetParent
GetCursor
GetKeyboardType
RegisterWindowMessageA
GetSysColorBrush
DestroyCursor
MapWindowPoints
CreateIcon
GetKeyboardLayout
GetKeyState
SetWindowLongA
EmptyClipboard
SetForegroundWindow
CreatePopupMenu
IsCharUpperA
GetScrollInfo
EndPaint
SetFocus
FindWindowA
IsWindowUnicode
SetTimer
GetScrollPos
IsDialogMessageA
GetClassLongA
GetSystemMenu
IsWindowEnabled
GetKeyboardLayoutList
InflateRect
LoadBitmapA
GetMenu
ReleaseCapture
SetMenuItemInfoA
SetScrollRange
WindowFromPoint
SetActiveWindow
CharLowerBuffA
RegisterClassA
MapVirtualKeyA
PostMessageA
OpenIcon
GetWindow
GetScrollRange
GetPropA
IntersectRect
DispatchMessageA
TranslateMDISysAccel
GetFocus
MessageBoxA
DispatchMessageW
IsDialogMessageW

kernel32

ExitProcess
FindClose
LoadLibraryA
GetLastError
VirtualAllocEx
GetFullPathNameA
WriteFile
GetACP
LocalFree
LocalAlloc
FreeLibrary
GetFileAttributesA
GetFileType
SetErrorMode
SizeofResource
GetVersionExA
WideCharToMultiByte
ExitThread
GetModuleHandleA
EnumCalendarInfoA
lstrcatA
VirtualQuery

Exports

Exports

_aOGpcUPiq7Ds9Q@20
MW_bCwD

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9affb6c919304cb49c7370f4e5cb0fe9

Headers

File Characteristics

Imports

oleaut32

user32

kernel32

Exports

Exports

Sections

.text Size: 9KB - Virtual size: 8KB

.data Size: 13KB - Virtual size: 12KB

.adata Size: 49KB - Virtual size: 48KB

.edata Size: 2KB - Virtual size: 1KB

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 9KB - Virtual size: 8KB

.data
Size: 13KB - Virtual size: 12KB

.adata
Size: 49KB - Virtual size: 48KB

.edata
Size: 2KB - Virtual size: 1KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 8KB - Virtual size: 8KB