57151ed393d181bae268cdece16a27c0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

57151ed393d181bae268cdece16a27c0N.exe
Size

527KB
MD5

57151ed393d181bae268cdece16a27c0
SHA1

a67894c340a651eb98736bebc14396dd546a1c2f
SHA256

494a6d6a3d8285db35367a6068185939ce6567273ab0ec18649062363376ceae
SHA512

00a9c9e2953685c67c54520e2f764ff4e27ff6d6fe1ab416eaad06a540f19d418e733c2bb06b1f92a33b280022a5d70914841b7f15ad7460481c2f93aa263705
SSDEEP

12288:CP8filQ/kJCOHCoySXuLiEnXZJsMNBRS4:IwkrjGfJ+MNBI4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
57151ed393d181bae268cdece16a27c0N.exe

Files

57151ed393d181bae268cdece16a27c0N.exe
.dll windows:6 windows x86 arch:x86

610c739daa623e8397e040c9719cf07a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapCreate
Beep
MulDiv
CreateProcessA
WritePrivateProfileStringW
DeleteCriticalSection
DeleteFileW
OpenFileMappingA
GetCPInfo
VerSetConditionMask
QueryPerformanceCounter
ConnectNamedPipe
GetTickCount
LoadLibraryA
GetWindowsDirectoryW
FreeLibrary
CreateDirectoryW
GlobalLock
SetEndOfFile
SystemTimeToFileTime
Sleep
CreateFileW
ExitThread
MultiByteToWideChar
GlobalUnlock
EnumResourceTypesW
LocalFree
WaitForSingleObject
VirtualFree
GetUserDefaultUILanguage
GetLastError
CreateEventA
ReadConsoleW
WriteConsoleW
SetStdHandle
OutputDebugStringW
LoadLibraryExW
HeapReAlloc
SetFilePointerEx
ReadFile
GetConsoleMode
GetConsoleCP
FlushFileBuffers
CloseHandle
GetModuleFileNameW
WriteFile
FreeEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetOEMCP
GetACP
IsValidCodePage
GetFileType
GetStdHandle
HeapSize
AreFileApisANSI
GetModuleHandleExW
ExitProcess
GetProcessHeap
IsDebuggerPresent
EnumSystemLocalesW
SystemTimeToTzSpecificLocalTime
GetCommandLineW
TlsAlloc
VirtualProtect
GetStringTypeW
FindNextFileW
FindNextFileA
GetModuleFileNameA
CreatePipe
FindClose
GetDiskFreeSpaceW
IsDBCSLeadByteEx
GetCPInfoExW
SetThreadLocale
VerifyVersionInfoW
GetTempPathW
GetStartupInfoW
SetThreadPriority
GetSystemDirectoryA
TerminateProcess
ReadProcessMemory
GetUserDefaultLangID
VirtualQueryEx
GetPrivateProfileStringW
WaitForSingleObjectEx
GetEnvironmentStringsW
FindResourceW
GetSystemDefaultUILanguage
GetDriveTypeW
TlsGetValue
GetTempFileNameW
RemoveDirectoryW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
GetProcAddress
GetModuleHandleW
WideCharToMultiByte
EncodePointer
DecodePointer
EnterCriticalSection
LeaveCriticalSection
HeapFree
GetCommandLineA
GetCurrentThreadId
RaiseException
RtlUnwind
HeapAlloc
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
TlsSetValue
TlsFree

user32

MapWindowPoints
DestroyMenu
AttachThreadInput
ModifyMenuW
SetMenuItemInfoW
GetKeyState
DrawStateW
SetWindowTextW
DestroyAcceleratorTable
CreateIconIndirect
LoadMenuW
DrawFrameControl
MessageBoxW
GetClassNameW
ToUnicode
IsIconic
DrawIconEx
LoadStringA
GetMenuStringW
CharLowerBuffW
GetDC
DrawFocusRect
MessageBoxA
GetWindowTextW
SystemParametersInfoW
GetDesktopWindow
GetSysColorBrush
GetKeyboardType
InsertMenuW

gdi32

GetRgnBox
SetViewportOrgEx
CreateEnhMetaFileW
CreatePolygonRgn
PlayEnhMetaFile
GetObjectW
GetNearestPaletteIndex
SetStretchBltMode
PolyPolygon
SetLayout
PtInRegion
StretchDIBits
GetTextExtentPointW
CreatePatternBrush
CloseEnhMetaFile
GetCharABCWidthsW

comdlg32

FindTextW
GetSaveFileNameW

advapi32

RegSetKeySecurity
RegSetValueExW
StartServiceW
RegLoadKeyW
ChangeServiceConfigW
RegUnLoadKeyW
RegConnectRegistryW
RegEnumKeyExW
ControlService
RegOpenKeyExW
RegDeleteValueA
SetSecurityDescriptorDacl
OpenServiceW

shell32

ShellExecuteW
CommandLineToArgvW

ole32

CoInitialize

oleaut32

VariantCopy
SysFreeString
SafeArrayPtrOfIndex

Sections

.text
Size: 405KB - Virtual size: 405KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

610c739daa623e8397e040c9719cf07a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 405KB - Virtual size: 405KB

.rdata Size: 85KB - Virtual size: 85KB

.data Size: 19KB - Virtual size: 98KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 16KB - Virtual size: 15KB

.text
Size: 405KB - Virtual size: 405KB

.rdata
Size: 85KB - Virtual size: 85KB

.data
Size: 19KB - Virtual size: 98KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 16KB - Virtual size: 15KB