5a9718b59b789af03134e62c87514bf0N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

5a9718b59b789af03134e62c87514bf0N.exe
Size

217KB
MD5

5a9718b59b789af03134e62c87514bf0
SHA1

8b5a822bfd9d345bac7ee2e1cf02f3231fadaeb1
SHA256

51e5d607d6009973f6bd5445a81b57bb6f485b25eabf70f51d37f4c6da777864
SHA512

71dd8acc8865b3c01dff496a0ec3f5b2b938e6b64bb1a3fde39bbd51ce2aabfaf674c431a4ccfbb12a03b3d4cfcb3f4af31022cd74e4c57a6888fc8050496930
SSDEEP

6144:cnyiqVQBf0EaIp8fkTJJsK1eEzEB1XjrkXb:9Edp8csKpE7XX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a9718b59b789af03134e62c87514bf0N.exe

Files

5a9718b59b789af03134e62c87514bf0N.exe
.exe windows:4 windows x86 arch:x86

752e1ad839fdd9d87e202c92c2bee710

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetUserDefaultLangID
EnumDateFormatsW
GetLogicalDrives
lstrlen
lstrcpynW
GetDateFormatW
GetEnvironmentStringsW
GetVersionExA
SetThreadPriority
LocalAlloc
GetAtomNameA
GetShortPathNameW
LoadLibraryA
GetWindowsDirectoryW
GetEnvironmentVariableA
AddAtomA
GetDiskFreeSpaceA
GlobalFindAtomA
GetModuleFileNameA
GetHandleInformation
GetModuleHandleA
CompareFileTime
MoveFileA
SearchPathW
GetLogicalDriveStringsA
SetPriorityClass
OpenProcess
FatalAppExitA
GetLongPathNameW
IsValidCodePage
IsDebuggerPresent
lstrcmpW
GetProcAddress
SetCurrentDirectoryA
GetShortPathNameA
LoadLibraryW
SetErrorMode
RaiseException
EndUpdateResourceA

user32

GetWindowRgn
GetMenuItemInfoA
GetClassInfoA
GetMenu
LoadMenuIndirectW
UpdateWindow
ClientToScreen
WaitMessage
FrameRect
ArrangeIconicWindows
CreatePopupMenu
GetMenuStringA
MessageBoxIndirectW
RegisterClassExA
WaitForInputIdle
CreateDialogIndirectParamW
FlashWindow
GetMenuItemInfoW
EnumDesktopsW
IsChild
EmptyClipboard
CreateDialogParamW
EnumDesktopsA
DialogBoxIndirectParamA
EndDialog
CharNextW
DefDlgProcW
IsWindow
DrawTextW
PeekMessageA
GetWindowRect
ReleaseDC

gdi32

GetPath
CreateSolidBrush
GetRgnBox
SetMiterLimit
SetBrushOrgEx
GetMetaRgn
GetDeviceGammaRamp
GetDeviceCaps
FrameRgn
CreateFontIndirectA
OffsetClipRgn
GetCharWidth32A
AnimatePalette
SetDCBrushColor
UpdateICMRegKeyA
SetLayout
FillRgn
CreateMetaFileA
PtVisible
GetEnhMetaFilePaletteEntries
ExtEscape
EndPath
GetClipBox

advapi32

RegReplaceKeyW
RegCreateKeyExW
RegSaveKeyW
RegEnumValueA
RegDeleteValueW
RegQueryValueExW
RegEnumKeyW
RegReplaceKeyA
RegRestoreKeyW
RegSetValueW

shlwapi

SHSkipJunction
UrlCanonicalizeA
DllGetVersion
PathIsPrefixA
PathParseIconLocationA

wininet

InternetSetPerSiteCookieDecisionW
InternetSetOptionW
InternetSetCookieW
FindNextUrlCacheContainerA
FindFirstUrlCacheEntryW
InternetWriteFileExW
CreateUrlCacheContainerA
FtpCommandA
InternetCanonicalizeUrlW
InternetAutodial
GopherCreateLocatorW
InternetSetOptionExA
DeleteIE3Cache
HttpEndRequestW
InternetCrackUrlW
FtpSetCurrentDirectoryA

winspool.drv

QuerySpoolMode
AddPrinterW
OpenPrinterW
GetDefaultPrinterW
DocumentPropertiesW
AddPortExA
AbortPrinter
SetPrinterDataA
SetPrinterW

inetcomm

MimeEditDocumentFromStream
HrDoAttachmentVerb
MimeOleGetFileInfo
MimeOleCreateHashTable
MimeGetAddressFormatW
MimeOleSMimeCapsToDlg
MimeOleAlgStrengthFromSMimeCap
CreateNNTPTransport

oledlg

OleUIChangeSourceA
OleUIPasteSpecialW
OleUIUpdateLinksW
OleUIPromptUserW
OleUIObjectPropertiesW
OleUIConvertA
OleUIChangeSourceW
OleUIAddVerbMenuW
OleUIInsertObjectW

wsock32

WSAAsyncGetProtoByNumber
recv
htons
AcceptEx
recvfrom
GetAcceptExSockaddrs
WSAStartup
rexec
TransmitFile
gethostbyname

crypt32

CertNameToStrW
CertGetValidUsages
CertGetEnhancedKeyUsage
CertAddCertificateContextToStore
CryptSIPRemoveProvider
CryptGetDefaultOIDFunctionAddress
CryptBinaryToStringW
CryptAcquireCertificatePrivateKey
CryptUnregisterOIDInfo

Sections

.rdata
Size: 1KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 1KB - Virtual size: 32KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 33KB

IMAGE_SCN_MEM_READ

.edata
Size: 1KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 11KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 23KB

IMAGE_SCN_MEM_READ

.edata
Size: 1KB - Virtual size: 12KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

752e1ad839fdd9d87e202c92c2bee710

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shlwapi

wininet

winspool.drv

inetcomm

oledlg

wsock32

crypt32

Sections

.rdata Size: 1KB - Virtual size: 10KB

.rdata Size: 1024B - Virtual size: 2KB

.edata Size: 1KB - Virtual size: 32KB

.edata Size: 14KB - Virtual size: 13KB

.rdata Size: 5KB - Virtual size: 5KB

.rdata Size: 1024B - Virtual size: 33KB

.edata Size: 1KB - Virtual size: 15KB

.rdata Size: 1KB - Virtual size: 25KB

.data Size: 11KB - Virtual size: 16KB

.rdata Size: 1KB - Virtual size: 19KB

.rdata Size: 1024B - Virtual size: 23KB

.edata Size: 1KB - Virtual size: 12KB

.rsrc Size: 172KB - Virtual size: 172KB

.reloc Size: 1024B - Virtual size: 4KB

.rdata
Size: 1KB - Virtual size: 10KB

.rdata
Size: 1024B - Virtual size: 2KB

.edata
Size: 1KB - Virtual size: 32KB

.edata
Size: 14KB - Virtual size: 13KB

.rdata
Size: 5KB - Virtual size: 5KB

.rdata
Size: 1024B - Virtual size: 33KB

.edata
Size: 1KB - Virtual size: 15KB

.rdata
Size: 1KB - Virtual size: 25KB

.data
Size: 11KB - Virtual size: 16KB

.rdata
Size: 1KB - Virtual size: 19KB

.rdata
Size: 1024B - Virtual size: 23KB

.edata
Size: 1KB - Virtual size: 12KB

.rsrc
Size: 172KB - Virtual size: 172KB

.reloc
Size: 1024B - Virtual size: 4KB