[.]exe | Triage

Sharing

Copy URL

Twitter E-mail

General

Target

.exe
Size

1.9MB
MD5

6e2ac4976ca6ef8118f415121993691b
SHA1

45060158ec63ef42944cfe73aed4089a157d50bd
SHA256

884e5e9f2d0a77c612e8f8e241f5d3f861f681081924de9b8b37419cdec49f33
SHA512

1c95bc069b1956d95fcf9aaf5da46c191033d0729247a61e41199a3a9560f6c8a9b33c2fa2b25cabafd509524434a2fead48b86e03d37a78d59d42c9c52f65f1
SSDEEP

24576:XyvRb6SqIB8h4AI92jRqKFXSq9NPcWwXAjEVRCN+j61+CgRDokJ/Sy9ja4zO4aEY:XXCcPRACNV1Yt9zO4HTLu2U/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
.exe

Files

.exe
.exe windows:4 windows x86 arch:x86

c1cec53165a92e7ea5d4e133f7c23d59

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalMemoryStatus
GetLocalTime
ResetEvent
FindNextFileA
GetVersionExA
GetExitCodeProcess
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
SetThreadIdealProcessor
CreateEventA
GetSystemDefaultLangID
GetUserDefaultLangID
GetSystemInfo
HeapAlloc
HeapFree
HeapReAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
InterlockedDecrement
InterlockedIncrement
ResumeThread
CreateThread
TlsSetValue
ExitThread
GetCurrentThreadId
GetTimeZoneInformation
GetSystemTime
GetCommandLineA
GetVersion
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
SetFilePointer
ReadFile
SetHandleCount
GetStdHandle
MultiByteToWideChar
LCMapStringA
LCMapStringW
TlsAlloc
SetLastError
TlsGetValue
UnhandledExceptionFilter
WriteFile
HeapSize
SetStdHandle
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeA
GetStringTypeW
CreateFileA
FlushFileBuffers
SetEndOfFile
RaiseException
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
CreateFileW
GetFileSize
OutputDebugStringA
lstrcmpiA
GetFullPathNameA
InterlockedCompareExchange
InterlockedExchange
DeleteFileA
RemoveDirectoryA
CopyFileA
CreateDirectoryA
GlobalUnlock
GlobalLock
GlobalAlloc
GetModuleHandleA
WideCharToMultiByte
GetSystemDirectoryA
FindFirstFileA
FindClose
GlobalFree
lstrcpyA
LoadLibraryA
GetProcAddress
WaitForMultipleObjects
LeaveCriticalSection
GetLastError
EnterCriticalSection
FreeLibrary
FindResourceA
SizeofResource
LoadResource
LockResource
FreeResource
GetModuleFileNameA
WaitForSingleObject
SetEvent
SetCurrentDirectoryA
GetStartupInfoA
CreateProcessA
CreateMutexA
CloseHandle
Sleep
ReleaseMutex
DeleteCriticalSection
InitializeCriticalSection
GetFileType

user32

LoadCursorA
DestroyIcon
CreateIconIndirect
OpenIcon
MoveWindow
RegisterClassExA
SetWindowRgn
GetClientRect
GetClassNameA
SendMessageTimeoutA
IsWindowVisible
SetWindowPlacement
EnableWindow
GetClipboardData
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
SetRect
AdjustWindowRectEx
SetClassLongA
DefWindowProcA
GetWindowPlacement
ChangeDisplaySettingsExA
EnumDisplaySettingsA
ChangeDisplaySettingsA
SetWindowPos
DrawMenuBar
InsertMenuItemA
EnumWindows
SystemParametersInfoA
GetSystemMetrics
SetCursorPos
SetMenu
ShowCursor
DestroyMenu
DestroyWindow
ClientToScreen
SetCursor
UpdateWindow
GetWindowTextA
DeleteMenu
GetSystemMenu
SetFocus
DialogBoxParamA
LoadIconA
GetWindowRect
CreateWindowExA
RegisterClassA
MessageBoxA
SetWindowLongA
GetDC
ReleaseDC
GetMessageA
TranslateMessage
GetDlgItem
SetWindowTextA
EndDialog
PostQuitMessage
DispatchMessageA
PeekMessageA
SendMessageA
ShowWindow
IsIconic
SetForegroundWindow
FindWindowA
GetKeyboardState
SetKeyboardState
GetCursorPos
ScreenToClient
PostMessageA
GetSubMenu
TrackPopupMenu
GetWindowLongA
CreateMenu

gdi32

SelectObject
CreateCompatibleDC
GetObjectA
SetBkMode
TextOutA
CreateFontIndirectA
CreateDIBSection
CreateBitmap
ExtCreateRegion
GetDIBits
GetDeviceCaps
DeleteObject
DeleteDC
GetStockObject
SetStretchBltMode
StretchDIBits
SetTextColor
EnumFontFamiliesExA

shell32

DragFinish
DragQueryFileA
DragAcceptFiles
Shell_NotifyIconA
FindExecutableA
ShellExecuteExA
SHGetSpecialFolderPathA

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA

comctl32

ord17

ole32

CoUninitialize
CoCreateInstance
CoInitialize

winmm

joyGetPosEx
mciSendStringA
timeEndPeriod
timeGetTime
mmioOpenA
waveInGetDevCapsA
waveInGetNumDevs
joyGetNumDevs
timeBeginPeriod
mmioStringToFOURCCA
mmioClose
mmioRead
waveOutGetDevCapsA
waveOutGetNumDevs
mciSendCommandA
mmioAscend
mmioDescend
timeGetDevCaps

imm32

ImmAssociateContext

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

d3d9

Direct3DCreate9

dsound

ord1

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 158KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 117KB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data1
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 282KB - Virtual size: 281KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c1cec53165a92e7ea5d4e133f7c23d59

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

winmm

imm32

version

d3d9

dsound

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 158KB - Virtual size: 157KB

.data Size: 117KB - Virtual size: 2.3MB

_RDATA Size: 19KB - Virtual size: 19KB

.data1 Size: 512B - Virtual size: 48B

.sxdata Size: 512B - Virtual size: 8B

.rsrc Size: 282KB - Virtual size: 281KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 158KB - Virtual size: 157KB

.data
Size: 117KB - Virtual size: 2.3MB

_RDATA
Size: 19KB - Virtual size: 19KB

.data1
Size: 512B - Virtual size: 48B

.sxdata
Size: 512B - Virtual size: 8B

.rsrc
Size: 282KB - Virtual size: 281KB