884d0f11f3584456b4c38568340346c0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

884d0f11f3584456b4c38568340346c0N.exe
Size

448KB
MD5

884d0f11f3584456b4c38568340346c0
SHA1

ce4da4f6bf908e356ef2ea928d3c81c7021c3748
SHA256

5b7b9aaca989d65f7d3aad48bd694815e46c1c9733a75761b7c0c39d223df80e
SHA512

32f26f6f6eeea860ef1616ce3129dc61fdb0a45f190e2ecdf28906f416008d0057a5198e080439b9e6658d614c99023bcb04dfa224d57e734988999a52ac485c
SSDEEP

12288:nE2y7R6QpfO5mni2y66qmvp5HSPItp8+UwBjvrEH7I:OdSGIti+UyrEH7I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
884d0f11f3584456b4c38568340346c0N.exe

Files

884d0f11f3584456b4c38568340346c0N.exe
.exe windows:4 windows x86 arch:x86

3bd8f467b8a023568d5038622e63fe94

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
wcslen
wcscpy
wcscmp
memmove
wcscat
memcmp
_stricmp
sscanf
strlen
strcpy
strcat
floor
ceil
_CIfmod
fseek
ftell
fread
malloc
memcpy
free
longjmp
_setjmp3
_wcsicmp
wcsncmp
wcsncpy
tolower
fclose
pow
??3@YAXPAX@Z
wcsstr
_wcsnicmp
_wcsdup
frexp
modf
_CIpow
fopen
_errno
strerror
abort
atof
gmtime
fflush
fwrite
exit
sprintf
__p__iob
fprintf
getenv
strncpy
calloc
strncmp
_close
_setmode
_fdopen
_open
realloc
_vsnwprintf

kernel32

GetModuleHandleW
HeapCreate
GetCurrentProcess
HeapDestroy
ExitProcess
ExpandEnvironmentStringsW
HeapAlloc
HeapFree
GetCurrentProcessId
GetCurrentThreadId
CloseHandle
InitializeCriticalSection
GetEnvironmentVariableW
SetEnvironmentVariableW
GetModuleFileNameW
GetCommandLineW
DuplicateHandle
CreatePipe
GetStdHandle
CreateProcessW
WaitForSingleObject
EnterCriticalSection
LeaveCriticalSection
CreateFileW
GetFileSize
ReadFile
SetFilePointer
WideCharToMultiByte
MultiByteToWideChar
SetEndOfFile
WriteFile
FreeLibrary
LoadLibraryW
GetProcAddress
GetVersionExW
HeapReAlloc
SetLastError
GetDriveTypeW
FindFirstFileW
FindClose
GetFileAttributesW
MulDiv
TlsAlloc
GlobalFree
GlobalAlloc
DeleteFileW
DeleteCriticalSection
InterlockedCompareExchange
Sleep
InterlockedExchange

user32

GetWindowDC
ReleaseDC
SystemParametersInfoW
GetSystemMetrics
SendMessageW
GetDC
CreateWindowExW
GetSysColor
SetClassLongW
InvalidateRect
UpdateWindow
GetCursorPos
WindowFromPoint
GetDlgCtrlID
RedrawWindow
FillRect
DestroyIcon
MessageBoxW
DefWindowProcW
DestroyWindow
GetWindowLongW
GetWindowTextLengthW
GetWindowTextW
SetFocus
UnregisterClassW
LoadIconW
LoadCursorW
RegisterClassExW
IsWindowEnabled
EnableWindow
SetWindowLongW
CreateAcceleratorTableW
SetForegroundWindow
BringWindowToTop
GetMessageW
TranslateAcceleratorW
IsDialogMessageW
TranslateMessage
DispatchMessageW
DestroyAcceleratorTable
GetForegroundWindow
GetWindowThreadProcessId
IsWindowVisible
EnumWindows
SetWindowPos
SetMenu
DestroyMenu
CreatePopupMenu
AppendMenuW
TrackPopupMenu
GetParent
GetWindowRect
ScreenToClient
ClientToScreen
MapWindowPoints
GetFocus
GetClassNameW
CallWindowProcW
RemovePropW
GetPropW
SetPropW
EnumPropsExW
GetWindow
SetActiveWindow
RegisterClassW
AdjustWindowRectEx
ShowWindow
GetClientRect
GetMenu
PeekMessageW
MsgWaitForMultipleObjects
GetActiveWindow
DefFrameProcW
SetRect
EnumChildWindows
PostMessageW
GetKeyState
IsChild
RegisterWindowMessageW
EnumDisplaySettingsW
GetIconInfo
CreateIconFromResourceEx
CreateIconFromResource
CharUpperW
CharLowerW

gdi32

GetDeviceCaps
CreateCompatibleDC
CreatePatternBrush
CreateCompatibleBitmap
SelectObject
CreateSolidBrush
DeleteObject
DeleteDC
BitBlt
GetStockObject
CreateFontIndirectW
GetTextExtentPoint32W
CreateRectRgnIndirect
GetClipRgn
ExtSelectClipRgn
SelectClipRgn
CreateDCW
GetObjectType
GetObjectW
SetStretchBltMode
SetBrushOrgEx
StretchBlt
CreateDIBSection
CreateBitmap
SetPixel
GetDIBits
CreateFontW

comctl32

ord17
ImageList_Destroy
ImageList_Create
InitCommonControlsEx

ole32

CoInitialize
RevokeDragDrop

shell32

ExtractIconExW
ShellExecuteW
ShellExecuteExW

shlwapi

PathFindOnPathW
AssocQueryStringW

gdiplus

GdipDeleteFont
GdipDeleteGraphics
GdipDeletePath
GdipDeleteMatrix
GdipDeletePen
GdipDeleteStringFormat
GdipFree
GdipGetDpiX
GdipGetDpiY

uxtheme

SetWindowTheme

Sections

.code
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 291KB - Virtual size: 291KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3bd8f467b8a023568d5038622e63fe94

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

gdi32

comctl32

ole32

shell32

shlwapi

gdiplus

uxtheme

Sections

.code Size: 16KB - Virtual size: 15KB

.text Size: 291KB - Virtual size: 291KB

.rdata Size: 38KB - Virtual size: 37KB

.data Size: 8KB - Virtual size: 9KB

.rsrc Size: 17KB - Virtual size: 17KB

.code
Size: 16KB - Virtual size: 15KB

.text
Size: 291KB - Virtual size: 291KB

.rdata
Size: 38KB - Virtual size: 37KB

.data
Size: 8KB - Virtual size: 9KB

.rsrc
Size: 17KB - Virtual size: 17KB