c6c9999b5aa816c366e1945c6ee6dfa0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

c6c9999b5aa816c366e1945c6ee6dfa0N.exe
Size

252KB
MD5

c6c9999b5aa816c366e1945c6ee6dfa0
SHA1

5eeb6fe8d17e2ad06a16ce137c807235f92fec3f
SHA256

e52bd98a879ab4a945175d31710ef58ef1562a1f55d94aba22dc9dc7c638d591
SHA512

09ec0688ce853fd8efb76fd0d763f38a0fbf4d1fe511066488a7a494d463663498415c3daa3027329db9d6b96ea2c8e729ee1228711ef62427a6bbbad6c015a9
SSDEEP

6144:winAol24g5dKn5Ugq0uWhyHPsdBXgZ892bEtM4VWPpvw:v2xK5LRhy+Ny8GIWPpv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c6c9999b5aa816c366e1945c6ee6dfa0N.exe

Files

c6c9999b5aa816c366e1945c6ee6dfa0N.exe
.exe windows:4 windows x86 arch:x86

b58f98ea1384d25898388e5fd35fb36c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentDirectoryW
SystemTimeToFileTime
DosDateTimeToFileTime
AreFileApisANSI
FreeLibraryAndExitThread
CompareStringA
PeekNamedPipe
GetTimeZoneInformation
FreeResource
GetUserDefaultLangID
GetHandleInformation
VirtualProtect
GetVersionExA
GetCommandLineA
RemoveDirectoryW
GetCommModemStatus
EnumResourceNamesW
SwitchToFiber
SetThreadPriorityBoost
AllocConsole
GetModuleFileNameW
VirtualAlloc
GetTickCount
ExitProcess
LoadResource
SetCommTimeouts
GetConsoleMode
SizeofResource
WriteConsoleOutputCharacterA
UnmapViewOfFile
GetOverlappedResult
SetNamedPipeHandleState
SetThreadAffinityMask
LoadLibraryExA
SetConsoleMode
GetShortPathNameA
GetDateFormatA
GetVolumeInformationW
_lclose
SetEnvironmentVariableA
SetConsoleOutputCP
GetFileAttributesA
GetFileAttributesExA
DeleteFiber
WriteFile
GetConsoleCursorInfo

user32

SetSysColors
FlashWindow
IsClipboardFormatAvailable
GetCursor
RegisterDeviceNotificationA
ReleaseDC
RegisterClassW
GetMenuItemCount
SetMenuItemBitmaps
SetScrollPos
LoadMenuW
SetCaretBlinkTime
GetDesktopWindow
InvalidateRgn
TranslateAcceleratorA
SendMessageCallbackW
CharLowerBuffW
SetRectEmpty
TabbedTextOutW
GetMenuStringW
GetWindowTextA
GetKeyboardLayout
GetMonitorInfoA
UnhookWinEvent
GetMenuItemInfoA
SetScrollRange
ShowScrollBar
PeekMessageA
CallWindowProcA
ClipCursor
ToAscii
SetScrollInfo
DefDlgProcA
GetDlgItemTextW
LoadStringW
FindWindowW
PostMessageA
LoadImageW
MonitorFromWindow
SetMessageQueue
CreateAcceleratorTableW
CloseWindow
SendMessageA
LoadAcceleratorsA
MsgWaitForMultipleObjects
GetNextDlgGroupItem
CreateWindowExA

comdlg32

GetOpenFileNameW

advapi32

GetTokenInformation
GetFileSecurityA
SetEntriesInAclA
RegNotifyChangeKeyValue
AbortSystemShutdownW
QueryServiceConfigW
BuildTrusteeWithNameW
DuplicateToken
RegQueryValueExA
StartServiceW
LookupPrivilegeNameA
GetAce
InitiateSystemShutdownA
RegQueryValueA
SetNamedSecurityInfoW
SetFileSecurityW
EnumDependentServicesA
GetAclInformation
CryptAcquireContextA
ClearEventLogW
NotifyBootConfigStatus
StartServiceA
RegSetValueW
RegSaveKeyW
RegCreateKeyExW
RevertToSelf
CryptVerifySignatureW
GetSecurityDescriptorGroup
AddAccessDeniedAce

shell32

SHGetSpecialFolderPathW
SHGetSpecialFolderPathA
ExtractIconExW

ole32

CreateStreamOnHGlobal
OleGetIconOfClass
OleRegGetUserType
OleSetMenuDescriptor
OleFlushClipboard
ReadFmtUserTypeStg
CoQueryProxyBlanket
CoGetInterfaceAndReleaseStream

oleaut32

SafeArrayCreate
QueryPathOfRegTypeLi
LoadTypeLibEx
SysStringLen

comctl32

ImageList_GetDragImage

shlwapi

HashData
PathFindFileNameW
PathCombineA
StrFormatByteSizeW
PathFileExistsW
wnsprintfW
PathIsURLW
UrlApplySchemeW
wnsprintfA
PathIsSameRootW
SHRegGetUSValueW
AssocQueryStringW
SHEnumValueW
StrCmpIW
StrCmpNIW
SHRegOpenUSKeyW
PathAddBackslashA
UrlCombineW
PathUnquoteSpacesA

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 232KB - Virtual size: 229KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b58f98ea1384d25898388e5fd35fb36c

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

.text Size: 8KB - Virtual size: 5KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 232KB - Virtual size: 229KB

.text
Size: 8KB - Virtual size: 5KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 232KB - Virtual size: 229KB