986e88541395747330057b20c9c891b0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

986e88541395747330057b20c9c891b0N.exe
Size

2.3MB
MD5

986e88541395747330057b20c9c891b0
SHA1

992437df359376b65a3ae9513fcb8c7cbde2cd6d
SHA256

3a752f8f6bf43c8554f0e8198a421b838f29eedde71e41ddf02b22cf661ffba1
SHA512

146e903f0f9b87004b202901648172fcfda18a59d6a8bc251963a588a4798309f05e31f8e4cc74d89b799650adee179d41622021b2bbab6827788a10880b726e
SSDEEP

49152:syzqH6ZdgY4BvWc4AkgkwcRY03EKlxHMAhg7/4zv2W72qh:sb6ZdZkXQFUKlVhg7/M2WKq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
986e88541395747330057b20c9c891b0N.exe

Files

986e88541395747330057b20c9c891b0N.exe
.dll windows:5 windows x86 arch:x86

7c0dc80f76cb29df99ec475f1ba4f591

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

lz32

LZClose
LZCopy

winscard

SCardStatusW

setupapi

SetupUninstallOEMInfW
SetupDiGetClassDescriptionW
CM_Get_Child
CM_Get_DevNode_Registry_PropertyA
SetupDiInstallDevice

rasapi32

RasSetSubEntryPropertiesW

ole32

CoGetStandardMarshal
StgIsStorageFile
HDC_UserMarshal
CoCreateFreeThreadedMarshaler
BindMoniker

iphlpapi

CreateIpForwardEntry
IcmpSendEcho

netapi32

NetSessionDel

opengl32

glTexCoord2f
glEnable

shell32

SHGetPathFromIDListW
ExtractAssociatedIconW

powrprof

IsPwrHibernateAllowed

mscms

GetColorDirectoryW

winspool.drv

AddPrinterConnectionW
ClosePrinter

oleaut32

VarDateFromI4
VarDateFromBool

urlmon

CompareSecurityIds
URLDownloadToCacheFileA

msacm32

acmFormatDetailsW

advapi32

EnumServicesStatusExW
SetEntriesInAclA
RegCreateKeyA
CreateWellKnownSid
LookupAccountNameW
GetSecurityDescriptorDacl
GetAclInformation

ws2_32

bind

shlwapi

PathStripToRootA
StrChrA

gdi32

DescribePixelFormat
CreateMetaFileW
CreateFontIndirectW
GetStretchBltMode

crypt32

CryptSIPVerifyIndirectData

comctl32

ImageList_Destroy

rpcrt4

NdrClientInitializeNew

mprapi

MprConfigInterfaceEnum
MprAdminMIBEntryCreate

winmm

midiInPrepareHeader
waveOutUnprepareHeader
waveInGetDevCapsA

user32

EnableMenuItem
IsCharUpperW
ScrollWindowEx
GetKeyboardState
DrawTextExW
EndMenu
PostThreadMessageA
SetMenuItemInfoA
SetWindowPlacement
CharToOemBuffA
DragDetect
OemToCharBuffA
SetMenuItemInfoW
SetWindowRgn

msvcrt

wcstod
wprintf
rename

kernel32

GetEnvironmentStrings
HeapAlloc
GetLogicalDrives
lstrcpyA
Module32FirstW
GetProfileSectionW
GetVersionExA
GetModuleFileNameA
Beep
IsProcessorFeaturePresent
QueryPerformanceCounter
DeleteVolumeMountPointW
CreateDirectoryW
EnumResourceLanguagesW
SetEvent
CloseHandle
ReadConsoleW
OutputDebugStringA
ReadFileEx

version

GetFileVersionInfoSizeW

Exports

Exports

HtttesvwohatTsb

Sections

.text
Size: 252KB - Virtual size: 248KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.crt1
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 624KB - Virtual size: 623KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 288KB - Virtual size: 288KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Px3z7
Size: 772KB - Virtual size: 770KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bI6k
Size: 180KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 864B

IMAGE_SCN_MEM_READ

.reloc
Size: 104KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7c0dc80f76cb29df99ec475f1ba4f591

Headers

File Characteristics

Imports

lz32

winscard

setupapi

rasapi32

ole32

iphlpapi

netapi32

opengl32

shell32

powrprof

mscms

winspool.drv

oleaut32

urlmon

msacm32

advapi32

ws2_32

shlwapi

gdi32

crypt32

comctl32

rpcrt4

mprapi

winmm

user32

msvcrt

kernel32

version

Exports

Exports

Sections

.text Size: 252KB - Virtual size: 248KB

.crt1 Size: 44KB - Virtual size: 42KB

.rdata Size: 624KB - Virtual size: 623KB

.data Size: 288KB - Virtual size: 288KB

Px3z7 Size: 772KB - Virtual size: 770KB

.qdata Size: 56KB - Virtual size: 55KB

bI6k Size: 180KB - Virtual size: 176KB

.rsrc Size: 4KB - Virtual size: 864B

.reloc Size: 104KB - Virtual size: 100KB

.text
Size: 252KB - Virtual size: 248KB

.crt1
Size: 44KB - Virtual size: 42KB

.rdata
Size: 624KB - Virtual size: 623KB

.data
Size: 288KB - Virtual size: 288KB

Px3z7
Size: 772KB - Virtual size: 770KB

.qdata
Size: 56KB - Virtual size: 55KB

bI6k
Size: 180KB - Virtual size: 176KB

.rsrc
Size: 4KB - Virtual size: 864B

.reloc
Size: 104KB - Virtual size: 100KB