c74ecffb6212cb08fe58bee7eeb6cd50N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

c74ecffb6212cb08fe58bee7eeb6cd50N.exe
Size

182KB
MD5

c74ecffb6212cb08fe58bee7eeb6cd50
SHA1

7b7dd7ee57965b66f228617ddafa6212c0d44bcd
SHA256

ac16033467c50604eeaae0b331cb2a189c6251eebe59beffad006bd93cc16078
SHA512

327a8eddbf2c4f760e87a90a58e67178788c7b86225aa27c37e1418e4f12f35addbae07d0cbedc320051d172ce62e85da95582c573d3b466bd80a8ac635d8500
SSDEEP

3072:QYypA3a1gbrSuBCkyAnhdiSmWggxB464fXYRT8oSd5XTrkI58bFMMHsHwkdG2aF:QYyW3asBnmWgiB46YXYRQoSd5Xnk68bF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c74ecffb6212cb08fe58bee7eeb6cd50N.exe

Files

c74ecffb6212cb08fe58bee7eeb6cd50N.exe
.exe windows:4 windows x86 arch:x86

ed6f0a734af7a2a56563301167c32815

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

oleacc

LresultFromObject
CreateStdAccessibleObject

gdi32

ExtTextOutW
Escape
SetWindowExtEx
SetViewportOrgEx
GetDeviceCaps
GetMapMode
SelectObject
ScaleWindowExtEx
TextOutW
PtVisible
ScaleViewportExtEx
GetStockObject
ExtSelectClipRgn
DeleteDC
OffsetViewportOrgEx
GetBkColor
RectVisible
GetTextColor
GetRgnBox

shlwapi

PathIsUNCW
PathRemoveFileSpecW
PathFindExtensionW
PathStripToRootW
PathFileExistsW
PathFindFileNameW
PathAppendW

user32

GetClassLongW
MessageBeep
GetPropW
SendDlgItemMessageA
CharNextW
CreateWindowExW
CopyAcceleratorTableW
GetClassInfoExW
IsRectEmpty
GetNextDlgTabItem
CharUpperW
SetPropW
GetNextDlgGroupItem
InvalidateRect
RegisterWindowMessageW
WinHelpW
SetRect
InvalidateRgn
RemovePropW
DestroyMenu

kernel32

GetCalendarInfoW
FindNextFileW
SystemTimeToFileTime
GetVersion
ReadFile
CreateFileW
CreateDirectoryW
GetThreadContext
EnumResourceLanguagesW
WriteFile
WideCharToMultiByte
LoadLibraryW
RemoveDirectoryW
GetSystemDefaultLangID
lstrcpyW
MoveFileW
EnumResourceNamesA
GetCurrentProcessId
FindClose
SetFileTime
InterlockedDecrement
ExitProcess
FindFirstFileW
GetModuleFileNameW
GetCurrentDirectoryW
SetFilePointer
LocalFileTimeToFileTime
MultiByteToWideChar
GetLocaleInfoW
ConvertDefaultLocale
DeleteFileW
GetFileAttributesW
GetProcAddress

advapi32

RegOpenKeyW
RegDeleteKeyW
RegOpenKeyExW
RegEnumKeyW
RegCreateKeyExW
RegCloseKey
RegEnumKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegQueryValueW
RegQueryValueExW

ole32

OleUninitialize
OleFlushClipboard
CoUninitialize
StgOpenStorageOnILockBytes
OleInitialize
OleIsCurrentClipboard
CoCreateInstance
CoInitialize
CLSIDFromProgID
CoRegisterMessageFilter
CoRevokeClassObject
CoTaskMemAlloc
StgCreateDocfileOnILockBytes
CoGetClassObject
CreateILockBytesOnHGlobal
CoFreeUnusedLibraries
CoTaskMemFree
CLSIDFromString

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 372KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ed6f0a734af7a2a56563301167c32815

Headers

File Characteristics

Imports

shell32

oleacc

gdi32

shlwapi

user32

kernel32

advapi32

ole32

Sections

.text Size: 100KB - Virtual size: 99KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 77KB - Virtual size: 76KB

.edata Size: 1024B - Virtual size: 372KB

.text
Size: 100KB - Virtual size: 99KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 77KB - Virtual size: 76KB

.edata
Size: 1024B - Virtual size: 372KB