5392e85d36d3b0b8225b339b9dac7810N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

5392e85d36d3b0b8225b339b9dac7810N.exe
Size

86KB
MD5

5392e85d36d3b0b8225b339b9dac7810
SHA1

acc41271839f5bbfefcd8320ec27c357349895ca
SHA256

774ebe0a447522612307e919614a826e2ac70d950b1b8591a00826877fab15ce
SHA512

a5caa7122f977857a0177271c1e858c1e5e9af722866208692ac3bf48088f07c9bcdda71af6b204b1ba7eabd949960bcdfb130a92fb2f48b162c7a95a7f85a85
SSDEEP

1536:xdNELMUQdVEd/XnfK4hwWmjyQkZ0/zGrwGsw:+L6VE1XfK4hwWmO0dGsw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5392e85d36d3b0b8225b339b9dac7810N.exe

Files

5392e85d36d3b0b8225b339b9dac7810N.exe
.exe windows:4 windows x86 arch:x86

a7fa954ec3bc860311c9bf4740060009

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

paenckageee.pdb

Imports

kernel32

SetThreadPriority
GetCurrentThread
GetCurrentProcess
SetPriorityClass
ResumeThread
GetPrivateProfileStringA
CreateProcessA
DeleteFileA
GetModuleHandleA
FreeLibrary
FormatMessageA
LocalFree
GetCurrencyFormatA
GetModuleFileNameA
RemoveDirectoryA
GetFileSize
GetTempFileNameA
GetTempPathA
CreateDirectoryA
GetFileAttributesA
MultiByteToWideChar
GetStartupInfoA
MapViewOfFile
CreateFileMappingA
CloseHandle
SetFileTime
DosDateTimeToFileTime
GetLastError
CreateFileA
SetLastError
UnmapViewOfFile
lstrlenA
GetProcAddress
GetPrivateProfileIntA
LoadLibraryA

ole32

CoCreateInstance
CoUninitialize
CoInitialize

user32

TranslateMessage
PeekMessageA
DispatchMessageA
LoadCursorA
UpdateWindow
ShowWindow
CreateWindowExA
RegisterClassA
GetLastInputInfo
GetDlgItem
GetWindowRect
MoveWindow
GetDC
ReleaseDC
SendDlgItemMessageA
GetParent
wsprintfA
SetDlgItemTextA
PostMessageA
MessageBoxA
GetFocus
SendMessageA
EndPaint
GetSystemMetrics
BeginPaint
DefWindowProcA
SetCursor

advapi32

RegEnumKeyExA
RegQueryValueA
RegSetValueExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA

msvcrt

fread
remove
sscanf
ftell
strncpy
malloc
fprintf
strrchr
strcmp
strcpy
strlen
strcat
strncat
memset
memcpy
strchr
qsort
realloc
fgets
strncmp
exit
fseek
fopen
fclose
fflush
freopen
fwrite
sprintf
free

comctl32

PropertySheetA
CreatePropertySheetPageA

gdi32

DeleteObject
SetTextColor
TextOutA
SetBkMode
SelectObject
CreateFontA
CreateDIBitmap
CreateSolidBrush

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a7fa954ec3bc860311c9bf4740060009

Headers

File Characteristics

PDB Paths

Imports

kernel32

ole32

user32

advapi32

msvcrt

comctl32

gdi32

Sections

.text Size: 40KB - Virtual size: 40KB

.data Size: 40KB - Virtual size: 40KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 40KB - Virtual size: 40KB

.data
Size: 40KB - Virtual size: 40KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 2KB - Virtual size: 1KB