5196a7259f17bb1b7e4f590ed3dcc460N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

5196a7259f17bb1b7e4f590ed3dcc460N.exe
Size

1.0MB
MD5

5196a7259f17bb1b7e4f590ed3dcc460
SHA1

21e9f7d90c6617bfe353db4b148493f2fa9291bd
SHA256

6e97bbce72bd6448c8d159a6dd0ff59eb77501913c0812057d51f542106a3ce4
SHA512

8f37703bd47e4e302475bc26fb2d6cd8047d59334ca2756290833fc3f746a5d62d2a1fdb69f55d44a1b72bffeeed8bc5c958016ac0db0d340096044f9008fb31
SSDEEP

24576:bLiRy2CcN9O11ItZL8TLrWDQA7O+n9jPCT3Brq:0CaeNrmQA7d5CTo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5196a7259f17bb1b7e4f590ed3dcc460N.exe

Files

5196a7259f17bb1b7e4f590ed3dcc460N.exe
.exe windows:4 windows x86 arch:x86

27e03e924f77c39a8bebfdc5862a167f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetGetConnectedState
InternetReadFile
HttpQueryInfoW
InternetOpenUrlW
InternetCanonicalizeUrlW
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
InternetGetLastResponseInfoW
InternetQueryDataAvailable
InternetSetOptionExW
InternetQueryOptionW
InternetCrackUrlW
InternetOpenW
InternetCloseHandle

shlwapi

UrlUnescapeW
PathStripToRootW
PathIsUNCW
PathFindExtensionW
PathFileExistsW
PathFindFileNameW

kernel32

LocalReAlloc
TlsFree
GetFileTime
HeapFree
HeapAlloc
GetProcessHeap
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
RaiseException
GetSystemTimeAsFileTime
HeapReAlloc
ExitThread
ExitProcess
VirtualProtect
GetSystemInfo
SetStdHandle
GetFileType
TlsSetValue
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapDestroy
HeapCreate
QueryPerformanceCounter
GetCPInfo
GetOEMCP
GetTimeFormatA
GetDateFormatA
LCMapStringA
LCMapStringW
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
GetCurrentDirectoryA
GetDriveTypeA
TlsAlloc
TlsGetValue
GlobalFlags
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
SuspendThread
ResumeThread
SetThreadPriority
GetCurrentProcessId
GlobalGetAtomNameW
GetFullPathNameW
GetVolumeInformationW
GetCurrentProcess
DuplicateHandle
UnlockFile
LockFile
GetThreadLocale
LocalAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileW
FreeResource
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
GetModuleHandleA
LocalFree
InterlockedDecrement
InterlockedIncrement
GetExitCodeThread
lstrcatW
WinExec
GetWindowsDirectoryW
lstrcpyW
LoadLibraryExW
GetFileAttributesW
GetFileSize
VirtualAlloc
VirtualFree
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
SetLastError
MulDiv
GetVersion
GetVersionExW
SetErrorMode
GetLocalTime
IsBadWritePtr
VirtualQuery
SetUnhandledExceptionFilter
SetEndOfFile
SetFilePointer
GlobalHandle
GlobalUnlock
GlobalLock
FormatMessageW
CreateNamedPipeW
ConnectNamedPipe
GetOverlappedResult
DisconnectNamedPipe
FlushFileBuffers
CreateMutexW
CreateSemaphoreW
CreatePipe
GetStartupInfoW
CreateProcessW
ReadFile
DeleteFileW
GetSystemTime
GetTimeZoneInformation
GetACP
lstrlenA
GetModuleHandleW
LoadLibraryW
GetProcAddress
FreeLibrary
GetLastError
GlobalAlloc
GlobalReAlloc
GlobalFree
WideCharToMultiByte
WritePrivateProfileStringW
GetPrivateProfileStringW
FindFirstFileW
FindClose
CreateEventW
CreateDirectoryW
TerminateThread
WaitForSingleObject
ResetEvent
GetModuleFileNameW
GetTickCount
CreateThread
SetEvent
Sleep
CreateFileW
WriteFile
CloseHandle
lstrlenW
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource
HeapSize

user32

GetWindowThreadProcessId
ReuseDDElParam
UnpackDDElParam
WindowFromPoint
ShowOwnedPopups
MapDialogRect
SetWindowContextHelpId
GetSysColorBrush
UnregisterClassW
InvalidateRgn
CharNextW
GetNextDlgGroupItem
MessageBeep
RegisterClipboardFormatW
EndDeferWindowPos
GetTopWindow
DestroyWindow
GetMessageTime
MapWindowPoints
ScrollWindow
GetKeyState
SetScrollRange
GetScrollRange
ShowScrollBar
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
UnregisterClassA
GetScrollInfo
SetScrollInfo
SystemParametersInfoA
GetWindowPlacement
IsWindowEnabled
MoveWindow
GetDlgCtrlID
SetWindowTextW
IsDialogMessageW
SendDlgItemMessageW
GetDlgItem
GetMenuStringW
GetWindowTextLengthW
GetWindowTextW
GetScrollPos
SetScrollPos
SetFocus
SetMenuItemInfoW
PeekMessageW
GetMessageW
DispatchMessageW
PostThreadMessageW
ReleaseCapture
SetCapture
TrackPopupMenu
SetMenuDefaultItem
EnableMenuItem
CheckMenuItem
FrameRect
UpdateWindow
ScreenToClient
SetRectEmpty
DestroyCursor
CopyIcon
CreateIconIndirect
LoadImageW
MessageBoxExW
SetWindowsHookExW
CopyAcceleratorTableW
MapVirtualKeyW
GetKeyNameTextW
CallNextHookEx
GetClassNameW
SetPropW
GetMessagePos
RemovePropW
SetLayeredWindowAttributes
LoadAcceleratorsW
CopyImage
GetWindowDC
CreateWindowExW
DefWindowProcW
ValidateRect
BeginPaint
EndPaint
SetMenu
ClientToScreen
LoadMenuW
IsMenu
ModifyMenuW
GetSubMenu
GetMenuItemInfoW
GetMenuState
GetMenuItemID
GetMenuItemCount
GetMenuDefaultItem
DeleteMenu
DrawEdge
WindowFromDC
LoadBitmapW
CallWindowProcW
UnhookWindowsHookEx
IntersectRect
OffsetRect
SetRect
IsRectEmpty
GetMenuInfo
SystemParametersInfoW
DrawStateW
InsertMenuItemW
GetSysColor
DrawFocusRect
wvsprintfW
GetForegroundWindow
CreatePopupMenu
GetWindow
GetPropW
MessageBoxW
ShowWindow
SetForegroundWindow
GetSystemMetrics
SetTimer
RedrawWindow
IsWindowVisible
BringWindowToTop
IsIconic
AppendMenuW
DrawIcon
FindWindowW
LoadCursorW
SetCursor
TranslateMessage
EqualRect
PostMessageW
TranslateAcceleratorW
CharUpperW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
GetActiveWindow
CreateDialogIndirectParamW
IsWindow
SetWindowLongW
GetCursorPos
LoadIconW
IsChild
GetDesktopWindow
KillTimer
GetMenu
DestroyMenu
GetSystemMenu
SetWindowPos
GetDC
ReleaseDC
GetWindowLongW
GetFocus
GrayStringW
DrawTextExW
TabbedTextOutW
DrawTextW
FillRect
InflateRect
CopyRect
GetParent
GetWindowRect
PostQuitMessage
CloseWindow
InvalidateRect
SetWindowRgn
PtInRect
GetClientRect
EnableWindow
SendMessageW
GetNextDlgTabItem
EndDialog
RegisterWindowMessageW
SendDlgItemMessageA
WinHelpW
GetCapture
GetClassLongW
GetLastActivePopup
SetActiveWindow
GetIconInfo
BeginDeferWindowPos
DestroyIcon
DeferWindowPos

gdi32

SaveDC
RestoreDC
SetMapMode
GetClipBox
IntersectClipRect
MoveToEx
GetViewportExtEx
GetWindowExtEx
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
FrameRgn
ScaleWindowExtEx
ExtSelectClipRgn
GetMapMode
DPtoLP
CreateEllipticRgn
LPtoDP
Ellipse
GetBkColor
GetRgnBox
GetTextExtentPointW
GetCurrentPositionEx
GetTextColor
SetPixel
GetPixel
CreateRoundRectRgn
SetTextJustification
SetBkMode
SetTextColor
LineTo
StretchBlt
CreateDCW
ExtCreateRegion
SelectClipRgn
SetWindowOrgEx
GetCurrentObject
GetTextAlign
GetTextMetricsW
GetLayout
RectVisible
PtVisible
CreateRectRgnIndirect
CreateCompatibleBitmap
CreateDIBSection
CreateCompatibleDC
SelectObject
DeleteDC
DeleteObject
BitBlt
CreateFontW
SetWindowExtEx
GetStockObject
RoundRect
Rectangle
GetNearestColor
SetBrushOrgEx
GetDeviceCaps
CombineRgn
CreateRectRgn
CreateFontIndirectW
CreatePatternBrush
CreatePen
UnrealizeObject
SetBkColor
CreateBitmap
CreateDIBitmap
CreatePalette
GetObjectW
SelectPalette
RealizePalette
GetDIBits
GetTextExtentPoint32W
CreateSolidBrush
Escape
ExtTextOutW
TextOutW
SetTextAlign

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueExW
RegOpenKeyExW
RegQueryValueExA
RegQueryValueW
RegSetValueExW
RegCreateKeyExW
RegCloseKey
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyW

shell32

DragQueryFileW
DragFinish
Shell_NotifyIconW
ShellExecuteW

comctl32

ImageList_GetIconSize
ord17
ImageList_GetIcon
_TrackMouseEvent
ImageList_GetImageCount

oledlg

OleUIBusyW

ole32

CoRegisterMessageFilter
OleFlushClipboard
CoUninitialize
CoCreateGuid
CoInitialize
CreateStreamOnHGlobal
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
CoDisconnectObject
CoGetClassObject
StgOpenStorageOnILockBytes
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard

oleaut32

SysFreeString
OleCreateFontIndirect
LoadTypeLi
SafeArrayDestroy
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
VariantCopy
VariantChangeType
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
OleLoadPicture
SysAllocString
VariantClear
VariantInit
SysAllocStringLen

ws2_32

htons
htonl
setsockopt
socket
send
closesocket
recv
connect
WSAAsyncSelect
inet_addr
sendto
WSASetLastError
bind
select
accept
gethostbyname
ioctlsocket
WSAGetLastError
recvfrom

winmm

PlaySoundW

rpcrt4

UuidToStringW
UuidCreate
RpcStringFreeW

Sections

.text
Size: 736KB - Virtual size: 734KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 200KB - Virtual size: 199KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

27e03e924f77c39a8bebfdc5862a167f

Headers

File Characteristics

Imports

wininet

shlwapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

oleaut32

ws2_32

winmm

rpcrt4

Sections

.text Size: 736KB - Virtual size: 734KB

.rdata Size: 200KB - Virtual size: 199KB

.data Size: 24KB - Virtual size: 40KB

.rsrc Size: 64KB - Virtual size: 60KB

.text
Size: 736KB - Virtual size: 734KB

.rdata
Size: 200KB - Virtual size: 199KB

.data
Size: 24KB - Virtual size: 40KB

.rsrc
Size: 64KB - Virtual size: 60KB