c68c8ac5d0605812776fd099a71952e0N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

c68c8ac5d0605812776fd099a71952e0N.exe
Size

1.8MB
MD5

c68c8ac5d0605812776fd099a71952e0
SHA1

5b5ff51b7a2feb0435ce6b4fc2e4d6b68316e1d9
SHA256

59640459f7409debed097d547bd98287610b2a7c22fc6690209911f574ea254d
SHA512

3a657290c135c0e151f83945b6750afbeab8001a51119a467b12f575927887d9ffef2e4f8d13da0639eb603715d1657337eeffd629fa14755c3ed29894c43c90
SSDEEP

24576:Ry7Mpq8HS5qRA6X6BiVkNdf3Qpc1Gv4UuO8sbNJoeIlsG9M93KwcBjY+F7fkv:Ry7CS5To+KEdfQpcW48866lbhwkjv7u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c68c8ac5d0605812776fd099a71952e0N.exe

Files

c68c8ac5d0605812776fd099a71952e0N.exe
.dll windows:5 windows x86 arch:x86

1a8bc4859ad18d164903b7f1f2186f4b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

netapi32

NetSessionDel

ole32

HDC_UserMarshal
BindMoniker
CoGetStandardMarshal
CoCreateFreeThreadedMarshaler
StgIsStorageFile

lz32

LZClose
LZCopy

shell32

ExtractAssociatedIconW
SHGetPathFromIDListW

crypt32

CryptSIPVerifyIndirectData

mprapi

MprConfigInterfaceEnum
MprAdminMIBEntryCreate

msvcrt

wcstod
wprintf
rename

urlmon

CompareSecurityIds
URLDownloadToCacheFileA

version

GetFileVersionInfoSizeW

winscard

SCardStatusW

winspool.drv

AddPrinterConnectionW
ClosePrinter

msacm32

acmFormatDetailsW

iphlpapi

CreateIpForwardEntry
IcmpSendEcho

opengl32

glTexCoord2f
glEnable

rpcrt4

NdrClientInitializeNew

kernel32

GetVersionExA
GetProfileSectionW
Module32FirstW
lstrcpyA
GetLogicalDrives
ReadConsoleW
OutputDebugStringA
CloseHandle
GetModuleFileNameA
EnumResourceLanguagesW
CreateDirectoryW
DeleteVolumeMountPointW
Beep
IsProcessorFeaturePresent
GetEnvironmentStrings
ReadFileEx
SetEvent
QueryPerformanceCounter
HeapAlloc

powrprof

IsPwrHibernateAllowed

setupapi

SetupDiGetClassDescriptionW
CM_Get_DevNode_Registry_PropertyA
CM_Get_Child
SetupDiInstallDevice
SetupUninstallOEMInfW

rasapi32

RasSetSubEntryPropertiesW

advapi32

LookupAccountNameW
RegCreateKeyA
SetEntriesInAclA
GetSecurityDescriptorDacl
EnumServicesStatusExW
GetAclInformation
CreateWellKnownSid

user32

GetKeyboardState
EnableMenuItem
SetWindowRgn
SetMenuItemInfoW
OemToCharBuffA
DragDetect
IsCharUpperW
ScrollWindowEx
CharToOemBuffA
DrawTextExW
EndMenu
PostThreadMessageA
SetMenuItemInfoA
SetWindowPlacement

gdi32

DescribePixelFormat
CreateFontIndirectW
GetStretchBltMode
CreateMetaFileW

comctl32

ImageList_Destroy

ws2_32

bind

oleaut32

VarDateFromI4
VarDateFromBool

winmm

waveOutUnprepareHeader
midiInPrepareHeader
waveInGetDevCapsA

mscms

GetColorDirectoryW

shlwapi

PathStripToRootA
StrChrA

Exports

Exports

HtttesvwohatTsb

Sections

.text
Size: 224KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.crt1
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 552KB - Virtual size: 551KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Px3z7
Size: 684KB - Virtual size: 682KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qdata
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bI6k
Size: 160KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 864B

IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1a8bc4859ad18d164903b7f1f2186f4b

Headers

File Characteristics

Imports

netapi32

ole32

lz32

shell32

crypt32

mprapi

msvcrt

urlmon

version

winscard

winspool.drv

msacm32

iphlpapi

opengl32

rpcrt4

kernel32

powrprof

setupapi

rasapi32

advapi32

user32

gdi32

comctl32

ws2_32

oleaut32

winmm

mscms

shlwapi

Exports

Exports

Sections

.text Size: 224KB - Virtual size: 220KB

.crt1 Size: 40KB - Virtual size: 37KB

.rdata Size: 552KB - Virtual size: 551KB

.data Size: 68KB - Virtual size: 67KB

Px3z7 Size: 684KB - Virtual size: 682KB

.qdata Size: 52KB - Virtual size: 49KB

bI6k Size: 160KB - Virtual size: 156KB

.rsrc Size: 4KB - Virtual size: 864B

.reloc Size: 28KB - Virtual size: 26KB

.text
Size: 224KB - Virtual size: 220KB

.crt1
Size: 40KB - Virtual size: 37KB

.rdata
Size: 552KB - Virtual size: 551KB

.data
Size: 68KB - Virtual size: 67KB

Px3z7
Size: 684KB - Virtual size: 682KB

.qdata
Size: 52KB - Virtual size: 49KB

bI6k
Size: 160KB - Virtual size: 156KB

.rsrc
Size: 4KB - Virtual size: 864B

.reloc
Size: 28KB - Virtual size: 26KB