c6cf0e8e3d09d6efb4f7fb1e04f7d570N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

c6cf0e8e3d09d6efb4f7fb1e04f7d570N.exe
Size

166KB
MD5

c6cf0e8e3d09d6efb4f7fb1e04f7d570
SHA1

10c03fabc8975d9f0a0ac9adfc5f224413ba899c
SHA256

13ce91ed37fefe2197ad601b4fc3cba54bb17d4f8c854ada0e75b5bf3835e0dd
SHA512

b48bbd0815f162c225e26e3c7836c7dd12e3c07090f00105d6ae18b172d69b8658710026c8b071a5e6843f7fe103f90feb299a1645a476307e5f0b08df0c3077
SSDEEP

3072:fsPY+jIAgv7AYdLvb0jbVfkwc7JE99EYGLwCihPRK:/3LDdvb/wc7U9LGLSPR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c6cf0e8e3d09d6efb4f7fb1e04f7d570N.exe

Files

c6cf0e8e3d09d6efb4f7fb1e04f7d570N.exe
.exe windows:4 windows x86 arch:x86

6b33e1f439b4f6338840e8e1963f5ffa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

ScaleViewportExtEx
DeleteDC
SetMapMode
SetBkColor
PtVisible
OffsetViewportOrgEx
SaveDC
ScaleWindowExtEx
ExtTextOutW
SetViewportOrgEx
RestoreDC
SetWindowExtEx
SelectObject
RectVisible
SetViewportExtEx
Escape
GetClipBox
GetDeviceCaps
DeleteObject
SetTextColor
CreateBitmap
TextOutW
GetStockObject

shell32

SHGetSpecialFolderPathW

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey

ole32

CoCreateInstance
CoUninitialize
CoInitialize

shlwapi

PathFindFileNameW
PathFileExistsW
PathAppendW
PathFindExtensionW

kernel32

HeapAlloc
VirtualFree
TerminateProcess
IsBadWritePtr
GetTickCount
GetShortPathNameA
FlushFileBuffers
HeapReAlloc
GetStringTypeA
GetCurrentProcessId
HeapFree
VirtualAlloc
SetFilePointer
GetProcessAffinityMask
SetUnhandledExceptionFilter
HeapSize
GetEnvironmentStringsW
IsBadReadPtr
GetSystemInfo
FreeEnvironmentStringsW
HeapDestroy
GetSystemTimeAsFileTime
EnumResourceTypesW
SetStdHandle
VirtualProtect
GetStdHandle
GetStartupInfoA
GetCommandLineA
GetEnvironmentStrings
GetOEMCP
IsBadCodePtr
GetModuleFileNameA
LCMapStringA
GetStringTypeW
QueryPerformanceCounter
GetFileType
SetHandleCount
GetFileAttributesA
GetCurrentProcess
VirtualQuery
LCMapStringW
UnhandledExceptionFilter
WriteFile
GetCPInfo
RtlUnwind
HeapCreate
ExitProcess

user32

ReleaseDC
IsWindowEnabled
GetWindowTextW
EnableMenuItem
GetLastActivePopup
EnableWindow
GetSysColor
LoadCursorW
GetWindowLongW
LoadBitmapW
GetMenuCheckMarkDimensions
GetParent
CheckMenuItem
MessageBoxW
GetDC
GetSystemMetrics
ModifyMenuW
GetSysColorBrush

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

Sections

.text
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6b33e1f439b4f6338840e8e1963f5ffa

Headers

File Characteristics

Imports

gdi32

shell32

advapi32

ole32

shlwapi

kernel32

user32

winspool.drv

Sections

.text Size: 99KB - Virtual size: 99KB

.rdata Size: 3KB - Virtual size: 2KB

.bss Size: 61KB - Virtual size: 61KB

.tls Size: 1024B - Virtual size: 104KB

.text
Size: 99KB - Virtual size: 99KB

.rdata
Size: 3KB - Virtual size: 2KB

.bss
Size: 61KB - Virtual size: 61KB

.tls
Size: 1024B - Virtual size: 104KB