c6c85be2b3c6e33bde415f566a4e9a30N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

c6c85be2b3c6e33bde415f566a4e9a30N.exe
Size

112KB
MD5

c6c85be2b3c6e33bde415f566a4e9a30
SHA1

0485e3d3ea16d041435bdb37f9af85705e262ceb
SHA256

4845d55438b2edd3501b577796424b45ecf3c18a015cc407a422c4cb2655d3e4
SHA512

7e6e419907fe0aea102a5188c5db8db20d420f9bb8acff39f1c05b36e72494553e5e94428af84f48ffa3f1b50669e511f98ec531ccca826a0a9aec53dc6afbb9
SSDEEP

1536:83iZyrQjfwIDuQnQJKd3ge72wLOPviJszJPaquANBxuRHJ416:83CyrQTDuQqewe72w6niJs4yBxO86

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c6c85be2b3c6e33bde415f566a4e9a30N.exe

Files

c6c85be2b3c6e33bde415f566a4e9a30N.exe
.exe windows:4 windows x86 arch:x86

b103e0a9d20db71a52dc28385275b6ee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__p__commode
_ftol
malloc
free
_XcptFilter
_ftime
_exit
wcsncmp
_snprintf
wcsrchr
_initterm
_except_handler3
strstr
strncpy
strncmp
atol
_controlfp
__getmainargs
__set_app_type
__p__fmode
wcsncpy
_adjust_fdiv
__setusermatherr
wcslen
exit
_acmdln

kernel32

CopyFileA
GetSystemDirectoryA
GetModuleFileNameA
GetFileAttributesA
ReadFile
CompareFileTime
GetFileTime
GetPrivateProfileStringA
GetEnvironmentVariableA
Sleep
TerminateThread
GetVersion
Process32Next
CreateToolhelp32Snapshot
GetExitCodeProcess
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetModuleHandleA
GetStartupInfoA
CreateProcessA
CreateThread
GetSystemDefaultLangID
Process32First
WritePrivateProfileStringA
CloseHandle
GetLocalTime
WriteFile
GetVersionExA
GetCurrentProcess
CreateFileA
GetLastError
CreateEventW
GlobalAlloc
GlobalLock
MultiByteToWideChar
GlobalUnlock
GlobalFree
GlobalHandle
DeviceIoControl
WideCharToMultiByte
CreateEventA
SetLastError
CreateFileW
SetEvent
WaitForSingleObject
ReleaseMutex
GetOverlappedResult
ResetEvent
GetProcAddress

user32

EndPaint
GetDlgItemTextA
GetDC
SetTimer
wsprintfA
ShowWindow
EnableMenuItem
SendMessageA
KillTimer
PostQuitMessage
GetMenu
DialogBoxParamA
MessageBeep
PostMessageA
DefWindowProcA
FindWindowA
LoadCursorA
RegisterClassA
UpdateWindow
GetMessageA
TranslateMessage
CheckMenuItem
SetDlgItemTextA
AppendMenuA
GetClientRect
SendDlgItemMessageA
ReleaseDC
SetWindowTextA
EndDialog
MessageBoxA
DeleteMenu
ModifyMenuA
CreateWindowExA
LoadBitmapA
LoadIconA
ExitWindowsEx
DispatchMessageA
BeginPaint
wsprintfW
MessageBoxW

gdi32

GetTextExtentPointA
CreateFontA
GetStockObject
CreateCompatibleDC
DeleteObject
BitBlt
DeleteDC
SelectObject

advapi32

RegQueryValueA
CloseServiceHandle
CreateServiceW
StartServiceW
QueryServiceStatus
OpenServiceW
RegOpenKeyExW
OpenSCManagerW
RegQueryValueExW
RegEnumKeyW
AdjustTokenPrivileges
RegCloseKey
RegOpenKeyExA
OpenProcessToken
LookupPrivilegeValueA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyA
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA

shell32

Shell_NotifyIconA

comctl32

ord17
ord6

wsock32

inet_addr
closesocket
bind
htons
WSAAsyncSelect
WSACleanup
WSAStartup
gethostname
sendto
gethostbyname
ioctlsocket
recvfrom
socket

netapi32

Netbios

iphlpapi

GetAdaptersInfo
GetNetworkParams
GetInterfaceInfo
IpReleaseAddress
IpRenewAddress
DeleteIpForwardEntry
GetIpForwardTable

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.WYCao
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b103e0a9d20db71a52dc28385275b6ee

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

gdi32

advapi32

shell32

comctl32

wsock32

netapi32

iphlpapi

Sections

.text Size: 56KB - Virtual size: 55KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 12KB - Virtual size: 37KB

.WYCao Size: 32KB - Virtual size: 28KB

.text
Size: 56KB - Virtual size: 55KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 12KB - Virtual size: 37KB

.WYCao
Size: 32KB - Virtual size: 28KB