cbb97313fca24fd08df26b8382924b50N[.]exe

General

Target

cbb97313fca24fd08df26b8382924b50N.exe
Size

88KB
MD5

cbb97313fca24fd08df26b8382924b50
SHA1

e01ac5cdbea7899d367352379964fa3c77075aff
SHA256

7123599b9214757ca889d78677f06b349c2d1c666313beb226878a6a3a213c4e
SHA512

27bfc236024c2936589cc706f760e90ca175461c1d157d0d49515bb3e2142bc3769c40b96cde7015aaae74e5a9a9cfd728cf851fb4625c0508853d16b5647263
SSDEEP

1536:IDvdWT3gJjM6l8BEMJE+bXwdO9+kZj9q3eJghun3s2a76kyPp289DqSPsYoJOWJ6:0kT+YosnXw09+kRE5hu3s2aByR9TsYow

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cbb97313fca24fd08df26b8382924b50N.exe

Files

cbb97313fca24fd08df26b8382924b50N.exe
.exe windows:4 windows x86 arch:x86

11937efa457cdc7049c3ede89a429b7a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetCurrentProcessId
GetCurrentThreadId
lstrcmpiA
LoadLibraryA
GetProcAddress
GetVersion
CloseHandle
GetFileSize
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
HeapReAlloc
VirtualAlloc
GetOEMCP
GetACP
GetCPInfo
WriteFile
RtlUnwind
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetSystemTimeAsFileTime
DeviceIoControl
GetTickCount
FindResourceA
QueryPerformanceCounter
LoadResource
TlsAlloc
HeapAlloc
GetModuleFileNameA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
ExitProcess
GetCommandLineA
GetStartupInfoA
GetStringTypeW

user32

DispatchMessageA
EndPaint
BeginPaint
wsprintfA
GetSystemMetrics
LoadIconA
GetClientRect
LoadCursorA
LoadAcceleratorsA
GetMessageA
FindWindowA
TranslateMessage
TranslateAcceleratorA
RegisterClassExA
PostQuitMessage
MessageBoxA
CreateWindowExA
ShowWindow
UpdateWindow
LoadStringA
DestroyWindow
DefWindowProcA

gdi32

Rectangle
TextOutA
CreateBitmap

advapi32

RegSetValueExW
RegOpenKeyExA
RegCloseKey

ole32

CoInitialize
CoTaskMemAlloc

shlwapi

PathFileExistsA

Sections

.text
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

11937efa457cdc7049c3ede89a429b7a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

shlwapi

Sections

.text Size: 64KB - Virtual size: 62KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 6KB

.rsrc Size: 12KB - Virtual size: 10KB

.text
Size: 64KB - Virtual size: 62KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 6KB

.rsrc
Size: 12KB - Virtual size: 10KB