4dd72211b0dbe1580df864d6ba60e5f0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

4dd72211b0dbe1580df864d6ba60e5f0N.exe
Size

6.7MB
MD5

4dd72211b0dbe1580df864d6ba60e5f0
SHA1

161a59771b98c307d63431d746abe3f3c966bbf1
SHA256

44a2c3703934f280fc32f938c3500f895aa48ac7a7b2b0380c1a759a02329fd0
SHA512

c0085cec80e1983b58a99103b12741015172c0cd233779b2fb5bf41bb33c772590e8bbffb3938bba2945fb5aee3e1df58568b1c6111912a93e06f5f7cce11e7f
SSDEEP

196608:xqopyOja365CWfKfTYcr/Fqq+K4qpm9u+fUSMHse:/Xfro/0q9vm9u+8S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4dd72211b0dbe1580df864d6ba60e5f0N.exe

Files

4dd72211b0dbe1580df864d6ba60e5f0N.exe
.exe windows:4 windows x86 arch:x86

5d489adb643fdf71639013f7fd503d08

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\MDM\Zinc3\WrapperPC\Release\WrapperPC.pdb

Imports

ddraw

DirectDrawCreate

comctl32

ord17

winmm

timeGetTime
timeBeginPeriod
timeGetDevCaps
timeKillEvent
timeEndPeriod
timeSetEvent

kernel32

LoadResource
FindResourceW
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
RaiseException
InitializeCriticalSection
DeleteCriticalSection
LoadLibraryA
GetModuleHandleA
GetCurrentProcess
VirtualProtect
lstrcmpiA
lstrlenA
VirtualQuery
GetTickCount
FlushInstructionCache
VirtualAlloc
CreateFileMappingA
CreateFileA
VirtualFree
GetCurrentDirectoryA
lstrcmpA
GetUserDefaultLCID
GetSystemDefaultLCID
lstrcpyA
lstrcpyW
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
EnterCriticalSection
LeaveCriticalSection
SetCurrentDirectoryA
GetModuleFileNameA
GetVersion
GetFileType
GetStdHandle
QueryPerformanceCounter
GlobalMemoryStatus
FlushConsoleInputBuffer
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetOEMCP
IsBadCodePtr
IsBadReadPtr
LockResource
IsValidLocale
EnumSystemLocalesA
SetStdHandle
FlushFileBuffers
SetFilePointer
GetStartupInfoA
SetHandleCount
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
WriteFile
IsBadWritePtr
HeapCreate
HeapDestroy
GetDriveTypeA
GetSystemInfo
HeapSize
SetUnhandledExceptionFilter
TlsGetValue
TlsSetValue
TlsFree
SetLastError
TlsAlloc
GetTimeZoneInformation
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetCPInfo
SetConsoleCtrlHandler
HeapReAlloc
FindNextFileA
FindFirstFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
HeapFree
GetStartupInfoW
HeapAlloc
GetFullPathNameW
SetCurrentDirectoryW
GetCurrentDirectoryW
TerminateProcess
ExitProcess
RtlUnwind
GetSystemTimeAsFileTime
InterlockedIncrement
InterlockedDecrement
SizeofResource
LoadLibraryW
GetProcAddress
GetSystemTime
GetModuleFileNameW
FindFirstFileW
DeleteFileW
FindNextFileW
FindClose
GetTempPathW
GetCurrentProcessId
GetCurrentThreadId
CreateDirectoryW
FreeLibrary
MulDiv
GetEnvironmentVariableW
GetCommandLineW
SetEnvironmentVariableW
OutputDebugStringA
LocalAlloc
LocalFree
ReadFile
CreateEventW
CreateThread
OutputDebugStringW
GetModuleHandleW
GlobalReAlloc
GetLastError
SetEvent
WaitForSingleObject
GetExitCodeThread
TerminateThread
CreateFileW
GetFileSize
MapViewOfFile
UnmapViewOfFile
CloseHandle
Sleep
GlobalAlloc
GlobalLock
GlobalUnlock
GetLocaleInfoW
SetEndOfFile
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
IsValidCodePage

user32

DrawTextA
GetUpdateRect
InvalidateRgn
GetWindowLongA
FillRect
CreateAcceleratorTableA
GetParent
LookupIconIdFromDirectory
CreateIconFromResource
RegisterClassExA
wsprintfA
DefWindowProcA
GetWindowLongW
SetWindowLongW
ReleaseDC
GetWindow
RegisterWindowMessageA
GetUserObjectInformationW
SetTimer
KillTimer
DialogBoxParamW
GetDlgItem
EndDialog
GetDesktopWindow
ClientToScreen
SetForegroundWindow
TrackPopupMenu
PostMessageW
LoadImageW
PeekMessageW
LoadIconW
IsChild
GetFocus
DestroyAcceleratorTable
CallWindowProcA
SetWindowLongA
UnhookWindowsHookEx
CallNextHookEx
SetWindowsHookExA
SetDlgItemTextW
LoadMenuIndirectA
SetWindowsHookExW
GetDC
MessageBoxW
GetProcessWindowStation
MessageBoxA
SendMessageA
LoadCursorW
RegisterClassExW
CopyRect
GetMenu
BeginPaint
EndPaint
CheckMenuItem
EnableMenuItem
DefWindowProcW
AppendMenuW
CreatePopupMenu
InsertMenuW
IsWindowEnabled
GetMessageW
TranslateMessage
DispatchMessageW
EnumDisplayMonitors
DeleteMenu
DestroyMenu
DrawMenuBar
GetCursorPos
CallWindowProcW
SystemParametersInfoW
GetWindowTextW
GetMenuStringW
SetWindowTextW
GetSubMenu
InvalidateRect
AdjustWindowRectEx
GetClientRect
UpdateWindow
CreateMenu
SetMenu
EnableWindow
RedrawWindow
IsWindowVisible
ReleaseCapture
SetCapture
CreateWindowExW
DestroyWindow
MoveWindow
SetFocus
SetWindowRgn
SetRect
SetLayeredWindowAttributes
SendMessageW
GetWindowRect
GetSystemMetrics
ShowWindow
SetWindowPos
UnregisterClassA

gdi32

SetViewportOrgEx
StartDocW
GetTextMetricsW
SetMapMode
GetStockObject
TextOutW
CreateDIBitmap
StretchBlt
CreateDCA
GetRgnBox
SelectClipRgn
CreateRectRgnIndirect
EndPage
EndDoc
CreateSolidBrush
Rectangle
CreateDIBSection
ExtCreateRegion
CombineRgn
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
GetObjectW
DeleteDC
DeleteObject
GetDeviceCaps
BitBlt

comdlg32

PageSetupDlgW
PrintDlgW

advapi32

RegCreateKeyExW
RegFlushKey
RegSetValueExW
RegisterEventSourceA
ReportEventA
DeregisterEventSource
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegDeleteKeyW
RegQueryValueExW
RegOpenKeyExW

shell32

SHGetPathFromIDListW
SHGetMalloc
SHFileOperationW
Shell_NotifyIconW
CommandLineToArgvW
DragQueryFileW
DragFinish
DragAcceptFiles
SHGetSpecialFolderLocation

ole32

CoCreateInstance
CoUninitialize
CoInitialize
CoCreateGuid
OleLockRunning
CreateStreamOnHGlobal

oleaut32

SysAllocString
SysFreeString
SysStringLen

Sections

.text
Size: 784KB - Virtual size: 784KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 200KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5.7MB - Virtual size: 5.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5d489adb643fdf71639013f7fd503d08

Headers

File Characteristics

PDB Paths

Imports

ddraw

comctl32

winmm

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 784KB - Virtual size: 784KB

.rdata Size: 200KB - Virtual size: 200KB

.data Size: 80KB - Virtual size: 104KB

.rsrc Size: 5.7MB - Virtual size: 5.7MB

.text
Size: 784KB - Virtual size: 784KB

.rdata
Size: 200KB - Virtual size: 200KB

.data
Size: 80KB - Virtual size: 104KB

.rsrc
Size: 5.7MB - Virtual size: 5.7MB