71f549c33244d47226760fc4e81ecbf0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

71f549c33244d47226760fc4e81ecbf0N.exe
Size

4.2MB
MD5

71f549c33244d47226760fc4e81ecbf0
SHA1

51eb2319c82d15e8dc970d99b4dd450ec33e848f
SHA256

5463b9f77a50d1fbc48230d14ff27b8b97c5669a3b8e2c307f2e4d753879f249
SHA512

99e6adaad65c7a1cd194aad25d68dd333cb50adfaa1f9cef6f7293431673efd56efa57d3f3590faa7bb777056b4983a9a03905ad397df99bcdb7bdf699fca27f
SSDEEP

98304:KdQnrNic2KOlGl90ZssSNjjDXSWGoUgbqJqC6UGAsH:KdQngcJ9at+LXHGo5RFA0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71f549c33244d47226760fc4e81ecbf0N.exe

Files

71f549c33244d47226760fc4e81ecbf0N.exe
.exe windows:4 windows x86 arch:x86

381bc84caa4a92ec01d32ea15bbd98a5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesA
VirtualProtect
GlobalUnlock
GetExitCodeProcess
lstrcmpA
GlobalReAlloc
FreeLibrary
GetProcAddress
LoadLibraryA
GetTempFileNameA
ExitProcess
TerminateProcess
GetCurrentProcess
ReleaseMutex
CreateMutexA
OpenMutexA
MultiByteToWideChar
CreateProcessA
IsDBCSLeadByte
GetVersionExA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
MoveFileExA
WritePrivateProfileSectionA
GetPrivateProfileSectionA
GetShortPathNameA
GetLastError
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
GetConsoleMode
GetConsoleCP
SetStdHandle
SetEnvironmentVariableA
CompareStringW
CompareStringA
InitializeCriticalSection
SetFileAttributesA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetTimeZoneInformation
WideCharToMultiByte
HeapSize
GetStdHandle
HeapCreate
HeapDestroy
VirtualAlloc
VirtualFree
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
InterlockedDecrement
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
HeapReAlloc
GetStartupInfoA
GetProcessHeap
HeapFree
GetCommandLineA
HeapAlloc
WriteConsoleW
RtlUnwind
RaiseException
InterlockedExchange
SetLastError
DosDateTimeToFileTime
LocalFileTimeToFileTime
ReadFile
SetFileTime
GetCurrentDirectoryA
CreateDirectoryA
GlobalAlloc
LocalSize
GlobalLock
GlobalSize
SetCurrentDirectoryA
RemoveDirectoryA
DeleteFileA
Sleep
LocalAlloc
LocalFree
WriteFile
lstrcatA
GetWindowsDirectoryA
GetSystemDirectoryA
GetTempPathA
lstrcmpiA
GetModuleFileNameA
GetDriveTypeA
CreateFileA
SetFilePointer
GetFileSize
CloseHandle
lstrcpynA
GetModuleHandleA
GlobalFree
lstrcpyA
GetTickCount
GetLocaleInfoA
lstrlenA

user32

IsWindowVisible
IsIconic
IsWindow
ExitWindowsEx
GetSystemMetrics
ScreenToClient
LoadStringA
MessageBoxA
SetCursor
GetSysColor
DestroyWindow
SystemParametersInfoA
SetPropA
MapDialogRect
DialogBoxParamA
SetFocus
GetWindowLongA
SetTimer
GetCursorPos
GetScrollInfo
KillTimer
SetRect
SetRectEmpty
GetSysColorBrush
EnableWindow
SendDlgItemMessageA
DrawTextExA
CheckDlgButton
GetParent
PostMessageA
IsDlgButtonChecked
FillRect
GetWindowTextA
DrawTextA
CallWindowProcA
CreateDialogParamA
SetWindowPos
PeekMessageA
TranslateMessage
DispatchMessageA
IsDialogMessageA
LoadIconA
LoadImageA
RegisterClassExA
CreateWindowExA
GetSystemMenu
EnableMenuItem
PostQuitMessage
GetDC
ReleaseDC
BeginPaint
EndPaint
SendMessageA
IsZoomed
DefWindowProcA
MessageBeep
SetWindowLongA
UpdateWindow
InvalidateRect
EndDialog
GetDlgItem
GetWindowRect
MoveWindow
ShowWindow
wsprintfA
SetDlgItemTextA
SetClassLongA
SetWindowTextA
GetClientRect
PtInRect
LoadCursorA
LoadBitmapA

gdi32

CreateCompatibleDC
GetObjectA
DeleteDC
CreateCompatibleBitmap
CreatePen
SelectObject
CreateSolidBrush
Rectangle
DeleteObject
SetBkMode
CreateFontIndirectA
TextOutA
BitBlt
SetBkColor
GetStockObject
SetTextAlign
CreateRectRgn
CreateBrushIndirect
CreateFontA
GetTextFaceA
CreateDIBitmap
StretchBlt
SetStretchBltMode
SetTextColor
SelectClipRgn
GetDeviceCaps

shell32

ShellExecuteA
SHChangeNotify
SHBrowseForFolderA
SHGetSpecialFolderLocation
SHGetPathFromIDListA

ole32

CoInitialize
CoTaskMemFree
CoCreateInstance

comctl32

CreatePropertySheetPageA
PropertySheetA
ord8
ord17

Sections

.text
Size: 136KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 116KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

381bc84caa4a92ec01d32ea15bbd98a5

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

comctl32

Sections

.text Size: 136KB - Virtual size: 134KB

.rdata Size: 24KB - Virtual size: 21KB

.data Size: 8KB - Virtual size: 123KB

.rsrc Size: 116KB - Virtual size: 112KB

.text
Size: 136KB - Virtual size: 134KB

.rdata
Size: 24KB - Virtual size: 21KB

.data
Size: 8KB - Virtual size: 123KB

.rsrc
Size: 116KB - Virtual size: 112KB