89c38244e68c4196fda08cfaade1a3a0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

89c38244e68c4196fda08cfaade1a3a0N.exe
Size

288KB
MD5

89c38244e68c4196fda08cfaade1a3a0
SHA1

5db9cc38f5c1f3e43ebcce4facdfcc58a9da09bc
SHA256

d4359af42f1b96d54b4ca45275e05323932b65b154d2489d46b008c71d78867e
SHA512

3b175912a1b2fad1313a2b18ef0a11387f1857be3982f145447bdfaecd88e5b9aa9830bfc8a240ba2fa3396d1dba1d6bff2f53ad0a595651f7d5b7387197d5ab
SSDEEP

3072:umODCPbdQXO1CqKcH4kvXWGXaIKoYLKAsV2juCfqJfI9pVHEglXHpHdYhvOxcoj6:BPbdncq6k/5XaIVY2qCAHBHFdY4DdPb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
89c38244e68c4196fda08cfaade1a3a0N.exe

Files

89c38244e68c4196fda08cfaade1a3a0N.exe
.exe windows:4 windows x86 arch:x86

013fb9f763ece3a9636b1162c9e99fb1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEvent
ResetEvent
lstrcatA
CreateFileA
WriteFile
GetFileSize
ReadFile
lstrcmpA
lstrlenA
OutputDebugStringA
GetPrivateProfileStringA
WritePrivateProfileStringA
WaitForSingleObject
Sleep
FlushFileBuffers
SetStdHandle
LCMapStringW
LCMapStringA
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
SetFilePointer
CreateEventA
GetStringTypeA
MultiByteToWideChar
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
InterlockedIncrement
InterlockedDecrement
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
SetLastError
TlsAlloc
GetProcAddress
HeapSize
HeapReAlloc
GetCurrentProcess
TerminateProcess
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleFileNameA
lstrcpyA
EnterCriticalSection
LeaveCriticalSection
HeapFree
GetProcessHeap
HeapAlloc
GetModuleHandleA
DeleteCriticalSection
InitializeCriticalSection
CreateMutexA
GetLastError
GetStringTypeW
ExitThread
TlsGetValue
TlsSetValue
GetCurrentThreadId
CreateThread
RtlUnwind
CloseHandle

user32

SetForegroundWindow
GetLastActivePopup
FlashWindowEx
GetCursorPos
ScreenToClient
ShowWindow
IsIconic
GetPropA
EnumWindows
SetWindowPos
SetWindowRgn
InvalidateRect
InvalidateRgn
RegisterClassExA
LoadCursorA
LoadIconA
CreateWindowExA
SendMessageA
RemovePropA
SetWindowLongA
GetWindowLongA
SetPropA
DefWindowProcA
CallWindowProcA
DestroyWindow
EndDialog
ReleaseDC
GetDC
GetClientRect
MapWindowPoints
MoveWindow
GetKeyState
CheckDlgButton
GetWindowTextLengthA
MessageBeep
GetSysColor
LoadStringA
MessageBoxA
wsprintfA
SetWindowTextA
GetWindow
GetWindowTextA
IsDlgButtonChecked
SetTimer
DialogBoxParamA
KillTimer
GetDlgItem
EnableWindow
GetParent
CreateDialogParamA
DestroyCursor
SetRect
ReleaseCapture
SetFocus
PostMessageA
SetCapture
SetCursor
LoadImageA
CopyIcon
BeginPaint
EndPaint
GetDesktopWindow

gdi32

SetBkColor
BitBlt
CreateCompatibleDC
CreateDIBSection
ExtCreateRegion
SelectObject
SetTextColor
DeleteObject
GetStockObject
CreateRectRgn
CombineRgn
DeleteDC

comdlg32

GetOpenFileNameA

sonynetworkcamera2

ippMalloc
ippiYCCKToCMYK_JPEG_8u_P4C4R
ippiYCbCrToBGR_JPEG_8u_P3C3R
ippiYCbCrToRGB_JPEG_8u_P3C3R
ippiCopy_8u_C1R
ippiCopy_8u_P3C3R
ippiCopy_8u_P4C4R
ippiSampleUpH2V2_JPEG_8u_C1R
ippiSampleUpH2V1_JPEG_8u_C1R
ippsCopy_8u
ippiDCTQuantInv8x8LS_JPEG_16s8u_C1R
ippiDecodeHuffman8x8_JPEG_1u16s_C1
ippiDecodeHuffman8x8_DCRefine_JPEG_1u16s_C1
ippiDecodeHuffman8x8_DCFirst_JPEG_1u16s_C1
ippiDecodeHuffman8x8_ACRefine_JPEG_1u16s_C1
ippiDecodeHuffman8x8_ACFirst_JPEG_1u16s_C1
ippAlignPtr
ippiQuantInvTableInit_JPEG_8u16u
ippiEncodeHuffmanSpecInitAlloc_JPEG_8u
ippiEncodeHuffmanSpecFree_JPEG_8u
ippiEncodeHuffmanStateFree_JPEG_8u
ippsZero_8u
ippiEncodeHuffman8x8_JPEG_16s1u_C1
ippiEncodeHuffman8x8_ACRefine_JPEG_16s1u_C1
ippiEncodeHuffman8x8_ACFirst_JPEG_16s1u_C1
ippiEncodeHuffman8x8_DCRefine_JPEG_16s1u_C1
ippiEncodeHuffman8x8_DCFirst_JPEG_16s1u_C1
ippiEncodeHuffmanStateInitAlloc_JPEG_8u
ippiCMYKToYCCK_JPEG_8u_C4P4R
ippiBGRToYCbCr_JPEG_8u_C3P3R
ippiRGBToYCbCr_JPEG_8u_C3P3R
ippiRGBToY_JPEG_8u_C3C1R
ippiCopy_8u_C3P3R
ippiCopy_8u_C4P4R
ippiSampleDownH2V2_JPEG_8u_C1R
ippiSampleDownH2V1_JPEG_8u_C1R
ippiDCTQuantFwd8x8LS_JPEG_8u16s_C1R
ippiQuantFwdTableInit_JPEG_8u16u
ippiQuantFwdRawTableInit_JPEG_8u
ippFree
ippiDecodeHuffmanSpecFree_JPEG_8u
ippiDecodeHuffmanSpecInitAlloc_JPEG_8u
ippiDecodeHuffmanStateFree_JPEG_8u
ippiDecodeHuffmanStateInit_JPEG_8u
ippiDecodeHuffmanStateInitAlloc_JPEG_8u
ippiEncodeHuffmanStateInit_JPEG_8u

ws2_32

WSACreateEvent
WSAEventSelect
inet_addr
gethostbyname
htons
WSACloseEvent
setsockopt
socket
htonl
bind
sendto
recvfrom
connect
WSAGetLastError
send
WSAWaitForMultipleEvents
WSAEnumNetworkEvents
WSAStartup
WSACleanup
shutdown
recv
closesocket

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

winmm

timeEndPeriod
timeBeginPeriod
timeGetDevCaps
timeGetTime

comctl32

ord17

Sections

.text
Size: 200KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

013fb9f763ece3a9636b1162c9e99fb1

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

sonynetworkcamera2

ws2_32

version

winmm

comctl32

Sections

.text Size: 200KB - Virtual size: 196KB

.rdata Size: 24KB - Virtual size: 21KB

.data Size: 16KB - Virtual size: 21KB

.rsrc Size: 44KB - Virtual size: 64KB

.text
Size: 200KB - Virtual size: 196KB

.rdata
Size: 24KB - Virtual size: 21KB

.data
Size: 16KB - Virtual size: 21KB

.rsrc
Size: 44KB - Virtual size: 64KB