c5b66fea393db9909a93bc8b12cd6d90N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

c5b66fea393db9909a93bc8b12cd6d90N.exe
Size

2.3MB
MD5

c5b66fea393db9909a93bc8b12cd6d90
SHA1

b0e838cb5a1cb19628455675902604c7deec5399
SHA256

0129c90aef572870e1db792f02b4aa08d9006564b87acab526b271287ab87464
SHA512

01a14e4e6ffbef4e1f17718ffafe239b06cccd57809be5fd1f9fdab2080f6aa7911aa5d5793e7ee89af8bb037745f4a89e7e18cadec550e61c092e66b85797c0
SSDEEP

49152:cF9KsSkYCOSf9GyCbcmdhnFTpiku//Azdg0V8+u0:cF0sSkYCOSFGyCbVdhriku//A518N0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c5b66fea393db9909a93bc8b12cd6d90N.exe

Files

c5b66fea393db9909a93bc8b12cd6d90N.exe
.exe windows:4 windows x86 arch:x86

930faff35ccca6110fa890bcfbd8d691

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmGetContext

kernel32

CreateDirectoryW
CreateEventW
CreateFileA
CreateFileW
CreateMutexW
CreateThread
DeleteCriticalSection
DeleteFileW
DuplicateHandle
EnumResourceLanguagesW
EnumSystemLocalesA
ExitProcess
ExitThread
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileW
FindResourceExW
FindResourceW
FlushFileBuffers
FormatMessageW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
FreeResource
GetACP
GetCommandLineW
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetCPInfo
GetCurrentProcessId
GetCurrentThreadId
GetDateFormatA
GetEnvironmentStrings
GetEnvironmentStringsW
GetExitCodeThread
GetFileAttributesW
GetFileSize
GetFileTime
GetFileType
GetFullPathNameW
GetLastError
GetLocaleInfoA
GetLocaleInfoW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetOEMCP
GetPrivateProfileSectionW
GetPrivateProfileStringW
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemInfo
GetSystemTimeAsFileTime
GetThreadLocale
GetTimeFormatA
GetTimeZoneInformation
GetUserDefaultLCID
GetVersionExA
GetVersionExW
GetVolumeInformationW
GlobalAddAtomW
GlobalAlloc
GlobalDeleteAtom
GlobalFindAtomW
GlobalFlags
GlobalFree
ConvertDefaultLocale
GlobalLock
GlobalReAlloc
GlobalUnlock
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsValidCodePage
IsValidLocale
LCMapStringA
LCMapStringW
LoadLibraryW
LoadResource
LocalAlloc
LocalFree
LocalReAlloc
LockFile
LockResource
lstrcmpA
lstrcmpW
lstrlenA
lstrlenW
MulDiv
MultiByteToWideChar
OutputDebugStringW
QueryPerformanceCounter
RaiseException
ReadFile
ReleaseMutex
SetEndOfFile
SetEnvironmentVariableA
SetErrorMode
SetEvent
SetFilePointer
SetHandleCount
SetLastError
SetStdHandle
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
Sleep
SuspendThread
TerminateProcess
TerminateThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnlockFile
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
WriteFile
WritePrivateProfileStringW
WriteProcessMemory
GetEnvironmentVariableA
GetCurrentProcess
GetVersion
RtlUnwind
CompareStringW
CompareStringA
CloseHandle
GetStartupInfoW
GetCommandLineA
InitializeCriticalSection
EnterCriticalSection
GetTickCount
LeaveCriticalSection
LoadLibraryA
GlobalHandle

user32

GetDC
GetDesktopWindow
GetDlgItem
GetFocus
GetForegroundWindow
GetKeyState
GetLastActivePopup
GetMenu
GetMenuCheckMarkDimensions
GetMenuItemCount
GetMenuItemID
GetMenuState
GetMessagePos
GetMessageTime
GetMessageW
GetNextDlgGroupItem
GetNextDlgTabItem
GetParent
GetPropW
GetScrollInfo
GetScrollPos
GetSubMenu
GetSysColorBrush
GetSystemMetrics
GetTopWindow
GetWindowDC
GetWindowLongW
GetWindowPlacement
GetWindowRect
GetWindowRgn
GetWindowTextLengthW
GetWindowTextW
GetWindowThreadProcessId
GrayStringW
InflateRect
IntersectRect
InvalidateRect
InvalidateRgn
IsChild
IsDialogMessageW
IsIconic
IsRectEmpty
IsWindowEnabled
IsWindowVisible
KillTimer
LoadBitmapW
LoadCursorFromFileW
LoadCursorW
LoadIconW
LoadImageW
LoadMenuW
MapDialogRect
MapWindowPoints
MessageBeep
MessageBoxW
ModifyMenuW
MoveWindow
OffsetRect
PeekMessageW
PostMessageW
PostQuitMessage
GetCursorPos
PtInRect
RegisterClassW
RegisterClipboardFormatW
RegisterWindowMessageW
ReleaseCapture
ReleaseDC
RemovePropW
ScreenToClient
ScrollWindow
SendDlgItemMessageA
SendDlgItemMessageW
SendMessageW
SetActiveWindow
SetCapture
SetCursor
SetFocus
SetForegroundWindow
SetMenuItemBitmaps
SetPropW
SetRect
SetRectEmpty
SetScrollInfo
SetTimer
SetWindowContextHelpId
SetWindowLongW
SetWindowPos
SetWindowRgn
SetWindowsHookExW
SetWindowTextW
ShowWindow
SystemParametersInfoA
TabbedTextOutW
TrackPopupMenu
TranslateMessage
UnhookWindowsHookEx
UnregisterClassA
UnregisterClassW
UpdateWindow
ValidateRect
WindowFromPoint
WinHelpW
MessageBoxA
GetDlgCtrlID
AdjustWindowRectEx
BeginPaint
CallNextHookEx
CallWindowProcW
CharNextW
CharUpperW
GetClientRect
DrawTextExW
DrawIcon
DispatchMessageW
DestroyWindow
DefWindowProcW
CreateWindowExW
CreateDialogIndirectParamW
CopyRect
CopyAcceleratorTableW
ClientToScreen
CheckMenuItem
GetClassNameW
GetClassLongW
GetClassInfoW
GetClassInfoExW
GetCapture
GetActiveWindow
FindWindowW
FillRect
EqualRect
EndPaint
EndDialog
EnableWindow
EnableMenuItem
PostThreadMessageW
DrawTextW
DestroyMenu

winspool.drv

StartPagePrinter
OpenPrinterW
ClosePrinter
DocumentPropertiesW

comdlg32

ChooseColorA
CommDlgExtendedError

advapi32

RegCloseKey
RegSetValueExW
RegQueryValueExA
RegOpenKeyExW
RegCreateKeyExW
RegDeleteKeyW
RegEnumKeyW
RegOpenKeyW
RegQueryValueExW
RegQueryValueW

shell32

DragQueryFileW
CommandLineToArgvW
DragFinish

oleaut32

VariantInit

shlwapi

PathAddBackslashW
PathFindExtensionW
PathFindFileNameW
PathIsDirectoryW
PathIsUNCW
PathAppendW
PathFileExistsW
PathStripToRootW
PathRemoveFileSpecW

Sections

.text
Size: 760KB - Virtual size: 757KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_xhead_3
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_vhead_3
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

930faff35ccca6110fa890bcfbd8d691

Headers

File Characteristics

Imports

imm32

kernel32

user32

winspool.drv

comdlg32

advapi32

shell32

oleaut32

shlwapi

Sections

.text Size: 760KB - Virtual size: 757KB

_xhead_3 Size: 12KB - Virtual size: 9KB

.data Size: 16KB - Virtual size: 21KB

.rsrc Size: 120KB - Virtual size: 120KB

_vhead_3 Size: 1.4MB - Virtual size: 1.4MB

.text
Size: 760KB - Virtual size: 757KB

_xhead_3
Size: 12KB - Virtual size: 9KB

.data
Size: 16KB - Virtual size: 21KB

.rsrc
Size: 120KB - Virtual size: 120KB

_vhead_3
Size: 1.4MB - Virtual size: 1.4MB