720f93b051aec39a15c9b3bda22b5630N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

720f93b051aec39a15c9b3bda22b5630N.exe
Size

188KB
MD5

720f93b051aec39a15c9b3bda22b5630
SHA1

d1678f0245d7e2768a8bbfdb9a02a2629c91daf2
SHA256

202c458560ed15f00b02bab0eebd1c2ec2daf895a929b5438d3bf93c97e73845
SHA512

02b4f7dd0bc9dabc3562f10db5a1f2ae86069c346fd73fb611de903d643a6546757c0d2fb1ca32b11c4786b2db390eb94f9abbd4f5825dde0d7662ef69eb8158
SSDEEP

768:Q5NMQcR0eOcYVeRUds5unNfZz0EPruEJ3yyUERAZiSAzoRUK9s01WLavL:QrMQ+k/nNBxTJ/UE9SKoJ9s0kcL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
720f93b051aec39a15c9b3bda22b5630N.exe

Files

720f93b051aec39a15c9b3bda22b5630N.exe
.dll regsvr32 windows:4 windows x86 arch:x86

6d954d26a5af92264e957c6d5a21bc50

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DisableThreadLibraryCalls
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapDestroy
DeleteCriticalSection
lstrlenA
GetShortPathNameA
GetModuleHandleA
GetModuleFileNameA
MultiByteToWideChar
lstrlenW
FreeLibrary
GetProcAddress
LoadLibraryA
lstrcpyA
lstrcatA
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
OutputDebugStringA
GetLocalTime
CreateDirectoryA
GetLastError
SetLastError
CloseHandle
WaitForSingleObject
LocalFree
Sleep

user32

GetWindowLongA
DefWindowProcA
RegisterClassA
CreateWindowExA
SetWindowLongA
CharNextA
PostMessageA
DestroyWindow

ole32

CoCreateInstance

oleaut32

VariantClear
SysAllocStringLen
SysStringLen
LoadRegTypeLi
RegisterTypeLi
SysAllocString
LoadTypeLi
SysFreeString
CreateErrorInfo
VariantChangeType
SetErrorInfo
VariantInit
GetErrorInfo

multicastdll

?SetTTL@CMulticastSockServer@@QAE_NH@Z
?sendto@CMulticastSockServer@@QAE_NPBDHI0@Z
??0CMulticastSockServer@@QAE@XZ
?Initialize@CMulticastSockServer@@QAE_NIPBD@Z
??1CMulticastSockServer@@QAE@XZ
??1CMulticastSockClient@@QAE@XZ
?close@CMulticastSockClient@@QAEXXZ
??0CMulticastSockClient@@QAE@XZ
?Initialize@CMulticastSockClient@@QAE_NIPBD@Z
?JoinMulticast@CMulticastSockClient@@QAE_NPBD@Z
?recvfrom@CMulticastSockClient@@QAE_NPADAAH0H@Z

msvcp60d

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
?length@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?empty@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE_NXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ

msvcrtd

?terminate@@YAXXZ
_except_handler3
_CxxThrowException
wcslen
free
_beginthreadex
fprintf
fflush
_mbscmp
_mbsnbcpy
fclose
strrchr
_snprintf
malloc
memset
realloc
_vsnprintf
_purecall
memcmp
__CxxFrameHandler
_CrtDbgReport
??2@YAPAXI@Z
memcpy
__dllonexit
_onexit
_initterm
_malloc_dbg
_adjust_fdiv
??1type_info@@UAE@XZ
_free_dbg
_chkesp
fopen

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 148KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6d954d26a5af92264e957c6d5a21bc50

Headers

File Characteristics

Imports

kernel32

user32

ole32

oleaut32

multicastdll

msvcp60d

msvcrtd

Exports

Exports

Sections

.text Size: 148KB - Virtual size: 145KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 4KB - Virtual size: 4KB

.idata Size: 8KB - Virtual size: 4KB

.rsrc Size: 12KB - Virtual size: 8KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 148KB - Virtual size: 145KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 4KB

.idata
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 12KB - Virtual size: 8KB

.reloc
Size: 4KB - Virtual size: 3KB