ee69289754bfbde9b8a5743afd0c4d00N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

ee69289754bfbde9b8a5743afd0c4d00N.exe
Size

145KB
MD5

ee69289754bfbde9b8a5743afd0c4d00
SHA1

e34d661db50470387bc50b1761f4e9d9f04e0010
SHA256

3442c825190e4c68309646c3e56822928d4018718f3813f32e7b5d0679277a13
SHA512

51d160a91c7967f22e0c3e57cd8ac2b490673bfe8f84a280750303f40ec5c32b586386566f999372521bcc49877ffbe5f2ae94c0d05c6cea07ecc3ea3a4f0ae6
SSDEEP

3072:dGFu9FnDPdr4smOcxPWz2lQBV+UdE+rECWp7hKTwzNh:EFunDPdr4vhaBV+UdvrEFp7hKUzn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ee69289754bfbde9b8a5743afd0c4d00N.exe

Files

ee69289754bfbde9b8a5743afd0c4d00N.exe
.dll windows:5 windows x86 arch:x86

7cbc3d9695efb1ddc5ff341b58ce242e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

H:\QuickMenu\Project\Downloader\Release\CNMDWLD.pdb

Imports

wininet

InternetCrackUrlW

shell32

SHCreateDirectoryExW

kernel32

FlushFileBuffers
GetLocalTime
GetTempFileNameW
GetTempPathW
MultiByteToWideChar
WideCharToMultiByte
CloseHandle
CreateFileW
GetStringTypeW
LCMapStringW
WriteConsoleW
GetLastError
HeapFree
GetCurrentThreadId
DecodePointer
GetCommandLineA
RaiseException
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
HeapAlloc
HeapCreate
HeapDestroy
IsProcessorFeaturePresent
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetModuleHandleW
SetLastError
InterlockedDecrement
GetProcAddress
Sleep
ExitProcess
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapSize
WriteFile
GetModuleFileNameW
LeaveCriticalSection
EnterCriticalSection
SetFilePointer
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
RtlUnwind
HeapReAlloc
LoadLibraryW
SetStdHandle

user32

PostMessageW
IsWindow

ole32

CoCreateInstance

Exports

Exports

DLAPI_AddFileSet
DLAPI_Cancel
DLAPI_CreateJob
DLAPI_DeleteAllJobs
DLAPI_DeleteJob
DLAPI_FinishJob
DLAPI_GetDownloadState
DLAPI_GetNotifyFlags
DLAPI_GetPriority
DLAPI_Initialize
DLAPI_RegisterNotifyWnd
DLAPI_RemoveCredentials
DLAPI_SetCredentials
DLAPI_SetNotifyFlags
DLAPI_SetPriority
DLAPI_StartJob
DLAPI_Uninitialize

Sections

.text
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7cbc3d9695efb1ddc5ff341b58ce242e

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

wininet

shell32

kernel32

user32

ole32

Exports

Exports

Sections

.text Size: 43KB - Virtual size: 42KB

.rdata Size: 14KB - Virtual size: 13KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 43KB - Virtual size: 42KB

.rdata
Size: 14KB - Virtual size: 13KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 6KB - Virtual size: 5KB