2b59788bc38fbc976cf30c30c21c4e80N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

2b59788bc38fbc976cf30c30c21c4e80N.exe
Size

264KB
MD5

2b59788bc38fbc976cf30c30c21c4e80
SHA1

e1ab3b52aac8a38ece2c01145a5a527f8ba5302a
SHA256

86adc5c2dfa97ae5f72d87b3691c6b0d2888d6c5603fc4114d2502bed7d1705f
SHA512

95a81b47d3ecfbeda234673daae9e244c4d894a7e66bd65ae962da76fb3f35c0c0731cced06956b0dded6ac98e925b3ffaf54fb67b9c31260159fce4da85e578
SSDEEP

1536:YjedwCb7Ii58rqwaP3Jgj4uR6z4NOn8FjGfUI5qcyQPFlfCeHcNr:bdwCbP3JbScXNlfCeHcNr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b59788bc38fbc976cf30c30c21c4e80N.exe

Files

2b59788bc38fbc976cf30c30c21c4e80N.exe
.exe windows:4 windows x86 arch:x86

4ba35aba78b50bcce19a281555291471

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord6142
ord293
ord3811
ord3337
ord641
ord540
ord2818
ord800
ord500
ord5860
ord472
ord5606
ord772
ord1641
ord3573
ord3693
ord3626
ord3663
ord4133
ord4297
ord2414
ord5788
ord5787
ord825
ord3571
ord640
ord2405
ord5785
ord1640
ord323
ord2859
ord2864
ord823

msvcrt

rand
__CxxFrameHandler
__setusermatherr
_adjust_fdiv
_initterm
__p__fmode
__set_app_type
__p__commode
_controlfp
_acmdln
_XcptFilter
?terminate@@YAXXZ
_except_handler3
__getmainargs
_exit
exit
srand
sscanf
_ftol

kernel32

GetCommandLineA
Sleep
UnhandledExceptionFilter
GetVersionExA
GetProcAddress
GetModuleHandleA
FreeLibrary
LoadLibraryA
GetTickCount
ExitProcess
GetStartupInfoA

user32

DispatchMessageA
CreateWindowExA
RegisterClassA
GetClientRect
TranslateMessage
GetMessageA
GetWindow
SendMessageA
PeekMessageA
CharNextA
PostQuitMessage
GetParent
PostMessageA
LoadIconA
IsWindow
GetCursorPos
SystemParametersInfoA
SetTimer
GetForegroundWindow
KillTimer
GetDlgItemInt
EndDialog
wsprintfA
IsWindowVisible
SetDlgItemTextA
GetWindowRect
SetForegroundWindow
FindWindowA
DialogBoxParamA
GetDesktopWindow
GetDC
ReleaseDC
PtInRect
RegisterWindowMessageA
DefWindowProcA
SetCursor
GetTopWindow

gdi32

GetStockObject
Rectangle
GetClipBox
SelectObject
MoveToEx
LineTo
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
CreatePen
CreateSolidBrush

advapi32

RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 216KB - Virtual size: 215KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xur
Size: 1B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4ba35aba78b50bcce19a281555291471

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

gdi32

advapi32

Sections

.text Size: 28KB - Virtual size: 28KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 216KB - Virtual size: 215KB

.rsrc Size: 8KB - Virtual size: 7KB

.xur Size: 1B - Virtual size: 4KB

.text
Size: 28KB - Virtual size: 28KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 216KB - Virtual size: 215KB

.rsrc
Size: 8KB - Virtual size: 7KB

.xur
Size: 1B - Virtual size: 4KB