d8738ac3c33b71b2b16b8908b3b9e8e0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

d8738ac3c33b71b2b16b8908b3b9e8e0N.exe
Size

6.5MB
MD5

d8738ac3c33b71b2b16b8908b3b9e8e0
SHA1

125c4d8e58be02394d9b90ddf8f0bc67a8bf08ba
SHA256

591377f20b54f6e597b795f0db1335c79b4483d8c6606221a72c8d818b1a0a0c
SHA512

ba2734b8c19d8fb60848cb2af8bc1b91fdacd2f0d521e61c4afe3e73d023a689aec78b105a0d210b63b6d3b432648585685ffe2d962b6962bc08070acd0facca
SSDEEP

98304:O46EhzKEEDdghsxO5PA48d8j/o+5b5WGK+chNl3n9sw7WIeTN3AaPAqw2y2:OrGKEm2sxO5PLASA+J5Wz37WhVYqxy2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d8738ac3c33b71b2b16b8908b3b9e8e0N.exe

Files

d8738ac3c33b71b2b16b8908b3b9e8e0N.exe
.exe windows:4 windows x86 arch:x86

ea59cbe3650605d330321f2128488763

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFileTimeToFileTime
IsDBCSLeadByteEx
SetConsoleMode
FlushFileBuffers
AllocConsole
Beep
ExitProcess
WriteFile
GetCommState
VirtualProtect
SystemTimeToFileTime
GetTempFileNameA
SetTimeZoneInformation
ConnectNamedPipe
SetThreadAffinityMask
FindFirstFileA
SetThreadLocale
IsBadReadPtr
DeleteCriticalSection
TryEnterCriticalSection
CreateDirectoryExA
VirtualUnlock
GlobalAddAtomA
InitializeCriticalSection
WritePrivateProfileStringA
AreFileApisANSI
GetShortPathNameA

user32

TrackPopupMenuEx
ChangeMenuW
CreateAcceleratorTableW
LoadKeyboardLayoutW
SetUserObjectInformationW
EnumWindows
ShowCaret
GetParent
BeginDeferWindowPos
OpenDesktopA
SetMenuInfo
LoadMenuW
wvsprintfW
GetAncestor
CreateDialogIndirectParamW
ScrollWindow
AppendMenuA
CloseDesktop
DispatchMessageW
FillRect
mouse_event
CreateDialogParamA
GetAsyncKeyState
ArrangeIconicWindows
GetMessageW
GetWindowTextW
MenuItemFromPoint
AdjustWindowRect
DefMDIChildProcW
GetTopWindow
InvertRect
GetWindowRect
MessageBeep
InsertMenuItemW
CreateWindowExA

gdi32

SelectObject
CreateHatchBrush
PtVisible
GetCharacterPlacementW
EnumFontFamiliesA
ExcludeClipRect
WidenPath
GetStretchBltMode
SetRectRgn
CreatePolygonRgn
SetBitmapBits
EnumFontFamiliesExA
PolylineTo

comdlg32

PageSetupDlgA
GetFileTitleA

advapi32

RevertToSelf
RegSaveKeyA
CryptSignHashW
LogonUserW
SetFileSecurityW
AddAccessDeniedAce
QueryServiceStatus
RegUnLoadKeyW
CryptReleaseContext
NotifyBootConfigStatus
RegOpenKeyA
GetNamedSecurityInfoW
GetAce
BuildTrusteeWithSidW
FreeSid
CryptGenKey
QueryServiceConfigA
GetPrivateObjectSecurity
GetSecurityDescriptorDacl
AddAccessAllowedAce
RegCreateKeyExA
RegQueryInfoKeyA
LookupPrivilegeNameA
RegisterServiceCtrlHandlerW
AbortSystemShutdownW
GetServiceDisplayNameA
RegEnumKeyW
RegQueryValueA
CryptDestroyKey
CryptGetProvParam
CryptGetUserKey
PrivilegeCheck
SetNamedSecurityInfoA
RegQueryValueExW
IsValidAcl
OpenSCManagerW

shell32

Shell_NotifyIconW

ole32

CoCreateInstance
OleLockRunning
CLSIDFromString
CoTaskMemRealloc
CoFileTimeNow

oleaut32

SafeArrayUnaccessData

comctl32

ImageList_Duplicate
CreatePropertySheetPageA
ImageList_ReplaceIcon

shlwapi

SHRegOpenUSKeyW
PathIsRootW
PathAddExtensionW
StrChrW
PathCanonicalizeA
PathFileExistsW
StrCpyNW
PathRemoveBackslashA
PathFindFileNameA
PathSkipRootW
AssocQueryStringW
SHRegGetUSValueW
SHSetValueW
PathStripPathA
UrlIsW
StrCmpNA
PathCombineW
PathIsRelativeA

msvcrt

isleadbyte
_mbsicmp
_splitpath
getchar
vprintf
_wctime
atol
_ltoa
localtime
fclose
_finite
_fcvt
isspace
putc
mktime
strtol
remove
iswspace
_dup2
_c_exit
_wopen
bsearch
abort
ceil
wcsspn

Sections

.text
Size: 8KB - Virtual size: 6.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6.4MB - Virtual size: 6.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ea59cbe3650605d330321f2128488763

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

msvcrt

Sections

.text Size: 8KB - Virtual size: 6.4MB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 6.4MB - Virtual size: 6.4MB

.rsrc Size: 68KB - Virtual size: 66KB

.text
Size: 8KB - Virtual size: 6.4MB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 6.4MB - Virtual size: 6.4MB

.rsrc
Size: 68KB - Virtual size: 66KB