5ad2e1079da314fde75c334d9cd6c3683c33ed6ca5eb76a6cf6bf2602b04d1a5N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

5ad2e1079da314fde75c334d9cd6c3683c33ed6ca5eb76a6cf6bf2602b04d1a5N.exe
Size

80KB
MD5

ec85b348568b24ed7a7aec7b29cec520
SHA1

8783a403a87fe9676f8686fcba0e8fce72a61996
SHA256

5ad2e1079da314fde75c334d9cd6c3683c33ed6ca5eb76a6cf6bf2602b04d1a5
SHA512

0a4c8cb0483a3e44ef49fc0f5b0019002b50a258f12366983e38f881e497a7eaba363765dbaabd253a91cf6cdd36d8ddc6eb5caa774869ca19f83b15854452fb
SSDEEP

1536:n9pZeTgJePO1eAZoxbeGj20ZzZloi5wPYhcxt0hKRkV1qMH8xq:zkg1eks1j2gT+kNpcw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5ad2e1079da314fde75c334d9cd6c3683c33ed6ca5eb76a6cf6bf2602b04d1a5N.exe

Files

5ad2e1079da314fde75c334d9cd6c3683c33ed6ca5eb76a6cf6bf2602b04d1a5N.exe
.exe windows:5 windows x86 arch:x86

1e51879f116875acc43c110bde26f8d6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

SetWindowTextA
GetSysColor
SetWindowPos
PostQuitMessage
GetSubMenu
UnhookWindowsHookEx
EnableMenuItem
GetMessageA
EqualRect
EnumWindows
GetSysColorBrush
FrameRect
GetScrollPos

kernel32

VirtualAllocEx
GetSystemTime
InterlockedExchange
GetFileAttributesA
RtlUnwind
GetOEMCP
ExitProcess
GetTickCount
GetCurrentProcessId
QueryPerformanceCounter
FileTimeToSystemTime
GetACP
GetStartupInfoA
GetThreadLocale
SetUnhandledExceptionFilter
GetTimeZoneInformation
GetTempPathA

gdi32

DPtoLP
CopyEnhMetaFileA
CreateICW
GetMapMode
ExcludeClipRect
CreateCompatibleBitmap
SetViewportExtEx
SelectClipPath
FillRgn

ole32

OleRun
CoCreateInstance
StringFromGUID2
CoInitializeSecurity
DoDragDrop
CoInitialize
StgOpenStorage
CoTaskMemRealloc
CoRevokeClassObject

advapi32

CryptHashData
FreeSid
QueryServiceStatus
RegCreateKeyA
GetUserNameA
RegQueryValueExW
RegCreateKeyExW
CheckTokenMembership
GetSecurityDescriptorDacl
AdjustTokenPrivileges

msvcrt

strncpy
_mbscmp
_strdup
_CIpow
fprintf
_flsbuf
signal
__getmainargs
_lock
__initenv
__setusermatherr
raise
puts
strcspn
_fdopen
fflush
strlen
iswspace

comctl32

InitCommonControls
ImageList_SetIconSize
ImageList_Destroy
ImageList_GetBkColor
CreatePropertySheetPageA
ImageList_Write
ImageList_GetIconSize
ImageList_ReplaceIcon
ImageList_DrawEx
ImageList_LoadImageA
ImageList_GetIcon
ImageList_LoadImageW
ImageList_DragEnter

shell32

CommandLineToArgvW
ShellExecuteW
DragAcceptFiles
ShellExecuteEx
SHBrowseForFolderA
ExtractIconW
ExtractIconExW
DoEnvironmentSubstW
DragQueryFileW
DragQueryFileA
SHGetPathFromIDList

oleaut32

SafeArrayPutElement
SafeArrayUnaccessData
VariantCopy
SafeArrayRedim
SafeArrayCreate
SafeArrayPtrOfIndex
SafeArrayGetUBound
SysReAllocStringLen

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1e51879f116875acc43c110bde26f8d6

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 33KB - Virtual size: 33KB

.data Size: 40KB - Virtual size: 39KB

.rsrc Size: 6KB - Virtual size: 26KB

.text
Size: 33KB - Virtual size: 33KB

.data
Size: 40KB - Virtual size: 39KB

.rsrc
Size: 6KB - Virtual size: 26KB