3218ddb527630e9a17211da8dc1d5252f957134e7010af9ec2657c449211c1fdN[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

3218ddb527630e9a17211da8dc1d5252f957134e7010af9ec2657c449211c1fdN.exe
Size

845KB
MD5

ec21971e1cbc38f4d3a3c45d217c72b0
SHA1

37acf3ac927cbf0df10398dfe704ba7bbfc3137f
SHA256

3218ddb527630e9a17211da8dc1d5252f957134e7010af9ec2657c449211c1fd
SHA512

f3e6e6a9387e68bde3530acbd38c30980021572c4e1c98a27f71731af8c5bbd5c581aec3818dbc0f5dddf4f3c671f6c9cde854ba415cfd6bfb0ecfdff5c6cb05
SSDEEP

12288:ip7Tv4/gpEO8Zl7LphhWzY1aqVLjpkcleHKDroXK7OcucH+fOkEXRTrC6/mdD0o:I7Tv4oOh4qVLjpknH87Oc5/mdD0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3218ddb527630e9a17211da8dc1d5252f957134e7010af9ec2657c449211c1fdN.exe

Files

3218ddb527630e9a17211da8dc1d5252f957134e7010af9ec2657c449211c1fdN.exe
.exe windows:4 windows x86 arch:x86

a9fc2500fb6062c699f2a5fb06331cc3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

accept
listen
WSAGetLastError
send
recv
connect
htonl
__WSAFDIsSet
htons
bind
setsockopt
ioctlsocket
closesocket
WSAStartup
socket
select
gethostbyname

kernel32

GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GlobalFlags
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetCurrentDirectoryA
GetProcessVersion
SizeofResource
GetCPInfo
GetOEMCP
FindNextFileA
GetFileAttributesA
GetFileSize
GetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileTime
SetFileAttributesA
SetErrorMode
GlobalSize
RtlUnwind
RaiseException
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetCommandLineA
HeapFree
CreateThread
ExitThread
HeapAlloc
GetSystemTime
GetLocalTime
HeapReAlloc
HeapSize
GetACP
SetStdHandle
GetFileType
FatalAppExitA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
TlsAlloc
GetStdHandle
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
VirtualAlloc
IsBadWritePtr
GetDriveTypeA
IsBadReadPtr
IsBadCodePtr
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
SetConsoleCtrlHandler
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetProfileStringA
InterlockedExchange
ReadFile
CloseHandle
WaitForSingleObject
CreateProcessA
GetStartupInfoA
CreatePipe
GetModuleFileNameA
ExitProcess
WinExec
CopyFileA
Sleep
Process32Next
TerminateProcess
OpenProcess
Process32First
FileTimeToLocalFileTime
FileTimeToSystemTime
MulDiv
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
CreateToolhelp32Snapshot
DeleteFileA
WriteFile
SetFilePointer
CreateFileA
GetTickCount
WideCharToMultiByte
lstrlenA
GetCurrentProcess
DuplicateHandle
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc
EnterCriticalSection
GetLastError
SetLastError
lstrcpynA
lstrlenW
LoadLibraryA
FreeLibrary
GetVersion
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
lstrcpyA
GetModuleHandleA
GetProcAddress
GlobalUnlock
LocalFree
GlobalFree
LockResource
FindResourceA
LoadResource
CreateEventA
SuspendThread
SetThreadPriority
ResumeThread
SetEvent
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
MultiByteToWideChar
InterlockedDecrement
InterlockedIncrement
FormatMessageA
SetHandleCount

user32

DrawTextA
GrayStringA
LoadStringA
LoadCursorA
SetCapture
ReleaseCapture
WaitMessage
GetWindowThreadProcessId
WindowFromPoint
GetClassNameA
PtInRect
InsertMenuA
DeleteMenu
GetMenuStringA
GetSysColorBrush
GetDialogBaseUnits
DestroyMenu
CopyAcceleratorTableA
SetRect
GetNextDlgGroupItem
MessageBeep
AppendMenuA
RemoveMenu
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
SetMenu
ReuseDDElParam
UnpackDDElParam
InvalidateRect
BringWindowToTop
InflateRect
RegisterClipboardFormatA
PostThreadMessageA
DestroyIcon
ClientToScreen
wvsprintfA
CharNextA
MoveWindow
SetWindowTextA
IsDialogMessageA
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
CharUpperA
GetDesktopWindow
MapDialogRect
SetWindowContextHelpId
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
SetFocus
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
ScrollWindow
GetScrollInfo
TabbedTextOutA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
TrackPopupMenu
SetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
EndDialog
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
UnhookWindowsHookEx
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
SetScrollInfo
GetDC
IsWindowEnabled
GetWindowLongA
MessageBoxA
SetCursor
ShowOwnedPopups
PostQuitMessage
PostMessageA
OemToCharA
CharToOemA
KillTimer
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
SendMessageA
SetTimer
EnableWindow
ShowWindow
LoadIconA
IsWindowUnicode
DefDlgProcA
DrawFocusRect
ExcludeUpdateRgn
ShowCaret
HideCaret
UnregisterClassA
RemovePropA

gdi32

SaveDC
RestoreDC
SelectObject
SelectPalette
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
MoveToEx
LineTo
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
GetCurrentPositionEx
ArcTo
SetArcDirection
PolyDraw
PolylineTo
SetColorAdjustment
PolyBezierTo
StartDocA
GetClipRgn
CreateRectRgn
SelectClipPath
ExtSelectClipRgn
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
GetViewportExtEx
GetWindowExtEx
CreatePen
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
CreatePatternBrush
CreateDIBPatternBrushPt
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextExtentPoint32A
GetTextMetricsA
CreateFontIndirectA
DPtoLP
LPtoDP
CopyMetaFileA
CreateDCA
GetMapMode
PatBlt
SetRectRgn
CombineRgn
CreateRectRgnIndirect
DeleteDC
GetStockObject
GetDeviceCaps
GetBkColor
GetTextColor
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
GetTextExtentPointA
BitBlt
CreateCompatibleDC
DeleteObject
CreateDIBitmap
CreateBitmap

comdlg32

GetSaveFileNameA
GetOpenFileNameA
GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegDeleteValueA
RegCreateKeyA
RegEnumKeyA
RegQueryValueA
RegSetValueA
RegDeleteKeyA
RegCloseKey
RegCreateKeyExA
RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA

shell32

DragQueryFileA
DragFinish
SHGetFileInfoA
DragAcceptFiles
ExtractIconA

comctl32

ord17

oledlg

ord8

ole32

OleInitialize
OleUninitialize
CoUninitialize
CoCreateInstance
CoInitialize
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
CoDisconnectObject
OleRun
OleDuplicateData
CreateBindCtx
SetConvertStg
WriteFmtUserTypeStg
WriteClassStg
OleRegGetUserType
ReadFmtUserTypeStg
ReadClassStg
StringFromCLSID
CoTreatAsClass
CreateStreamOnHGlobal
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
CoRevokeClassObject
CoRegisterClassObject
CoRegisterMessageFilter
CoFreeUnusedLibraries
ReleaseStgMedium

olepro32

ord253

oleaut32

SafeArrayDestroyData
SafeArrayDestroy
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayCopy
VarBstrFromDate
VarDateFromStr
VarBstrFromCy
VarCyFromStr
SysStringByteLen
SysAllocStringByteLen
SafeArrayRedim
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayDestroyDescriptor
VariantTimeToSystemTime
SysStringLen
LoadTypeLi
SafeArrayUnaccessData
SysAllocString
SysReAllocStringLen
VariantChangeType
VariantCopy
SysAllocStringLen
SysFreeString
VariantClear

wininet

InternetCanonicalizeUrlA
InternetGetCookieA
InternetSetCookieA
InternetSetStatusCallback
InternetSetOptionExA
InternetOpenUrlA
InternetCloseHandle
InternetOpenA
InternetQueryOptionA
InternetCrackUrlA
InternetWriteFile
InternetReadFile
InternetQueryDataAvailable
InternetGetLastResponseInfoA
GopherFindFirstFileA
InternetFindNextFileA
FtpFindFirstFileA
HttpQueryInfoA
HttpSendRequestExA
HttpEndRequestA
HttpSendRequestA
HttpAddRequestHeadersA
InternetErrorDlg
HttpOpenRequestA
GopherOpenFileA
GopherGetAttributeA
GopherCreateLocatorA
FtpGetFileA
FtpPutFileA
FtpOpenFileA
FtpGetCurrentDirectoryA
FtpSetCurrentDirectoryA
FtpRemoveDirectoryA
FtpCreateDirectoryA
FtpRenameFileA
FtpDeleteFileA
InternetConnectA
InternetSetFilePointer

Sections

.text
Size: 438KB - Virtual size: 438KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 291KB - Virtual size: 292KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a9fc2500fb6062c699f2a5fb06331cc3

Headers

File Characteristics

Imports

ws2_32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wininet

Sections

.text Size: 438KB - Virtual size: 438KB

.rdata Size: 86KB - Virtual size: 85KB

.data Size: 29KB - Virtual size: 47KB

.rsrc Size: 291KB - Virtual size: 292KB

.text
Size: 438KB - Virtual size: 438KB

.rdata
Size: 86KB - Virtual size: 85KB

.data
Size: 29KB - Virtual size: 47KB

.rsrc
Size: 291KB - Virtual size: 292KB