9b4ebe91157685cb6c86d3faf83161454746708680c25d7f44473dd4e94b1e2cN[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

9b4ebe91157685cb6c86d3faf83161454746708680c25d7f44473dd4e94b1e2cN.exe
Size

460KB
MD5

ebe08c88f6adaf9d3ace35fa76f9c2a0
SHA1

50582dbcf4245ddf29f2f7302cac63222c1d09da
SHA256

9b4ebe91157685cb6c86d3faf83161454746708680c25d7f44473dd4e94b1e2c
SHA512

6c254a5878a53ff5415c2a765c6f6ae19535abd1b802e8668767f06a6c2d8b65ea4b6ca5cc726592fec79e9d6074081cd66a8948650b91a8a6b9a5c9aaa38e78
SSDEEP

12288:y/WQd+hbvmpq4hNIVIlu1HGjxc5Em5shebBbeR:y/WMM7mzhmIoH8ymmqkb9e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9b4ebe91157685cb6c86d3faf83161454746708680c25d7f44473dd4e94b1e2cN.exe

Files

9b4ebe91157685cb6c86d3faf83161454746708680c25d7f44473dd4e94b1e2cN.exe
.exe windows:5 windows x86 arch:x86

1d6ca92d8335c52b2b5a79f2dce5b0a9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
ReadFile
SetFilePointer
TlsFree
MapViewOfFile
RaiseException
GetCurrentThread
InterlockedCompareExchange
GetCommandLineA
HeapSize
WideCharToMultiByte
GetCommandLineW
GetCurrentProcessId
SizeofResource
FileTimeToLocalFileTime
CreateProcessW
lstrlenW
VirtualQuery
GlobalUnlock
GetEnvironmentStringsW
FindNextFileW
LCMapStringA
GetConsoleCP
GlobalFree
lstrlenA
GetSystemInfo
HeapCreate
LoadLibraryExW
GetLastError
InterlockedIncrement
ExitProcess
TlsSetValue
GetFileType
CreateFileW
GlobalLock
FindNextFileA
CreateFileMappingA
CompareStringA
lstrcpyA
FindFirstFileA
CompareStringW
GetProcessHeap
WaitForMultipleObjects
SetEvent
DeleteFileA
CreateDirectoryA
LCMapStringW
GetFileSize
GetStartupInfoA
LoadLibraryA
FlushFileBuffers
TlsAlloc
GetTickCount
QueryPerformanceCounter
FreeLibrary
GetVersionExW
LoadLibraryW
SetHandleCount
EnterCriticalSection
HeapFree
WriteConsoleW
SetCurrentDirectoryA
LeaveCriticalSection
GetVersion
SetEndOfFile
GlobalAlloc
lstrcpynA
TerminateProcess
SetEnvironmentVariableA
GetSystemDirectoryA
MulDiv
SetUnhandledExceptionFilter
CreateThread
GetModuleHandleA
CreateMutexA
GetLocalTime
MultiByteToWideChar
UnhandledExceptionFilter
GetModuleFileNameA
GetVersionExA
HeapAlloc
IsDebuggerPresent
GetModuleFileNameW
GetEnvironmentVariableA
SetLastError
FormatMessageA
InterlockedDecrement
FindClose
LoadResource
InitializeCriticalSection
LocalFree
GetOEMCP
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
WriteFile
InterlockedExchange
GetStringTypeA
GetProcAddress
GetCPInfo
lstrcmpiA
GetTempPathA
SetStdHandle
FreeEnvironmentStringsW
SetErrorMode
CreateFileA
lstrcatA
LocalAlloc
GetLocaleInfoA
GetConsoleMode
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
GetFileAttributesW
HeapDestroy
FindFirstFileW
LockResource
WaitForSingleObject
GetFileAttributesA
ReleaseMutex
GetConsoleOutputCP
GetStdHandle
TlsGetValue
RtlUnwind
GetACP
GetModuleHandleW
GetCurrentThreadId
GetEnvironmentStrings
CreateProcessA
UnmapViewOfFile
VirtualFree
Sleep
FindResourceA
WriteConsoleA
VirtualAlloc

user32

SendMessageA
LoadIconA
ClientToScreen
GetDlgItem
CheckMenuItem
SetWindowTextA
SetWindowLongA
ReleaseCapture
SetCapture
GetWindowRect
GetSystemMetrics
KillTimer
BeginPaint
SetFocus
DispatchMessageA
FillRect
CreateWindowExA
GetSubMenu
RegisterClassA
EnableMenuItem
LoadStringA
IsWindowEnabled
TranslateMessage
PeekMessageA
EnableWindow
ShowWindow
UpdateWindow
GetParent
DestroyWindow
ScreenToClient
GetCursorPos
GetDC
IsWindow
SetWindowPos
PostQuitMessage
MapWindowPoints
ReleaseDC
MoveWindow
MessageBoxA
GetSysColor
SystemParametersInfoA
InvalidateRect
wsprintfA
GetClientRect
CallWindowProcA
SetCursor
SetForegroundWindow

gdi32

SelectObject
CreateCompatibleDC
SetTextColor
GetStockObject
DeleteDC
GetDeviceCaps
DeleteObject
SetBkColor
BitBlt
CreateSolidBrush

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 408KB - Virtual size: 405KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 704B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1d6ca92d8335c52b2b5a79f2dce5b0a9

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 24KB - Virtual size: 21KB

.rdata Size: 408KB - Virtual size: 405KB

.data Size: 20KB - Virtual size: 22KB

.rsrc Size: 4KB - Virtual size: 704B

.text
Size: 24KB - Virtual size: 21KB

.rdata
Size: 408KB - Virtual size: 405KB

.data
Size: 20KB - Virtual size: 22KB

.rsrc
Size: 4KB - Virtual size: 704B