591d75a0420fbe7b7b0ada87a5c554aff2ad1dea3b480e12bc5569eb8eb52430N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

591d75a0420fbe7b7b0ada87a5c554aff2ad1dea3b480e12bc5569eb8eb52430N.exe
Size

124KB
MD5

e89e11914efca2e1756baa88f275b890
SHA1

d4a438d8d6a7a2cf2a1843c9cf253c4b633e0984
SHA256

591d75a0420fbe7b7b0ada87a5c554aff2ad1dea3b480e12bc5569eb8eb52430
SHA512

c7c25d72c17cc3328685685c7ad4e38a8743edf240dd763127b4376f03acbd20e23e53b1d7f71ea1422cfe8ffa927f974543fecd698faf020e8baffdc799451b
SSDEEP

3072:idlEhjJ79Dapzpv7iaoPuFu65hdmL5X9Uri2:KCaR7iajXHd0th2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
591d75a0420fbe7b7b0ada87a5c554aff2ad1dea3b480e12bc5569eb8eb52430N.exe

Files

591d75a0420fbe7b7b0ada87a5c554aff2ad1dea3b480e12bc5569eb8eb52430N.exe
.dll windows:4 windows x86 arch:x86

ff2aed682dbb69a67a9625626c219530

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CompareStringA
EnterCriticalSection
ExitProcess
FindResourceA
GetACP
GetCommandLineA
GetModuleHandleA
GetOEMCP
GetPrivateProfileStringA
GetStartupInfoA
GetSystemTime
GetSystemTimeAsFileTime
GetTimeFormatA
HeapAlloc
MultiByteToWideChar
SetLastError
SetUnhandledExceptionFilter
Sleep
TlsFree
VirtualAlloc
VirtualFree
lstrcmpA
lstrcmpiA
lstrlenA

msvcrt

_snwprintf
printf
fwprintf
exit
__set_app_type
__p__commode
__getmainargs
wcslen

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

userenv

GetProfilesDirectoryW
GetAppliedGPOListW
FreeGPOListW
ExpandEnvironmentStringsForUserW
UnregisterGPNotification

ntdll

RtlLeaveCriticalSection
RtlNtStatusToDosError
RtlInitUnicodeString
NtEnumerateValueKey
NtCreateSection
NtCreateEvent
LdrLoadDll
RtlInitString
RtlFreeUnicodeString
RtlExpandEnvironmentStrings_U
RtlEnterCriticalSection
RtlCreateTagHeap
NtSetValueKey
NtSetInformationProcess
NtQueryDefaultLocale
NtSetEvent

comdlg32

PrintDlgW
PageSetupDlgW
PageSetupDlgA
LoadAlterBitmap
GetSaveFileNameW
GetSaveFileNameA
GetOpenFileNameW
GetOpenFileNameA
GetFileTitleW
GetFileTitleA
FindTextW
FindTextA
CommDlgExtendedError
ChooseFontW
ChooseFontA
ChooseColorW
ChooseColorA

comctl32

InitCommonControlsEx
ImageList_ReplaceIcon
ImageList_GetIconSize
ImageList_Draw
ImageList_AddMasked

winmm

midiOutReset
midiStreamOut
mixerGetDevCapsW
mixerGetControlDetailsA
midiOutGetNumDevs
mixerGetLineControlsW
mixerSetControlDetails
mmDrvInstall
mmGetCurrentTask
mmTaskBlock
midiOutOpen
midiOutShortMsg

oleaut32

RevokeActiveObject
OleTranslateColor
OleLoadPicture
OleIconToCursor
ClearCustData
SafeArrayAllocData
SafeArrayCreate
SysReAllocString
SysStringLen
VarBstrCat
VarBstrCmp
RegisterTypeLib

oledlg

OleUIBusyA
OleUIAddVerbMenuA
OleUIBusyW
OleUICanConvertOrActivateAs
OleUIUpdateLinksA
OleUIInsertObjectW
OleUIInsertObjectA
OleUIEditLinksW
OleUIEditLinksA
OleUIConvertW
OleUIChangeSourceW
OleUIChangeSourceA
OleUIChangeIconW
OleUIAddVerbMenuW
OleUIChangeIconA

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 71KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ff2aed682dbb69a67a9625626c219530

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

version

userenv

ntdll

comdlg32

comctl32

winmm

oleaut32

oledlg

Sections

.text Size: 32KB - Virtual size: 31KB

.data Size: 71KB - Virtual size: 103KB

.rsrc Size: 20KB - Virtual size: 19KB

.text
Size: 32KB - Virtual size: 31KB

.data
Size: 71KB - Virtual size: 103KB

.rsrc
Size: 20KB - Virtual size: 19KB