408023671a9857e42aa0945b83c667ba2b4bd458c97d03be1220bb6b63d7aefcN[.]exe

General

Target

408023671a9857e42aa0945b83c667ba2b4bd458c97d03be1220bb6b63d7aefcN.exe
Size

207KB
MD5

eaa97e865f670ddc71c5f5f11458bbe0
SHA1

6043365fd12de995fd7d2ffd800fc0e8135e9339
SHA256

408023671a9857e42aa0945b83c667ba2b4bd458c97d03be1220bb6b63d7aefc
SHA512

ddaf9adb06119d9ac127bdec9b4e5a70f86721683852300b1ab0ff8aa4d989760c989f6ccd353f04180432320ff9ca7afdba881b7f49389e94dd3389e152e9ce
SSDEEP

6144:qM1pNHjExfP9qwK+N6PTAIBpO06u4Oxb1fBg0aUWY4XV:qM1nHjqflqk2pO06tO91pg0bW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
408023671a9857e42aa0945b83c667ba2b4bd458c97d03be1220bb6b63d7aefcN.exe

Files

408023671a9857e42aa0945b83c667ba2b4bd458c97d03be1220bb6b63d7aefcN.exe
.exe windows:4 windows x86 arch:x86

189ece517f5c2bf49b744da730a3a0d6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

LoadLibraryW
GetProcAddress
CreateFiber
GetVersionExA
RaiseException
SetThreadContext
InterlockedExchange
lstrlenW
GetThreadLocale
GetACP
GetLocaleInfoA
lstrlenA
EnumResourceNamesA
InitializeCriticalSection
FreeLibrary
DeleteCriticalSection
WideCharToMultiByte
SetThreadPriority
MultiByteToWideChar
lstrcmpiA
GetVersion
GetLastError

user32

CreateDialogParamA
PostThreadMessageA
PeekMessageA
DispatchMessageA
MsgWaitForMultipleObjects
ShowWindow
GetQueueStatus
ReleaseDC
RealGetWindowClassW
RegisterWindowMessageA
DestroyWindow
wsprintfA
GetDesktopWindow
GetDC
wvsprintfA

wininet

InternetReadFile
InternetCloseHandle
InternetOpenUrlA
InternetOpenA

advapi32

RegDeleteValueA
RegCreateKeyExA
RegEnumValueA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

setupapi

SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

Sections

.text
Size: 189KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

189ece517f5c2bf49b744da730a3a0d6

Headers

File Characteristics

Imports

kernel32

user32

wininet

advapi32

setupapi

Sections

.text Size: 189KB - Virtual size: 188KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 14KB - Virtual size: 14KB

.tls Size: 512B - Virtual size: 224KB

.text
Size: 189KB - Virtual size: 188KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 14KB - Virtual size: 14KB

.tls
Size: 512B - Virtual size: 224KB