7de411c14bb32d2adf84a59c1209398d0c0d795bf8fb03c9a1a9296728e857c3N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

7de411c14bb32d2adf84a59c1209398d0c0d795bf8fb03c9a1a9296728e857c3N.exe
Size

219KB
MD5

ee4a448f62e3b4eb539470bb8db30f80
SHA1

0aa144eef458bd43c967732f8f67dc73385738e9
SHA256

7de411c14bb32d2adf84a59c1209398d0c0d795bf8fb03c9a1a9296728e857c3
SHA512

70454b2bde222391a2c5a72ac1071091b44f97135dc62cd873e06652f225b42df083fe1dc8586b0d391706239dff58156464d3977b798e20178f07959e51931c
SSDEEP

6144:7Vg4wCzG055qfOnOZOwoYEPemMfNLpe3k3sbag:OUG05sOn+Ow3uDMJY32ca

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7de411c14bb32d2adf84a59c1209398d0c0d795bf8fb03c9a1a9296728e857c3N.exe

Files

7de411c14bb32d2adf84a59c1209398d0c0d795bf8fb03c9a1a9296728e857c3N.exe
.dll windows:5 windows x86 arch:x86

69e5c435561941900b308f519cee7b76

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

S:\UlsshbQ\yiQgqav\xlXtu.pdb

Imports

shlwapi

PathFindExtensionA

gdi32

CreatePen
GetCurrentObject
CreateFontW
GetClipBox
Polyline

comctl32

ImageList_GetImageCount
CreatePropertySheetPageW
ImageList_LoadImageW
DestroyPropertySheetPage

kernel32

EnumResourceTypesA
GetCurrentProcess
GetCurrentProcessId
TlsFree
CancelWaitableTimer
IsBadReadPtr
LoadLibraryA
GetComputerNameA
lstrcatA

user32

DrawStateA
DialogBoxParamW
IsCharLowerW
IsWindowUnicode
GetPropW
SetRectEmpty
DeleteMenu
FillRect
DrawCaption
GetUserObjectInformationW
CreateWindowExW
ShowScrollBar

Exports

Exports

?JMKHZAGT_QQ_FBnm@@YGXD@Z
?HQQ_kd_FOB@@YGPADPAND@Z
?TRXTQopunWBglwV_E_Vz@@YGHPAKPAD@Z
?eqcqoI_PI_ULYSQ_HWTYfs@@YGXG@Z
?OPJ___VS_fqLRYVCGX@@YGPAKPAG@Z

Sections

.text
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 187B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA1
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA2
Size: 76KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

69e5c435561941900b308f519cee7b76

Headers

File Characteristics

PDB Paths

Imports

shlwapi

gdi32

comctl32

kernel32

user32

Exports

Exports

Sections

.text Size: 103KB - Virtual size: 103KB

.rdata Size: 512B - Virtual size: 187B

.data Size: 2KB - Virtual size: 2KB

DATA1 Size: 33KB - Virtual size: 33KB

DATA2 Size: 76KB - Virtual size: 240KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 103KB - Virtual size: 103KB

.rdata
Size: 512B - Virtual size: 187B

.data
Size: 2KB - Virtual size: 2KB

DATA1
Size: 33KB - Virtual size: 33KB

DATA2
Size: 76KB - Virtual size: 240KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 1KB - Virtual size: 1KB