8860a9bed353619eaf28f28eea95f3cfdefbb6eb25f2a557966703cf74678de7N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

8860a9bed353619eaf28f28eea95f3cfdefbb6eb25f2a557966703cf74678de7N.exe
Size

672KB
MD5

727235afc25234c92c82e99c05a9f0c8
SHA1

a200141f482b8d470e0a3c1a7638a74df9987920
SHA256

732f00a1a664ca6b7a3b19a4f533a32719c7f1d688e3175e6e5118e7cd829693
SHA512

94eda3f5ad431382d51d98af49bb8672d79d7996b6beeb2e9ab7e036b6784a513ca1ebb2b3db35cb591ffd7a667c9605cb0948996bba30253f597955ad377db9
SSDEEP

12288:97EFH9MS0eApw2fmB1zNDLRfm4yVjg6AI18R5kQSuOscoujeNR:97EIeewHNIAIiRmQ9ujeNR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8860a9bed353619eaf28f28eea95f3cfdefbb6eb25f2a557966703cf74678de7N.exe

Files

8860a9bed353619eaf28f28eea95f3cfdefbb6eb25f2a557966703cf74678de7N.exe
.dll windows:4 windows x86 arch:x86

314d67ddb90927de913d652fdcb7d72c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ReadFile
SetStdHandle
IsBadReadPtr
IsBadCodePtr
GetStringTypeW
GetOEMCP
SetEndOfFile
GetLocaleInfoW
Sleep
GetSystemInfo
GetSystemDirectoryA
GetTempPathA
VirtualProtectEx
GetFileAttributesA
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetVersionExA
GetStringTypeA
GetACP
CreateProcessA
CreateFileA
GetLocalTime
GetProcessHeap
LoadLibraryA
WaitForSingleObject
IsValidCodePage
DeviceIoControl
EnterCriticalSection
InitializeCriticalSection
InterlockedExchange
DeleteCriticalSection
LeaveCriticalSection
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
WideCharToMultiByte
RtlUnwind
RaiseException
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
HeapReAlloc
ExitProcess
LCMapStringA
LCMapStringW
GetCPInfo
TerminateProcess
GetCurrentProcess
HeapSize
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetLastError
CloseHandle
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetUnhandledExceptionFilter
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
SetFilePointer
FlushFileBuffers
VirtualAlloc
IsBadWritePtr
IsValidLocale

user32

GetDlgItemInt
GetScrollRange
SetCursor
InsertMenuItemA
SetDlgItemInt
LoadIconA
GetMessageA
CloseClipboard
EndDialog
OffsetRect

gdi32

SelectClipRgn
CreateRectRgn
GetPixel
PtVisible
CreateFontA
CreateCompatibleDC

ole32

CoTaskMemFree
CoUninitialize
CoRegisterClassObject
CoRegisterSurrogate
CoInitialize
CoTaskMemAlloc

advapi32

InitializeSecurityDescriptor
OpenThreadToken
OpenServiceA
OpenSCManagerA
LookupPrivilegeValueW
GetTokenInformation
DeleteService
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
AllocateAndInitializeSid
FreeSid
OpenProcessToken
StartServiceCtrlDispatcherA
QueryServiceStatus
RegEnumKeyA
RegSetValueExA
RegisterServiceCtrlHandlerA
SetEntriesInAclA
SetSecurityDescriptorDacl
SetServiceStatus
CreateServiceA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError
ChooseFontA
GetFileTitleA
ChooseColorA

comctl32

ord6
CreateToolbarEx
ImageList_Add
DestroyPropertySheetPage
ImageList_SetOverlayImage
PropertySheetA
ord17

Exports

Exports

Enginemoment

Sections

.text
Size: 440KB - Virtual size: 437KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 188KB - Virtual size: 9.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

314d67ddb90927de913d652fdcb7d72c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ole32

advapi32

comdlg32

comctl32

Exports

Exports

Sections

.text Size: 440KB - Virtual size: 437KB

.data Size: 188KB - Virtual size: 9.2MB

.rsrc Size: 4KB - Virtual size: 888B

.reloc Size: 36KB - Virtual size: 35KB

.text
Size: 440KB - Virtual size: 437KB

.data
Size: 188KB - Virtual size: 9.2MB

.rsrc
Size: 4KB - Virtual size: 888B

.reloc
Size: 36KB - Virtual size: 35KB