687dc051e2ad960e082f45be2dba03665ad9dd5dd4c692bcebc302629970d8b9[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

687dc051e2ad960e082f45be2dba03665ad9dd5dd4c692bcebc302629970d8b9.exe
Size

500KB
MD5

3c634914aa7e71e9aa64ef7b80046162
SHA1

9ee4437b7b48de4009e49e1dfcab6c9e1c72005f
SHA256

687dc051e2ad960e082f45be2dba03665ad9dd5dd4c692bcebc302629970d8b9
SHA512

7fc614efff737a6fbf91a369e30069f731de2030da6642f7e0195a6415820ed63d149309c9b59018d75073e9935059ce64db5ab5c6d93d75140ed026e9fb63f9
SSDEEP

6144:V2N8aCbpt5e3JVAfqX+2Rr+nxQDBO03fHEe+:w87z5mvAfLfaEB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
687dc051e2ad960e082f45be2dba03665ad9dd5dd4c692bcebc302629970d8b9.exe

Files

687dc051e2ad960e082f45be2dba03665ad9dd5dd4c692bcebc302629970d8b9.exe
.dll windows:4 windows x86 arch:x86

79104f3cccf87ce5b357c629421e05f5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
VirtualAlloc
VirtualProtect
GetProcAddress
GetUserDefaultUILanguage

ole32

OleInitialize
OleUninitialize
IsValidIid
CreateOleAdviseHolder
CoGetTreatAsClass
StgOpenStorage
OleCreateLink
StgIsStorageFile

version

GetFileVersionInfoW
VerInstallFileA
GetFileVersionInfoA
GetFileVersionInfoSizeW
VerFindFileW
VerInstallFileW

user32

VRipOutput
SwitchToThisWindow
wsprintfW
DdeNameService
FlashWindow
OpenWindowStationA
DialogBoxParamW

shell32

SHEnumerateUnreadMailAccountsW
ExtractAssociatedIconW
SHParseDisplayName
DragQueryFileAorW
SHLoadNonloadedIconOverlayIdentifiers
SHSetUnreadMailCountW

winspool.drv

StartDocDlgW
EnumPrintProcessorsW
SetPrinterA
DeletePrinterConnectionA
DocumentPropertiesA
FindClosePrinterChangeNotification
DevicePropertySheets
SetPrinterDataExA
SetJobA

comctl32

ImageList_BeginDrag
DSA_Create
FlatSB_SetScrollRange
CreateStatusWindowW
ImageList_Merge
ImageList_GetIcon
ImageList_GetImageCount
CreatePropertySheetPageA
ImageList_SetFilter
FlatSB_GetScrollRange
ImageList_GetBkColor

msimg32

DllInitialize
GradientFill
vSetDdrawflag
TransparentBlt
AlphaBlend

shlwapi

IntlStrEqWorkerW
PathFindNextComponentW
SHOpenRegStreamA
UrlHashA
PathStripPathW
SHAutoComplete
SHSetThreadRef
PathAppendW

winmm

joyGetNumDevs
waveOutUnprepareHeader
mciGetDeviceIDFromElementIDW
midiOutSetVolume
mciDriverNotify
mciGetErrorStringA
joyGetPos
mixerClose
mciGetDriverData
waveInGetID
mmioRenameA
midiStreamPause
aux32Message

gdiplus

GdipGetGenericFontFamilyMonospace
GdipDisposeImage
GdipGetPathWorldBounds
GdipDrawPath
GdipSetImageAttributesOutputChannel
GdipClosePathFigure

comdlg32

PrintDlgA
FindTextW
ReplaceTextW
FindTextA
LoadAlterBitmap
PrintDlgExW
GetFileTitleA
ChooseFontW

Exports

Exports

CreatePaint

Sections

.text
Size: 188KB - Virtual size: 187KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xbsl
Size: 296KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vgic
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

79104f3cccf87ce5b357c629421e05f5

Headers

File Characteristics

Imports

kernel32

ole32

version

user32

shell32

winspool.drv

comctl32

msimg32

shlwapi

winmm

gdiplus

comdlg32

Exports

Exports

Sections

.text Size: 188KB - Virtual size: 187KB

.data Size: 512B - Virtual size: 112B

.data Size: 2KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 3KB

.xbsl Size: 296KB - Virtual size: 296KB

.vgic Size: 8KB - Virtual size: 8KB

.text
Size: 188KB - Virtual size: 187KB

.data
Size: 512B - Virtual size: 112B

.data
Size: 2KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 3KB

.xbsl
Size: 296KB - Virtual size: 296KB

.vgic
Size: 8KB - Virtual size: 8KB