9fef54dc593e1862ce1dd208831e20bc72dcb54d71aa8cc93d9557c02a4d4350N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

9fef54dc593e1862ce1dd208831e20bc72dcb54d71aa8cc93d9557c02a4d4350N.exe
Size

100KB
MD5

9e21788877cf78df2cca7cb328378720
SHA1

36103523c7b4f24333b4d9d706b632070c81a0b1
SHA256

9fef54dc593e1862ce1dd208831e20bc72dcb54d71aa8cc93d9557c02a4d4350
SHA512

3d69b83edc61a63886cf1152d7a81700726cb16214b8e7a9b39d889cc0643d440a19fbdf20d24606d179a9e4a280a436f94f198f8113644f8bb6edbf5e77d4da
SSDEEP

1536:/bKnjgCfW76P5lnie/2IPRP/JbvUMydpQmCQ30Dq3bAYHAE/2WKi+xyTXU:zKnjIinz/ntpBgQRAmq3bAK+WKi+xEX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9fef54dc593e1862ce1dd208831e20bc72dcb54d71aa8cc93d9557c02a4d4350N.exe

Files

9fef54dc593e1862ce1dd208831e20bc72dcb54d71aa8cc93d9557c02a4d4350N.exe
.exe windows:5 windows x86 arch:x86

2b33387207e636ece477ad93d1f97f2d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadBitmapW
SystemParametersInfoW
MessageBoxW
SendDlgItemMessageW
LoadImageW
EnableWindow
WinHelpW
GetDC
LoadStringW
SetWindowLongW
DialogBoxParamW
LoadIconW
SetFocus
InsertMenuItemW
GetWindowLongW
SetCursor
GetDlgItemTextA
SetDlgItemTextW
SendMessageW
GetParent
SetWindowTextW
EndDialog
PostMessageW
GetDlgItem
ReleaseDC
RegisterClipboardFormatW
LoadCursorW
wsprintfW

kernel32

InterlockedIncrement
OutputDebugStringA
lstrlenW
GetSystemTimeAsFileTime
GetCurrentProcess
FileTimeToLocalFileTime
DeleteCriticalSection
LoadLibraryW
IsBadReadPtr
SetUnhandledExceptionFilter
GetSystemWindowsDirectoryW
GetComputerNameW
GetLastError
QueryPerformanceCounter
GetDateFormatW
GetModuleFileNameW
CloseHandle
OutputDebugStringW
LocalReAlloc
LocalFree
lstrcpyW
GetCPInfo
GetSystemDefaultLangID
GetEnvironmentStringsW
GetTickCount
InterlockedDecrement
RemoveDirectoryA
GetProcAddress
CreateFileW
GlobalFree
FormatMessageW
lstrcmpiW
GlobalAlloc
WideCharToMultiByte
InitializeCriticalSection
GlobalUnlock
GetModuleHandleA
GlobalLock
SetLastError
GetStartupInfoA
FileTimeToSystemTime

certcli

CACertTypeSetSecurity
CAFreeCertTypeExtensions
CACreateCertType
CAEnumCertTypes
CASetCertTypeKeySpec
CAFindCertTypeByName
CACertTypeGetSecurity
CAGetCertTypeFlags
CARemoveCACertificateType
CACloseCertType
CASetCertTypeExtension
CAEnumNextCertType
CAAddCACertificateType
CAEnumCertTypesForCA
CAGetCAProperty
CAFreeCertTypeProperty
CAGetCertTypeKeySpec
CAUpdateCA
CASetCertTypeProperty
CAFindByName
CAFreeCAProperty
CAUpdateCertType
CASetCertTypeFlags
CAGetCertTypeProperty
CAGetCertTypeExtensions
CAGetCertTypePropertyEx
CACloseCA

msvcrt

??3@YAXPAX@Z
?terminate@@YAXXZ
_wcsupr
malloc
wcsstr
__RTDynamicCast
wcsrchr
??1type_info@@UAE@XZ
wcscpy
wcscmp
wcscat
memmove
wcschr
free
_adjust_fdiv
mbstowcs
wcslen
_wcsicmp
__dllonexit
_except_handler3
_initterm
wcstoul
??2@YAPAXI@Z
_onexit
vswprintf

advapi32

RegEnumKeyExW
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegDeleteValueW
RegCloseKey
RegDeleteKeyW
RegSetValueExW

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2b33387207e636ece477ad93d1f97f2d

Headers

File Characteristics

Imports

user32

kernel32

certcli

msvcrt

advapi32

comctl32

Sections

.text Size: 46KB - Virtual size: 46KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 88KB

.rsrc Size: 23KB - Virtual size: 22KB

.text
Size: 46KB - Virtual size: 46KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 88KB

.rsrc
Size: 23KB - Virtual size: 22KB