0622ea76d4ec7989443630c6ea1c60c2236dab91f0e213e779524984cf16a4e8N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

0622ea76d4ec7989443630c6ea1c60c2236dab91f0e213e779524984cf16a4e8N.exe
Size

134KB
MD5

9a437de4ef00f395670628e3baa9df50
SHA1

0f7be408136c02ab30e65f20a86f817543d14f97
SHA256

0622ea76d4ec7989443630c6ea1c60c2236dab91f0e213e779524984cf16a4e8
SHA512

db4f619de8b6990a60a9db8dd9c74aed2a01bf0be79d6ae0d62ae4c24df0bcae31f3b8dd681a141ff12ab1d0bd70f5328989103920486e91855a692d3afc5336
SSDEEP

3072:iR/yGECL2aZwHj2saYDZSpiXL/0swl8scsNLPlVGdQIb3:e/cCL2aZwHXVDZxXL/4l5c8Ryb3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0622ea76d4ec7989443630c6ea1c60c2236dab91f0e213e779524984cf16a4e8N.exe

Files

0622ea76d4ec7989443630c6ea1c60c2236dab91f0e213e779524984cf16a4e8N.exe
.exe windows:4 windows x86 arch:x86

aeca4c08a929d5bb920f4add5902d68b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GrayStringW
GetClassInfoExW
PtInRect
GetClassInfoW
SetWindowPos
UnhookWindowsHookEx
ReleaseDC
GetTopWindow
CallWindowProcW
GetSystemMetrics
GetParent
SetPropW
DestroyWindow
GetSubMenu
LoadBitmapW
PeekMessageW
EnableMenuItem
GetMessageTime
GetMenuItemID
GetWindowRect
DrawTextW
ValidateRect
IsIconic
DestroyMenu
GetMenuItemCount
RemovePropW
GetCapture
GetMenuState
MessageBoxW
GetWindow
LoadCursorW
GetWindowTextW
GetDlgCtrlID
MapWindowPoints
DefWindowProcW
GetSysColorBrush
SetWindowLongW
GetWindowLongW
RegisterClassW
AdjustWindowRectEx
GetPropW
GetWindowPlacement
GetSysColor
EnableWindow
GetMessagePos
SendMessageW
GetKeyState
GetLastActivePopup
GetMenu
GetClassLongW
SetForegroundWindow
PostMessageW
IsWindowEnabled
TabbedTextOutW
CreateWindowExW
GetClassNameW
SetWindowTextW
WinHelpW
CheckMenuItem
DispatchMessageW
GetForegroundWindow
SystemParametersInfoA
GetDlgItem
SetMenuItemBitmaps
GetDC
DrawTextExW
GetClientRect
ClientToScreen
ModifyMenuW
CallNextHookEx
CopyRect
GetMenuCheckMarkDimensions
LoadIconW
GetFocus
UnregisterClassW
PostQuitMessage
SetWindowsHookExW
RegisterWindowMessageW

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

oleacc

CreateStdAccessibleObject
LresultFromObject

kernel32

QueryPerformanceCounter
GetCurrentThreadId
SetLastError
HeapFree
TlsGetValue
GlobalReAlloc
ExitProcess
HeapSize
GetSystemTimeAsFileTime
InterlockedExchange
FindResourceW
VirtualProtect
CopyFileA
GetModuleHandleW
InitializeCriticalSection
RtlUnwind
FormatMessageW
HeapReAlloc
GetModuleHandleA
InterlockedIncrement
GlobalAlloc
GetACP
TlsAlloc
ReadFile
MultiByteToWideChar
GetLocaleInfoA
FreeLibrary
DebugActiveProcess
MoveFileA
LocalReAlloc
CreateDirectoryW
LocalFree
TlsFree
VirtualAlloc
DeleteFileW
HeapCreate
GlobalUnlock
GlobalDeleteAtom
SetFileAttributesW
TerminateProcess
TlsSetValue
GlobalFree
SizeofResource
GetCurrentProcess
HeapAlloc
lstrcpynW
LocalAlloc
GlobalHandle
lstrcpyW
EnumResourceLanguagesA
FlushFileBuffers
VirtualQuery
LoadLibraryA
GlobalFindAtomW
GetVersionExW
HeapDestroy
GetVersion
WriteFile
GlobalLock
InterlockedDecrement
ExitProcess
CopyFileW
LeaveCriticalSection
RaiseException
GetLastError
CreateDirectoryA
SetFilePointer
lstrcatW
TlsGetValue
RemoveDirectoryW
GetTickCount
MoveFileW
LockResource
GetSystemInfo
EnterCriticalSection
DeleteFileA
DeleteCriticalSection
GlobalAddAtomW
GetStartupInfoW
WideCharToMultiByte
LoadResource
SetFileAttributesA
GetCurrentProcessId
GetThreadLocale
GetProcAddress
GlobalFlags
lstrcmpW
RemoveDirectoryA

gdi32

ExtTextOutW
GetDeviceCaps
TextOutW
DeleteObject
RectVisible
SelectObject
ScaleViewportExtEx
CreateBitmap
ScaleWindowExtEx
DeleteDC
PtVisible
SaveDC
SetViewportOrgEx
GetStockObject
GetClipBox
SetWindowExtEx
SetBkColor
Escape
OffsetViewportOrgEx
SetMapMode
RestoreDC
SetTextColor
SetViewportExtEx

ole32

CoInitialize
CoCreateInstance
CoUninitialize

shlwapi

PathIsDirectoryA
PathFileExistsW
PathIsDirectoryEmptyA
PathFileExistsA
PathAppendA
PathRemoveFileSpecA
PathFindFileNameW
PathAddBackslashW
PathCanonicalizeA
PathFindExtensionW
PathCanonicalizeW
PathIsDirectoryW
PathRemoveBackslashW
PathAddExtensionW
PathAppendW
StrStrW
PathFindExtensionA
PathFindFileNameA
PathRemoveFileSpecW
StrStrA
PathIsDirectoryEmptyW

Sections

.text
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 328KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aeca4c08a929d5bb920f4add5902d68b

Headers

File Characteristics

Imports

user32

winspool.drv

oleacc

kernel32

gdi32

ole32

shlwapi

Sections

.text Size: 104KB - Virtual size: 104KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 21KB - Virtual size: 21KB

.rsrc Size: 1024B - Virtual size: 328KB

.text
Size: 104KB - Virtual size: 104KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 21KB - Virtual size: 21KB

.rsrc
Size: 1024B - Virtual size: 328KB