f355a15832664c6936c094fe14285c53cae5cbdfe7c28042fb332dfc9f080063N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

f355a15832664c6936c094fe14285c53cae5cbdfe7c28042fb332dfc9f080063N.exe
Size

385KB
MD5

bc95da27d66bd5a623be7574fd6ddc40
SHA1

4c5a44f5c33e1d3f9b5518ea1dc07ae3118b1555
SHA256

f355a15832664c6936c094fe14285c53cae5cbdfe7c28042fb332dfc9f080063
SHA512

899096310c749e8ce2c52534dc6e98b1f3fc5784cfb24d452b6f6178d9704a5801e09559e4a4ff32a478f4454d47b289485103a51e1fb47553d29045d4b67c51
SSDEEP

6144:T1/hg3rmC3NEt5/cUe9FUFX5Yjjpn+uIGRzDPdfwJJEN:43rmC3NE//cUe9Fwi7B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f355a15832664c6936c094fe14285c53cae5cbdfe7c28042fb332dfc9f080063N.exe

Files

f355a15832664c6936c094fe14285c53cae5cbdfe7c28042fb332dfc9f080063N.exe
.exe windows:5 windows x86 arch:x86

87ac2910ac7213a6158875085b2e1bd8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_SYSTEM

Imports

kernel32

IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
LeaveCriticalSection
EnterCriticalSection
GetConsoleMode
GetConsoleCP
SetFilePointer
HeapSize
Sleep
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapReAlloc
SetStdHandle
WriteConsoleW
LCMapStringW
GetStringTypeW
CreateFileW
CloseHandle
FlushFileBuffers
GetModuleFileNameW
ExitProcess
GetModuleFileNameA
GetModuleHandleA
LockResource
SetLastError
GetLastError
HeapCreate
SizeofResource
GetVolumeInformationA
GetCurrentThreadId
InterlockedIncrement
TlsFree
GetStdHandle
WriteFile
GetModuleHandleW
GetProcAddress
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
DecodePointer
TlsSetValue
EncodePointer
IsBadReadPtr
GetCurrentProcess
TlsGetValue
TlsAlloc
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
InterlockedDecrement
HeapAlloc
LoadResource
FindResourceA
LoadLibraryW
SetHandleCount
GetEnvironmentStringsW
MultiByteToWideChar
WideCharToMultiByte
LocalFree
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RaiseException
HeapFree
RtlUnwind
FreeEnvironmentStringsW

user32

MoveWindow
SetDlgItemTextA
GetDlgItemTextA
LoadCursorA
EndPaint
DestroyWindow
CloseClipboard
GetWindowRect
PostQuitMessage
CopyImage
GetFocus
LoadBitmapA
IsClipboardFormatAvailable
LoadIconA
wsprintfA
GetClientRect
SetFocus
SendMessageA
RegisterWindowMessageA
BeginPaint
GetDC
MessageBoxA
CreateWindowExA
ReleaseDC
EnableMenuItem
EmptyClipboard
GetDlgItem
EndDialog
DefWindowProcA
GetSysColor
CreateDialogParamW
ShowScrollBar
OpenClipboard
SetWindowTextA
SetClipboardData

gdi32

MoveToEx
PatBlt
LineTo
SetTextColor
DeleteDC
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
Rectangle
CreatePen
GetStockObject
CreateSolidBrush
EnumFontsA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

advapi32

OpenProcessToken
GetSecurityDescriptorControl
InitializeSecurityDescriptor
InitializeAcl
AllocateAndInitializeSid
IsValidSecurityDescriptor

ole32

CoInitialize
CoCreateInstance

oleaut32

SafeArrayGetUBound
SysFreeString
VariantChangeType
SafeArrayGetDim
VariantInit
VariantCopy
VariantClear
SafeArrayGetLBound
SysAllocString

userenv

CreateEnvironmentBlock

avicap32

capCreateCaptureWindowA

iphlpapi

IcmpCloseHandle
IcmpCreateFile

shlwapi

PathFindFileNameA
PathAppendA
PathRemoveFileSpecA
PathFileExistsA

comctl32

ImageList_Create
ord17

activeds

ord3

rpcrt4

UuidCreateSequential

Sections

.text
Size: 182KB - Virtual size: 181KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

87ac2910ac7213a6158875085b2e1bd8

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

oleaut32

userenv

avicap32

iphlpapi

shlwapi

comctl32

activeds

rpcrt4

Sections

.text Size: 182KB - Virtual size: 181KB

.rdata Size: 72KB - Virtual size: 71KB

.data Size: 10KB - Virtual size: 17KB

.rsrc Size: 120KB - Virtual size: 120KB

.text
Size: 182KB - Virtual size: 181KB

.rdata
Size: 72KB - Virtual size: 71KB

.data
Size: 10KB - Virtual size: 17KB

.rsrc
Size: 120KB - Virtual size: 120KB