a53ec090d41e2ce3181401cbf815302c07848f7cda7ed4a31eb64ce159137940[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

a53ec090d41e2ce3181401cbf815302c07848f7cda7ed4a31eb64ce159137940.exe
Size

168KB
MD5

354b0acf19b469bf28fb6ed0d67943a4
SHA1

342c4c422fe7105b0881b56f98b3d5c11d716009
SHA256

a53ec090d41e2ce3181401cbf815302c07848f7cda7ed4a31eb64ce159137940
SHA512

a37747a97ac8b015452b7e0e328854b43e1767116b344848705f1f60a67c1d8ab92b887836b74f814e81eb50ddc91b5c4777ac4b871dda79eb7d1b4a1c184ed3
SSDEEP

3072:R+//K1KJAR6KtqDSB8NojBOryOIy4IwiyO+//K1KJR3lW:GKkmVtqWB8NojgrvIy4RiypKkflW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a53ec090d41e2ce3181401cbf815302c07848f7cda7ed4a31eb64ce159137940.exe

Files

a53ec090d41e2ce3181401cbf815302c07848f7cda7ed4a31eb64ce159137940.exe
.exe windows:4 windows x86 arch:x86

4e8b54190cc0243720a8a33003af8cf5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

QueryServiceConfigA
GetExplicitEntriesFromAclW
OpenProcessToken
GetAuditedPermissionsFromAclA
ObjectDeleteAuditAlarmW
IsValidSid
GetKernelObjectSecurity
RegDeleteKeyA
GetTokenInformation
RegSetValueExW
CloseEventLog
ChangeServiceConfig2W
SetEntriesInAclW
OpenEventLogA
LogonUserA
GetUserNameA
LsaSetInformationPolicy
SetServiceStatus
BackupEventLogA
BuildExplicitAccessWithNameW
RegQueryMultipleValuesA
LsaAddAccountRights
MakeAbsoluteSD
MakeSelfRelativeSD
AllocateAndInitializeSid
LookupAccountNameW
ReportEventW
GetSecurityDescriptorSacl
AccessCheckAndAuditAlarmA
SetServiceObjectSecurity
GetTrusteeNameW
ImpersonateSelf
OpenServiceA
RegFlushKey
GetServiceKeyNameA
LsaDeleteTrustedDomain
ChangeServiceConfig2A

clusapi

SetClusterName
CloseCluster
ClusterGroupControl
OpenCluster
ClusterNetworkEnum
GetClusterNodeKey
ClusterNodeControl
CloseClusterNode

gdi32

CreatePatternBrush
GetFontLanguageInfo

user32

GetDC
CreateDialogParamA
GetClipboardViewer
CountClipboardFormats
GetWindowTextA
UnregisterHotKey
DrawCaption
DrawAnimatedRects
GetDialogBaseUnits

oleaut32

SafeArrayUnlock
SafeArrayUnaccessData
VarDateFromI2
QueryPathOfRegTypeLi
VarR4FromStr
VarCyFromUI2
LoadTypeLibEx
BstrFromVector

resutils

ResUtilGetProperty
ResUtilEnumPrivateProperties
ResUtilGetPrivateProperties
ResUtilFreeParameterBlock
ResUtilVerifyService
ResUtilSetSzValue
ResUtilVerifyPropertyTable
ResUtilResourcesEqual
ResUtilGetMultiSzProperty
ResUtilSetPropertyTable
ResUtilGetBinaryValue
ResUtilEnumResources
ResUtilPropertyListFromParameterBlock
ResUtilGetSzProperty
ResUtilStopService
ResUtilVerifyResourceService

setupapi

SetupDiDeleteDevRegKey
SetupInstallFromInfSectionW
SetupQueueCopySectionW
SetupDiCancelDriverInfoSearch
SetupPromptForDiskA
SetupRemoveInstallSectionFromDiskSpaceListW
SetupInstallServicesFromInfSectionW
SetupDiGetHwProfileFriendlyNameExA
SetupRemoveFileLogEntryW
SetupGetLineByIndexA
SetupDiGetDriverInstallParamsA
SetupDiClassGuidsFromNameA
SetupTermDefaultQueueCallback
SetupDiGetClassDevPropertySheetsW
SetupLogErrorA
SetupAddToSourceListW
SetupDiGetHwProfileListExA
SetupLogErrorW
SetupDiInstallDriverFiles
SetupDiSetClassInstallParamsW
SetupDiGetDeviceInterfaceDetailA
SetupQueueDeleteW
SetupDiSetDeviceRegistryPropertyW
SetupDiSetSelectedDriverA
SetupAdjustDiskSpaceListA
SetupDiLoadClassIcon
SetupCommitFileQueueA
SetupGetMultiSzFieldA
SetupCopyErrorA
SetupDiOpenDeviceInfoA
SetupDiGetActualSectionToInstallW
SetupDiEnumDeviceInfo
SetupGetInfInformationW
SetupDiChangeState
SetupOpenFileQueue
SetupDiCallClassInstaller
SetupInstallFromInfSectionA
SetupQueueRenameA
SetupScanFileQueueA
SetupDiGetClassInstallParamsA
SetupOpenAppendInfFileW
SetupGetFileCompressionInfoW
SetupDiGetClassImageListExW
SetupQueueDeleteSectionA
SetupLogFileW
SetupDiSetDeviceInstallParamsA
SetupDiGetDeviceInstallParamsW
SetupGetInfFileListA
SetupSetSourceListA
SetupCreateDiskSpaceListA
SetupGetLineCountA
SetupDiOpenDeviceInterfaceW
SetupPromptReboot
SetupQueryDrivesInDiskSpaceListW
SetupQueueDeleteA
SetupDiGetDeviceInterfaceAlias
SetupSetDirectoryIdW
SetupDiSelectBestCompatDrv
SetupDiRemoveDevice
SetupDiUnremoveDevice
SetupInstallFileExW
SetupDiSelectOEMDrv
SetupDefaultQueueCallbackA
SetupDiGetClassImageListExA
SetupDecompressOrCopyFileA
SetupDiCreateDevRegKeyA
SetupDiGetSelectedDevice
SetupGetSourceFileLocationA

comctl32

DrawStatusTextW
ImageList_GetDragImage
ord16
FlatSB_GetScrollProp
ImageList_DragEnter
ImageList_BeginDrag
ImageList_DragLeave
ImageList_Destroy
FlatSB_GetScrollRange
ImageList_SetOverlayImage
ImageList_Create

imm32

ImmGetIMEFileNameA

wininet

GopherFindFirstFileW
GopherGetAttributeA
HttpAddRequestHeadersW
InternetTimeToSystemTime
InternetGetConnectedState
InternetGetCookieA
InternetGetLastResponseInfoW
FtpRenameFileW
FtpRenameFileA
SetUrlCacheEntryInfoW
HttpEndRequestA
GopherOpenFileA
InternetCloseHandle
RetrieveUrlCacheEntryStreamA
InternetCheckConnectionA
FindFirstUrlCacheEntryA
GetUrlCacheEntryInfoExA
CommitUrlCacheEntryW
InternetQueryOptionA
InternetLockRequestFile
CommitUrlCacheEntryA
FtpFindFirstFileA
HttpOpenRequestA
CreateUrlCacheEntryW
InternetFindNextFileA
InternetWriteFile
RetrieveUrlCacheEntryFileA
InternetCrackUrlA
FindFirstUrlCacheEntryExW

shell32

SHBrowseForFolderA

urlmon

CoInternetCompareUrl
HlinkGoForward
CoInternetGetProtocolFlags
SetSoftwareUpdateAdvertisementState
CreateURLMoniker
URLOpenPullStreamW
FindMediaType
URLDownloadToCacheFileW

ole32

CoDisconnectObject
CoRevokeMallocSpy
CoCreateGuid
CoLockObjectExternal
OleQueryCreateFromData
OleMetafilePictFromIconAndLabel
StgOpenStorage
CoMarshalInterface
CoFreeAllLibraries

msvcrt

_controlfp
__set_app_type
__p__fmode
exit
_XcptFilter
_exit
__getmainargs
_adjust_fdiv
__setusermatherr
_acmdln
_initterm
__p__commode
_except_handler3

winmm

mciGetErrorStringA
timeBeginPeriod
waveInGetDevCapsA
mixerMessage

rasapi32

RasGetConnectStatusA
RasGetEntryDialParamsW

kernel32

GetConsoleOutputCP
GetStartupInfoA
GetCPInfo
GetModuleHandleA

comdlg32

FindTextA
PrintDlgA
ChooseFontA

Sections

.text
Size: 96KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdataw�
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4e8b54190cc0243720a8a33003af8cf5

Headers

File Characteristics

Imports

advapi32

clusapi

gdi32

user32

oleaut32

resutils

setupapi

comctl32

imm32

wininet

shell32

urlmon

ole32

msvcrt

winmm

rasapi32

kernel32

comdlg32

Sections

.text Size: 96KB - Virtual size: 92KB

.rdataw� Size: 8KB - Virtual size: 7KB

.data Size: 20KB - Virtual size: 113KB

.rsrc Size: 4KB - Virtual size: 968B

.text
Size: 96KB - Virtual size: 92KB

.rdataw�
Size: 8KB - Virtual size: 7KB

.data
Size: 20KB - Virtual size: 113KB

.rsrc
Size: 4KB - Virtual size: 968B