76c7ac6e39553fe1143d39d648b1ac4f9783805e59ade5c0e2ca155af3905d72N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

76c7ac6e39553fe1143d39d648b1ac4f9783805e59ade5c0e2ca155af3905d72N.exe
Size

179KB
MD5

c798c1b9cba4ffcd33671c47941ea9f0
SHA1

82c5fe85508987cfd549bbc668c51a0c9ddd829c
SHA256

76c7ac6e39553fe1143d39d648b1ac4f9783805e59ade5c0e2ca155af3905d72
SHA512

3deb22f84c56c1200c76e0fe94adc609ae1d8c2912b0e0971a57cad02beba87cc2ed1ba2be2afcffc5e4c043ea08be7dae70b958f811ba22f9f12fa198f11fe6
SSDEEP

3072:L8svOQUkW/hGG03dj2bLYZurqqMR96F0AXNErDCHC1u815Se6gFprk:L/vOQfSGG0xeYZufMR9ATNEb1l5Syr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
76c7ac6e39553fe1143d39d648b1ac4f9783805e59ade5c0e2ca155af3905d72N.exe

Files

76c7ac6e39553fe1143d39d648b1ac4f9783805e59ade5c0e2ca155af3905d72N.exe
.exe windows:4 windows x86 arch:x86

b20e24b4c945a7f8c29fa1fa0436fae4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

newdev

UpdateDriverForPlugAndPlayDevicesW

shell32

SHGetFolderPathW

kernel32

HeapFree
CompareStringA
LCMapStringA
GetConsoleOutputCP
CompareStringW
WriteFile
HeapSize
LeaveCriticalSection
GetCurrentProcess
EnterCriticalSection
VirtualFree
SetStdHandle
RaiseException
TerminateProcess
IsDebuggerPresent
GetStringTypeW
LCMapStringW
ReadFile
GetSystemTimeAsFileTime
GetDateFormatA
SetFilePointer
GetCurrentProcessId
RtlUnwind
EnumResourceTypesA
QueryPerformanceCounter
GetACP
VirtualAlloc
WriteConsoleA
MultiByteToWideChar
HeapDestroy
LoadLibraryA
CreateNamedPipeW
UnhandledExceptionFilter
HeapCreate
GetTimeZoneInformation
IsValidCodePage
GetTimeFormatA
GetOEMCP
InitializeCriticalSection
HeapReAlloc
SetEnvironmentVariableA
SetEndOfFile
GetLocaleInfoA
GetCPInfo
GetTickCount
SetUnhandledExceptionFilter
FreeLibrary
GetStringTypeA

advapi32

LookupPrivilegeDisplayNameA
FreeInheritedFromArray
SetEntriesInAclW
LookupAccountSidW
EqualSid
SetSecurityInfo
OpenSCManagerW
GetAce
LookupPrivilegeValueA
GetInheritanceSourceW
SetEntriesInAclA
RegDeleteKeyW
QueryServiceStatus
RegRestoreKeyW
ChangeServiceConfig2W
CloseServiceHandle
LockServiceDatabase
RegQueryValueExW
RegCloseKey
RegEnumKeyExW
GetNamedSecurityInfoW
GetSecurityInfo
LookupPrivilegeNameA
CreateServiceW
OpenProcessToken
AllocateAndInitializeSid
RegOpenKeyExW
EnumDependentServicesW
ChangeServiceConfigW
StartServiceA
IsValidSecurityDescriptor
QueryServiceLockStatusW
InitializeSecurityDescriptor
AddAce
IsValidAcl
SetNamedSecurityInfoW
RegCreateKeyExW
FreeSid
GetSecurityDescriptorControl
GetTokenInformation
RegDeleteValueW
DeleteService
OpenServiceW
RegGetKeySecurity
SetSecurityDescriptorDacl
RegSetValueExW
UnlockServiceDatabase
ControlService
AdjustTokenPrivileges
InitializeAcl
GetAclInformation
QueryServiceConfigW
RegSaveKeyW
RegEnumValueW

oleacc

LresultFromObject
AccessibleObjectFromPoint

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b20e24b4c945a7f8c29fa1fa0436fae4

Headers

File Characteristics

Imports

mprapi

newdev

shell32

kernel32

advapi32

oleacc

Sections

.text Size: 64KB - Virtual size: 63KB

.rdata Size: 3KB - Virtual size: 151KB

.data Size: 110KB - Virtual size: 109KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 64KB - Virtual size: 63KB

.rdata
Size: 3KB - Virtual size: 151KB

.data
Size: 110KB - Virtual size: 109KB

.rsrc
Size: 512B - Virtual size: 4KB