41fd6ffbe53c51610985c9850dcf63230ca5f4e7ebd6ad6c4b3ae4bfd16f6498N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

41fd6ffbe53c51610985c9850dcf63230ca5f4e7ebd6ad6c4b3ae4bfd16f6498N.exe
Size

101KB
MD5

cf4a8bf7f1f809cb26ebc3bbe6c60780
SHA1

40e20dce0fbfc4f5b52f61dd44c385d43ee3db1c
SHA256

41fd6ffbe53c51610985c9850dcf63230ca5f4e7ebd6ad6c4b3ae4bfd16f6498
SHA512

6cd472da96508e2390c44987a80e5f09de1f648b31059dc3da7168da48dc161918e2b2b2a5c518f9b3365ac932fd822ed9cafdc20a9aa1fdcd3ab211b0dc71c1
SSDEEP

1536:C5f1opAvOle4SrlItkMVU9IH0+SIiSdF2drleCuTJgaK:CZ1oGvL4wItPU9IH09IL2dYCuFga

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41fd6ffbe53c51610985c9850dcf63230ca5f4e7ebd6ad6c4b3ae4bfd16f6498N.exe

Files

41fd6ffbe53c51610985c9850dcf63230ca5f4e7ebd6ad6c4b3ae4bfd16f6498N.exe
.exe windows:5 windows x86 arch:x86

cc1af6a7c784eaa9c6e28cd578b769ad

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

certcli

CAFindCertTypeByName
CASetCertTypeFlags
CAEnumNextCertType
CAUpdateCA
CAGetCAProperty
CAGetCertTypeExtensions
CACloseCertType
CASetCertTypeKeySpec
CAEnumCertTypes
CAFreeCertTypeExtensions
CACertTypeSetSecurity
CAAddCACertificateType
CAGetCertTypeProperty
CASetCertTypeProperty
CASetCertTypeExtension
CARemoveCACertificateType
CAFreeCAProperty
CAEnumCertTypesForCA
CAUpdateCertType
CACertTypeGetSecurity
CAFreeCertTypeProperty
CAFindByName
CAGetCertTypeFlags
CACreateCertType
CACloseCA
CAGetCertTypePropertyEx
CAGetCertTypeKeySpec

kernel32

GetModuleFileNameW
SetLastError
GetSystemWindowsDirectoryW
LocalFree
QueryPerformanceCounter
GlobalUnlock
InterlockedIncrement
GetTickCount
LoadLibraryW
InterlockedDecrement
DeleteCriticalSection
GetACP
GetComputerNameW
lstrcpyW
OutputDebugStringW
GetStartupInfoA
GetModuleHandleA
WideCharToMultiByte
GlobalFree
FileTimeToLocalFileTime
CloseHandle
GlobalAlloc
OutputDebugStringA
GetSystemTimeAsFileTime
lstrlenW
IsBadReadPtr
GetSystemDefaultLangID
InitializeCriticalSection
FormatMessageW
lstrcmpiW
SetUnhandledExceptionFilter
GetLastError
LocalReAlloc
GetEnvironmentStringsW
CreateFileW
RemoveDirectoryA
GlobalLock
GetDateFormatW
FileTimeToSystemTime
GetCurrentProcess

msvcrt

?terminate@@YAXXZ
__dllonexit
_adjust_fdiv
wcscmp
wcslen
??1type_info@@UAE@XZ
wcscpy
_except_handler3
_onexit
wcsrchr
_initterm
wcsstr
__RTDynamicCast
wcstoul
_wcsicmp
vswprintf
??2@YAPAXI@Z
_purecall
wcscat
free
mbstowcs
wcschr
_wcsupr
malloc
memmove
??3@YAXPAX@Z

user32

EnableWindow
WinHelpW
GetDlgItem
SendDlgItemMessageW
GetParent
ReleaseDC
LoadImageW
LoadBitmapW
LoadIconW
InsertMenuItemW
LoadCursorW
SetWindowTextW
DialogBoxParamW
SetFocus
SendMessageW
EndDialog
SetWindowLongW
MessageBoxW
SetCursor
wsprintfW
SetDlgItemTextW
GetWindowLongW
RegisterClipboardFormatW
LoadStringW
PostMessageW
GetDlgItemTextA
GetDC
SystemParametersInfoW

advapi32

RegOpenKeyExW
RegDeleteKeyW
RegEnumKeyExW
RegCloseKey
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW
RegQueryValueExW

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cc1af6a7c784eaa9c6e28cd578b769ad

Headers

File Characteristics

Imports

certcli

kernel32

msvcrt

user32

advapi32

comctl32

Sections

.text Size: 47KB - Virtual size: 47KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 120KB

.rsrc Size: 23KB - Virtual size: 22KB

.text
Size: 47KB - Virtual size: 47KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 120KB

.rsrc
Size: 23KB - Virtual size: 22KB