dc56303eaeb0f8c9e00bff033a5cf9e154cc9b04ad155731d65eab8f3dee7e33N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

dc56303eaeb0f8c9e00bff033a5cf9e154cc9b04ad155731d65eab8f3dee7e33N.exe
Size

1.4MB
MD5

71a4f24f6a85a19d3bce8062e2d67f50
SHA1

182cacf3cb760494b48b4301623260d70a50b570
SHA256

dc56303eaeb0f8c9e00bff033a5cf9e154cc9b04ad155731d65eab8f3dee7e33
SHA512

3a195e8b29ab3b9a51be79b5fe4ba451975b84aeaf9e0c96a485b7782383aff31363c83af822586f96d21ed178a73ad14058e103cfe2aeb760202923399b4abc
SSDEEP

24576:NjWvuK6VGQVOpu2LBOuJW125OLfjOVuOpwDLriIQUOcm8s:Nu6aHBhJW12szK07LWIQa3s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dc56303eaeb0f8c9e00bff033a5cf9e154cc9b04ad155731d65eab8f3dee7e33N.exe

Files

dc56303eaeb0f8c9e00bff033a5cf9e154cc9b04ad155731d65eab8f3dee7e33N.exe
.exe windows:4 windows x86 arch:x86

3dea59dd90718ec4ca596d47a61fdbb2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA
GetWindowsDirectoryA
VirtualFree
VirtualAlloc
GetDiskFreeSpaceA
FileTimeToSystemTime
SystemTimeToFileTime
GetTickCount
SetThreadAffinityMask
GetSystemInfo
GetSystemDefaultLangID
CreateDirectoryA
RemoveDirectoryA
ExitThread
MoveFileA
DeleteFileA
SetFileAttributesA
CreateThread
OpenMutexA
GetExitCodeProcess
CreateProcessA
GetExitCodeThread
GlobalMemoryStatus
CopyFileA
GlobalMemoryStatusEx
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
ReleaseMutex
GetLastError
CreateMutexA
SetWaitableTimer
CreateWaitableTimerA
lstrlenA
TerminateThread
lstrcpyA
GetCurrentDirectoryA
QueryPerformanceFrequency
QueryPerformanceCounter
GetThreadPriority
MulDiv
FreeLibrary
ReleaseSemaphore
CreateSemaphoreA
FindNextFileA
OpenProcess
SetStdHandle
LoadLibraryA
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
IsBadWritePtr
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
LCMapStringW
LCMapStringA
WideCharToMultiByte
GetOEMCP
GetACP
GetCPInfo
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapSize
GetCurrentProcess
TerminateProcess
TlsGetValue
SetLastError
TlsAlloc
HeapReAlloc
HeapAlloc
HeapFree
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetCurrentThreadId
RaiseException
TlsSetValue
ResumeThread
RtlUnwind
WaitForMultipleObjects
FindClose
GetLocalTime
SetCurrentDirectoryA
GetLogicalDriveStringsA
FlushFileBuffers
FindFirstFileA
GetFileAttributesA
DeviceIoControl
SetErrorMode
GetVolumeInformationA
GetDriveTypeA
GetModuleFileNameA
GetDevicePowerState
GetSystemTime
MultiByteToWideChar
ResetEvent
WaitForSingleObjectEx
GetCurrentThread
InitializeCriticalSection
SetThreadIdealProcessor
InterlockedDecrement
InterlockedIncrement
GlobalAlloc
GlobalLock
GlobalUnlock
WinExec
GetComputerNameA
GetVersionExA
SetFileTime
GetFileTime
GetFileSize
SetFilePointer
WriteFile
ReadFile
CreateFileA
CreateEventA
SetThreadPriority
WaitForSingleObject
CloseHandle
SetEvent
Sleep
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection

user32

RegisterHotKey
RegisterWindowMessageA
GetQueueStatus
PostThreadMessageA
KillTimer
SetTimer
ReleaseDC
GetDC
UnregisterHotKey
GetForegroundWindow
CreateWindowExA
SendMessageA
ShowWindow
MoveWindow
GetWindowRect
SetWindowTextA
GetAsyncKeyState
SetCursor
GetSystemMenu
EnableMenuItem
SetActiveWindow
DefWindowProcA
PostMessageA
EndPaint
BeginPaint
RedrawWindow
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
IsWindow
MessageBoxA
SetRect
CallWindowProcA
GetWindowTextLengthA
EndDialog
SetFocus
SetDlgItemTextA
SendDlgItemMessageA
SetWindowLongA
GetDlgItem
GetDlgItemTextA
DialogBoxParamA
GetWindowTextA
FillRect
InvalidateRect
SystemParametersInfoA
PostQuitMessage
GetWindowLongA
PeekMessageA
TranslateMessage
DispatchMessageA
MsgWaitForMultipleObjects
GetMessageA
ShowCursor
SwapMouseButton
SetCursorPos
FindWindowA
BringWindowToTop
SetForegroundWindow
GetKeyboardState
IsIconic
CloseWindow
EnableWindow
IsDlgButtonChecked
WaitForInputIdle
EnumDisplayMonitors
GetCursorPos
LoadIconA
LoadCursorA
RegisterClassExA
GetWindowPlacement
GetWindowThreadProcessId
wsprintfA
DestroyWindow
UpdateWindow
GetSystemMetrics
GetClientRect
SetWindowPos

gdi32

SetBrushOrgEx
StretchDIBits
GetStockObject
CreatePalette
SetBkMode
SetStretchBltMode
SelectPalette
TextOutA
TextOutW
GetGlyphOutlineA
GetTextMetricsA
CreateCompatibleDC
CreateDIBSection
GetObjectA
GetOutlineTextMetricsA
SelectObject
DeleteObject
DeleteDC
EnumFontFamiliesExA
SelectClipRgn
CreateRectRgnIndirect
AddFontResourceA
AddFontMemResourceEx
RemoveFontMemResourceEx
RemoveFontResourceA
SetTextColor
CreateFontA

comdlg32

GetSaveFileNameA
GetOpenFileNameA

advapi32

RegSetValueExA
RevertToSelf
OpenProcessToken
DuplicateTokenEx
ImpersonateLoggedOnUser
GetUserNameA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA

shell32

SHChangeNotify
ShellExecuteA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetMalloc
DragAcceptFiles
DragFinish
DragQueryFileA
SHGetFolderPathA
SHBrowseForFolderA

ole32

CoCreateInstance
CoFreeUnusedLibraries
CoTaskMemAlloc
CoUninitialize
CoInitialize
OleDraw
CoTaskMemFree

d3d9

Direct3DCreate9

dinput8

DirectInput8Create

winmm

timeBeginPeriod
timeGetDevCaps
PlaySoundA
mciSendCommandA
timeSetEvent
timeGetTime
timeKillEvent
timeEndPeriod

imm32

ImmGetDefaultIMEWnd

atl

ord41

wininet

InternetCloseHandle
InternetAttemptConnect
InternetOpenUrlA
InternetSetFilePointer
InternetReadFile
InternetQueryDataAvailable
InternetOpenA

gdiplus

GdipGetImagePixelFormat
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipGetImageWidth
GdiplusShutdown
GdipCreateBitmapFromFile
GdipAlloc
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipSaveImageToFile
GdipGetImageHeight
GdiplusStartup
GdipDisposeImage
GdipFree
GdipCloneImage
GdipCreateBitmapFromGdiDib

dsound

ord11

Exports

Exports

??4SThreadParam@@QAEAAU0@ABU0@@Z

Sections

.text
Size: 716KB - Virtual size: 713KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 80KB - Virtual size: 922KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 632KB - Virtual size: 632KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3dea59dd90718ec4ca596d47a61fdbb2

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

d3d9

dinput8

winmm

imm32

atl

wininet

gdiplus

dsound

Exports

Exports

Sections

.text Size: 716KB - Virtual size: 713KB

.rdata Size: 40KB - Virtual size: 38KB

.data Size: 80KB - Virtual size: 922KB

.rsrc Size: 632KB - Virtual size: 632KB

.text
Size: 716KB - Virtual size: 713KB

.rdata
Size: 40KB - Virtual size: 38KB

.data
Size: 80KB - Virtual size: 922KB

.rsrc
Size: 632KB - Virtual size: 632KB