a7d2335f5ae0c8d56b61a575f63d67adf75531b612f79159fe1ab188f6c95305N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

a7d2335f5ae0c8d56b61a575f63d67adf75531b612f79159fe1ab188f6c95305N.exe
Size

185KB
MD5

e755860f7cecd6e6d29b4d05a9d57850
SHA1

1c763d478a8e15dde9b14df33b572c1e8e73c6c3
SHA256

a7d2335f5ae0c8d56b61a575f63d67adf75531b612f79159fe1ab188f6c95305
SHA512

bc129288c4f80da85ca4617789717c713e761ed106e40d90420d88bb5f5a58d48221373e916bffd5dd8f50c26ce093cc21c20e036512066b9584a9e1aec30766
SSDEEP

3072:pLNmKrY2wW7KultckLEael5a00ciGS6725W8ZRfCdzvFVK6/U8WRG5OXc:x1rN37KYtc1Nl5aYMi20SCNvn/iRAO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a7d2335f5ae0c8d56b61a575f63d67adf75531b612f79159fe1ab188f6c95305N.exe

Files

a7d2335f5ae0c8d56b61a575f63d67adf75531b612f79159fe1ab188f6c95305N.exe
.exe windows:4 windows x86 arch:x86

710af98167fc3c9fdafb160e83217262

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

StgCreateDocfileOnILockBytes
CoGetClassObject
OleFlushClipboard
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemAlloc
CoTaskMemFree
CoRegisterMessageFilter
OleIsCurrentClipboard
CoInitialize
CoFreeUnusedLibraries
CoRevokeClassObject
CoUninitialize
CLSIDFromProgID
OleInitialize
CoCreateInstance
OleUninitialize
CLSIDFromString

gdi32

GetMapMode
PtVisible
TextOutW
ExtSelectClipRgn
RectVisible
SelectObject
ExtTextOutW
ScaleViewportExtEx
SetViewportOrgEx
DeleteDC
Escape
GetDeviceCaps
SetWindowExtEx
GetBkColor
GetStockObject
OffsetViewportOrgEx
ScaleWindowExtEx
GetTextColor
GetRgnBox

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

advapi32

RegEnumKeyExW
RegCreateKeyExW
RegQueryValueW
RegDeleteKeyW
RegSetValueExW
RegOpenKeyExW
RegCloseKey
RegQueryInfoKeyW
RegEnumKeyW
RegOpenKeyW
RegQueryValueExW

kernel32

InterlockedDecrement
SetFileTime
GetCalendarInfoW
FindFirstFileW
GetFileAttributesW
CreateFileW
lstrcpyW
SetFilePointer
GetThreadContext
GetCurrentDirectoryW
WideCharToMultiByte
FindClose
RemoveDirectoryW
LoadLibraryW
GetVersion
MultiByteToWideChar
GetSystemDefaultLangID
GetModuleFileNameW
SystemTimeToFileTime
EnumResourceNamesA
DeleteFileW
EnumResourceLanguagesW
ExitProcess
GetCurrentProcessId
CreateDirectoryW
ReadFile
FindNextFileW
LocalFileTimeToFileTime
WriteFile
GetLocaleInfoW
ConvertDefaultLocale
MoveFileW
GetProcAddress

shlwapi

PathFileExistsW
PathStripToRootW
PathRemoveFileSpecW
PathIsUNCW
PathFindExtensionW
PathFindFileNameW
PathAppendW

oleacc

LresultFromObject
CreateStdAccessibleObject

user32

SetPropW
RemovePropW
GetNextDlgTabItem
CopyAcceleratorTableW
GetClassLongW
CreateWindowExW
SendDlgItemMessageA
InvalidateRect
CharUpperW
CharNextW
RegisterWindowMessageW
GetNextDlgGroupItem
GetPropW
WinHelpW
IsRectEmpty
GetClassInfoExW
InvalidateRgn
SetRect
MessageBeep
DestroyMenu

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

710af98167fc3c9fdafb160e83217262

Headers

File Characteristics

Imports

ole32

gdi32

shell32

advapi32

kernel32

shlwapi

oleacc

user32

Sections

.text Size: 108KB - Virtual size: 107KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 72KB - Virtual size: 71KB

.edata Size: 1024B - Virtual size: 244KB

.text
Size: 108KB - Virtual size: 107KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 72KB - Virtual size: 71KB

.edata
Size: 1024B - Virtual size: 244KB