6d9f9e320e0c1d0d4d4f9d750ee8acb24804bda85246572a2cbf47304721452aN[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

6d9f9e320e0c1d0d4d4f9d750ee8acb24804bda85246572a2cbf47304721452aN.exe
Size

174KB
MD5

f05841566fd46101e8ac0843bfe52af0
SHA1

82b433c81dd763598ba45a4d11feadc9b1d724ca
SHA256

6d9f9e320e0c1d0d4d4f9d750ee8acb24804bda85246572a2cbf47304721452a
SHA512

2a4309dbe9fd8d3613a5bbc9ce620f9333dfc801d8345e1d0ce07221fa43680b11e243b8b21d41f80dbbec3c77361425c9cb53909dfb523c1e74168f77d3337d
SSDEEP

3072:C22Azyo0VnGnAvTuXXwedA4Hk7iRnLQ9E594BeKLI8G:C2vQnG0iLA4fnLQ9k94

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6d9f9e320e0c1d0d4d4f9d750ee8acb24804bda85246572a2cbf47304721452aN.exe

Files

6d9f9e320e0c1d0d4d4f9d750ee8acb24804bda85246572a2cbf47304721452aN.exe
.exe windows:4 windows x86 arch:x86

8900a68f794a3bb20342aba1dfcab96e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathStripToRootW
PathIsUNCW
PathFindExtensionW
PathRemoveFileSpecW
PathFindFileNameW
PathFileExistsW
PathAppendW

user32

RegisterClassW
GetForegroundWindow
IsIconic
GetPropW
WinHelpW
LoadIconW
GetClientRect
SetForegroundWindow
GetNextDlgTabItem
GetClassInfoExW
EqualRect
SetPropW
CharUpperW
CharNextW
MapWindowPoints
GetMessagePos
IsWindow
CreateWindowExW
GetClassInfoW
GetNextDlgGroupItem
CallWindowProcW
IsRectEmpty
RemovePropW
GetClassLongW
OffsetRect
IntersectRect
SendDlgItemMessageA
GetMessageTime
DefWindowProcW
RegisterWindowMessageW
GetTopWindow
SetRect
UpdateWindow
GetMenu
SetActiveWindow
InvalidateRgn
InvalidateRect
AdjustWindowRectEx
IsChild
GetWindowPlacement
CopyAcceleratorTableW
MessageBeep
DestroyMenu

gdi32

ScaleWindowExtEx
GetBkColor
RestoreDC
ExtTextOutW
PtVisible
ExtSelectClipRgn
GetTextColor
SetViewportOrgEx
SaveDC
GetObjectW
GetViewportExtEx
GetWindowExtEx
SelectObject
OffsetViewportOrgEx
DeleteObject
GetDeviceCaps
ScaleViewportExtEx
DeleteDC
SetWindowExtEx
SetBkColor
RectVisible
GetRgnBox
TextOutW
Escape
SetTextColor
GetClipBox
CreateBitmap
GetStockObject
GetMapMode
SetViewportExtEx
SetMapMode
CreateRectRgnIndirect

ole32

CoCreateInstance
CreateILockBytesOnHGlobal
CoUninitialize
CoGetClassObject
CLSIDFromProgID
OleIsCurrentClipboard
CoRevokeClassObject
StgOpenStorageOnILockBytes
CoTaskMemAlloc
CoRegisterMessageFilter
StgCreateDocfileOnILockBytes
CoInitialize
CoTaskMemFree
OleFlushClipboard
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
CLSIDFromString

comdlg32

GetFileTitleW

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegEnumKeyW
RegQueryInfoKeyW
RegQueryValueW
RegCloseKey
RegEnumKeyExW
RegCreateKeyExW
RegDeleteKeyW
RegOpenKeyExW
RegOpenKeyW
RegSetValueExW
RegQueryValueExW

kernel32

GetModuleFileNameW
LocalFileTimeToFileTime
GetLocaleInfoW
GetCurrentProcessId
GetCalendarInfoW
lstrcmpiA
FindFirstFileW
DeleteFileW
GetCurrentDirectoryW
CreateMutexW
WideCharToMultiByte
FreeLibrary
GetThreadLocale
lstrcpyW
GetSystemDefaultLangID
InitializeCriticalSection
SetFileTime
GetThreadContext
DeleteCriticalSection
GetACP
InterlockedExchange
CreateDirectoryW
LockResource
CreateFileW
InterlockedDecrement
RaiseException
EnumResourceNamesA
GetVersion
WaitForSingleObject
VirtualFree
GetVersionExW
CloseHandle
GetLocaleInfoA
GetModuleHandleW
ExitProcess
WriteFile
MoveFileW
RemoveDirectoryW
LoadLibraryW
SystemTimeToFileTime
GetFileAttributesW
SetFilePointer
FindNextFileW
FindResourceW
FindClose
LoadResource
GetProcAddress
EnumResourceLanguagesW
ReleaseMutex
ConvertDefaultLocale
ReadFile
SizeofResource
MultiByteToWideChar
lstrcmpA

oledlg

OleUIBusyW

Sections

.text
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8900a68f794a3bb20342aba1dfcab96e

Headers

File Characteristics

Imports

shlwapi

user32

gdi32

ole32

comdlg32

shell32

winspool.drv

advapi32

kernel32

oledlg

Sections

.text Size: 96KB - Virtual size: 96KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 71KB - Virtual size: 70KB

.edata Size: 1024B - Virtual size: 92KB

.text
Size: 96KB - Virtual size: 96KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 71KB - Virtual size: 70KB

.edata
Size: 1024B - Virtual size: 92KB