1be08df5fad3959f56d0c47e78618ec463c7875953e773231fd56bd287e5fbcfN[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

1be08df5fad3959f56d0c47e78618ec463c7875953e773231fd56bd287e5fbcfN.exe
Size

352KB
MD5

331090c2d8a9818e6e32e8e94f8b2a00
SHA1

ba951018593d13e71578774ad3bee187169e8cd9
SHA256

1be08df5fad3959f56d0c47e78618ec463c7875953e773231fd56bd287e5fbcf
SHA512

7c9b3f51e8546eaa001c85b77abd302b59b9a0fa0819d16673ed17f8f87cfdd6808871b8fb452bd5421a57bbe84cff48dcd5f962d7dfaf48ac9fccce154aaa3b
SSDEEP

6144:h042z/mcLr2BY/EhCdcft75Fs06Yrj81jjOuuDlUBV+UdvrEFp7hK1D7:O42LhrfE64oBjvrEH7aX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1be08df5fad3959f56d0c47e78618ec463c7875953e773231fd56bd287e5fbcfN.exe

Files

1be08df5fad3959f56d0c47e78618ec463c7875953e773231fd56bd287e5fbcfN.exe
.dll windows:4 windows x86 arch:x86

0cdda5d1125f31a77da0991b5f37e059

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

comctl32

ord17

version

VerInstallFileA
VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

kernel32

AddAtomA
FreeLibrary
GlobalUnlock
GlobalLock
GlobalAlloc
LoadLibraryExA
GlobalFree
LockResource
LoadResource
FindResourceA
FindResourceExA
LoadLibraryA
lstrcmpA
lstrcpynA
GetFileSize
SetErrorMode
RemoveDirectoryA
SetFilePointer
WaitForSingleObject
CreateMutexA
ReleaseMutex
CopyFileA
FindClose
FindFirstFileA
SetFileAttributesA
GetVersion
MoveFileA
GetSystemDirectoryA
GetShortPathNameA
GetAtomNameA
WideCharToMultiByte
MapViewOfFile
CreateFileMappingA
SizeofResource
LeaveCriticalSection
EnterCriticalSection
SetFileTime
CreateProcessA
WritePrivateProfileStringA
CompareStringW
FreeResource
VirtualQuery
VirtualProtect
SearchPathA
SetEvent
ResetEvent
QueryPerformanceCounter
SystemTimeToFileTime
GetCurrentProcess
GetCurrentThread
GetCurrentProcessId
InitializeCriticalSection
DeleteCriticalSection
IsBadReadPtr
MoveFileExA
GetDiskFreeSpaceA
GetLastError
SetLastError
lstrcatA
GetSystemDefaultLangID
lstrlenA
lstrcmpiA
lstrcpyA
MultiByteToWideChar
GetPrivateProfileIntA
GetPrivateProfileStringA
GetModuleFileNameA
CreateDirectoryA
SetStdHandle
FlushFileBuffers
ReadFile
GetModuleHandleA
GetProcAddress
CreateEventA
Sleep
WriteFile
InterlockedIncrement
QueryPerformanceFrequency
InterlockedDecrement
GetTickCount
GetTempFileNameA
GetFileAttributesA
CreateFileA
GetWindowsDirectoryA
GetTempPathA
GetVersionExA
CloseHandle
DeleteFileA
LocalFileTimeToFileTime
CompareStringA
IsBadCodePtr
lstrlenW
DosDateTimeToFileTime
GlobalSize
FindNextFileA
UnmapViewOfFile
LCMapStringA
SetUnhandledExceptionFilter
LCMapStringW
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetStartupInfoA
GetFileType
FreeEnvironmentStringsA
SetHandleCount
HeapCreate
GetStdHandle
GetEnvironmentVariableA
HeapDestroy
VirtualAlloc
VirtualFree
IsBadWritePtr
TlsFree
TlsAlloc
TlsGetValue
GetCurrentThreadId
HeapSize
TlsSetValue
ExitProcess
RaiseException
TerminateProcess
HeapFree
HeapAlloc
GetCommandLineA
RtlUnwind
InterlockedExchange
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
GetStringTypeA
GetStringTypeW

user32

SetWindowLongA
DialogBoxIndirectParamA
SendMessageA
wsprintfA
MessageBoxA
GetDlgItem
DispatchMessageA
SendNotifyMessageA
ReleaseDC
GetDC
CreateDialogParamA
LoadImageA
SetWindowTextA
TranslateMessage
IsDialogMessageA
PeekMessageA
GetSysColor
IsWindow
LoadIconA
EndDialog
MoveWindow
SetDlgItemTextA
GetWindowRect
GetWindowLongA
IsWindowEnabled
EnableWindow
GetClientRect
SetForegroundWindow
CreateDialogIndirectParamA
DestroyWindow
SetActiveWindow
SetPropA
ShowWindow
DefWindowProcA
EnableMenuItem
GetPropA
CharNextA
GetMessageA
CreateWindowExA
GetDialogBaseUnits
GetClassNameA
PostMessageA
SetFocus
CallWindowProcA
GetParent
MsgWaitForMultipleObjects
CharLowerBuffA
GetSystemMetrics
GetWindow
SystemParametersInfoA
GetDlgItemTextA
MapWindowPoints
SetWindowPos
BeginPaint
IsDlgButtonChecked
CheckDlgButton
FillRect
EndPaint
LoadStringA
GetWindowTextA
ScreenToClient
SendDlgItemMessageA
GetDesktopWindow
GetWindowPlacement
CharLowerA
RemovePropA
GetWindowTextLengthA

gdi32

DeleteDC
SelectObject
RealizePalette
UnrealizeObject
CreateCompatibleDC
SelectPalette
GetDeviceCaps
CreateHalftonePalette
GetObjectA
GetSystemPaletteEntries
GetDIBColorTable
CreatePalette
DeleteObject
CreateSolidBrush
CreateFontIndirectA
GetTextExtentPointA
SetBkColor
TextOutA
SetTextColor
RestoreDC
SaveDC
SetBkMode
BitBlt

advapi32

RegOpenKeyA
RegCreateKeyA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegDeleteKeyA
RegSetValueExA
RegEnumKeyExA
AllocateAndInitializeSid
RegQueryValueA
FreeSid
EqualSid
OpenThreadToken
GetTokenInformation
OpenProcessToken

shell32

SHGetSpecialFolderLocation
SHBrowseForFolderA
SHGetMalloc
ShellExecuteExA
SHGetPathFromIDListA

ole32

CoUninitialize
ProgIDFromCLSID
CoLoadLibrary
CoCreateGuid
CoInitialize
StringFromGUID2
CoTaskMemFree

oleaut32

CreateErrorInfo
VariantChangeType
VariantCopy
LoadTypeLi
RegisterTypeLi
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetElement
SetErrorInfo
VariantClear
GetErrorInfo
SysAllocStringLen
SysAllocString
SysStringLen
SysFreeString

Exports

Exports

FindCorrectLauncher
Start
UseXPTheme

Sections

.text
Size: 152KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0cdda5d1125f31a77da0991b5f37e059

Headers

File Characteristics

Imports

comctl32

version

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 152KB - Virtual size: 148KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 24KB - Virtual size: 26KB

.rsrc Size: 64KB - Virtual size: 61KB

.reloc Size: 16KB - Virtual size: 12KB

.text
Size: 152KB - Virtual size: 148KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 24KB - Virtual size: 26KB

.rsrc
Size: 64KB - Virtual size: 61KB

.reloc
Size: 16KB - Virtual size: 12KB