e45b1ec565f13b52d2a1e4336c86a5c08a6b67bc390d556aff76e1d358c75a0fN[.]exe

General

Target

e45b1ec565f13b52d2a1e4336c86a5c08a6b67bc390d556aff76e1d358c75a0fN.exe
Size

216KB
MD5

07063b42ab2c09c5d58c2489cb844870
SHA1

4ea6ed4e28a831a28c185aaae25f8f5cb6570b22
SHA256

e45b1ec565f13b52d2a1e4336c86a5c08a6b67bc390d556aff76e1d358c75a0f
SHA512

c50595779e97dbb8a6d97e5e424abe393ba54cdba6cafaf38f8514c56c1d703be7d79b025a5a90cc2e8e994165aa3f6f25cf82925de281055b3531d3ec5042c6
SSDEEP

3072:Zmrd+eMBRz0hQLBvBt0M1qCWzJP0ruTTBaClHpspom7ffrAmpx:Zmrd+eaKeLBf0dJ5TTBZbspom7bX3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e45b1ec565f13b52d2a1e4336c86a5c08a6b67bc390d556aff76e1d358c75a0fN.exe

Files

e45b1ec565f13b52d2a1e4336c86a5c08a6b67bc390d556aff76e1d358c75a0fN.exe
.exe windows:4 windows x86 arch:x86

985dd21d203841230bccb09e881584b1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
GetCurrentDirectoryW
LocalFree
HeapCreate
LoadLibraryExW
GetTickCount
LocalUnlock
GetTimeFormatW
GetCommandLineW
GetModuleHandleA
ResetEvent
GetSystemTime
Sleep
SetLastError
FindVolumeClose
lstrlenA
CloseHandle
GetComputerNameA
UnmapViewOfFile
CreateFileA

user32

GetDlgItem
CallWindowProcA
GetComboBoxInfo
IsWindow
DrawEdge
DispatchMessageA
SetFocus
CheckRadioButton
GetDC
DrawMenuBar
GetKeyState
CreateWindowExA
FillRect

cryptui

WizardFree
CryptUIDlgSelectCA
CryptUIDlgSelectStoreA
CryptUIDlgCertMgr
LocalEnroll

hdwwiz.cpl

AddHardwareWizard

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pjimviw
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 162KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

985dd21d203841230bccb09e881584b1

Headers

File Characteristics

Imports

kernel32

user32

cryptui

hdwwiz.cpl

Sections

.text Size: 6KB - Virtual size: 5KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 32KB - Virtual size: 33KB

pjimviw Size: - Virtual size: 4KB

.text Size: 162KB - Virtual size: 164KB

.text
Size: 6KB - Virtual size: 5KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 32KB - Virtual size: 33KB

pjimviw
Size: - Virtual size: 4KB

.text
Size: 162KB - Virtual size: 164KB