5a3f4ba13d3809f2e5201e8346317388ee058a3e09b144765e360a2528170c2eN[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

5a3f4ba13d3809f2e5201e8346317388ee058a3e09b144765e360a2528170c2eN.exe
Size

382KB
MD5

a3880921624612348de749f99812e8b0
SHA1

af8ce0ff8b693aaf2778ec7c91f09107004c9012
SHA256

5a3f4ba13d3809f2e5201e8346317388ee058a3e09b144765e360a2528170c2e
SHA512

9133e90b098b36b84904d9d26237162fe57ba947c6c942582380c5315d4cbf73b9a2a7b6da6b3220a63d0021b54a302dcbb45c50e70d387833a44469365c13d6
SSDEEP

6144:ZWXsbCcuRwIGTIekX0DdPohJI+80CHuoDSEiTGvZ8SHqQ5VWAPBV+UdvrEFp7hK7:4X13RwIGTIsohTOuoDSEEGvZ8SDPBjv9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a3f4ba13d3809f2e5201e8346317388ee058a3e09b144765e360a2528170c2eN.exe

Files

5a3f4ba13d3809f2e5201e8346317388ee058a3e09b144765e360a2528170c2eN.exe
.exe windows:4 windows x86 arch:x86

69142a2144af3dc6c5a012b75212b93f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvfw32

DrawDibDraw
MCIWndCreateA
DrawDibOpen
DrawDibClose

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

kernel32

GlobalAddAtomA
FileTimeToSystemTime
RaiseException
FileTimeToLocalFileTime
GlobalGetAtomNameA
HeapAlloc
GetModuleHandleA
RtlUnwind
HeapFree
TerminateProcess
HeapSize
GetStartupInfoA
GetCPInfo
GetACP
GetOEMCP
GetTimeZoneInformation
GetCommandLineA
ExitProcess
SetUnhandledExceptionFilter
HeapDestroy
HeapReAlloc
VirtualFree
VirtualAlloc
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetStdHandle
GetFileType
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
SetStdHandle
GetLocaleInfoA
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetDriveTypeA
_lopen
_llseek
_lclose
_lread
GlobalUnlock
GlobalFree
MulDiv
Sleep
lstrlenA
lstrcpyA
lstrcatA
UnmapViewOfFile
CloseHandle
CreateFileA
GetFileSize
CreateFileMappingA
MapViewOfFile
WritePrivateProfileStringA
SetErrorMode
GetFileTime
GetProcessVersion
GetFileAttributesA
SizeofResource
LocalReAlloc
GlobalFlags
TlsGetValue
GlobalReAlloc
TlsSetValue
EnterCriticalSection
GlobalHandle
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
TlsAlloc
LocalAlloc
GetCurrentThread
GlobalDeleteAtom
GetEnvironmentStrings
GetLastError
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
LoadLibraryA
GetProcAddress
FreeLibrary
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentProcess
DuplicateHandle
lstrcmpA
SetLastError
LocalFree
lstrcpynA
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
FindResourceA
LoadResource
LockResource
GetVersion
GetCurrentThreadId
GlobalAlloc
GlobalLock
GetSystemDirectoryA
GetPrivateProfileStringA
GetUserDefaultLangID
GetProfileStringA
lstrcmpiA
GetVersionExA
GetModuleFileNameA
WinExec
GetEnvironmentStringsW
SetHandleCount
HeapCreate

user32

CheckMenuItem
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
IntersectRect
ReleaseDC
GetDC
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
ShowOwnedPopups
SetCursor
CharUpperA
DestroyMenu
GetCursorPos
ValidateRect
TranslateMessage
GetMessageA
GetClassNameA
PtInRect
LoadCursorA
GetSysColorBrush
LoadStringA
WindowFromPoint
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
SetMenu
ReuseDDElParam
UnpackDDElParam
BringWindowToTop
IsDlgButtonChecked
SetDlgItemTextA
GetNextDlgTabItem
EndDialog
GetActiveWindow
CreateDialogIndirectParamA
PostMessageA
SendDlgItemMessageA
SystemParametersInfoA
MapWindowPoints
PeekMessageA
DispatchMessageA
GetFocus
SetActiveWindow
IsWindow
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
IsWindowVisible
SetMenuItemBitmaps
ModifyMenuA
SetScrollInfo
ShowScrollBar
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsWindowEnabled
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenuItemCount
GetSubMenu
GetMenu
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
SetPropA
UnhookWindowsHookEx
GetLastActivePopup
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetWindow
GetWindowLongA
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
GetParent
SetCapture
ReleaseCapture
IsIconic
DrawIcon
LoadImageA
SetForegroundWindow
FindWindowA
IsChild
GetSysColor
GetForegroundWindow
CopyRect
GetSystemMetrics
MoveWindow
ShowWindow
PostQuitMessage
GetDesktopWindow
ClientToScreen
LoadIconA
UpdateWindow
GetSystemMenu
EnableMenuItem
MessageBoxA
InvalidateRect
ScreenToClient
GetWindowRect
FrameRect
InflateRect
SetRectEmpty
SetRect
SendMessageA
EnableWindow
GetClientRect
OffsetRect
SetWindowTextA
IsDialogMessageA
ScrollWindow
DefWindowProcA
GetKeyState
GetMenuItemID
IsWindowUnicode
UnregisterClassA
ShowCaret
ExcludeUpdateRgn
CharNextA
DefDlgProcA
HideCaret
DrawFocusRect

gdi32

RealizePalette
GetDeviceCaps
CreateCompatibleDC
CreateFontA
BitBlt
CreatePalette
CreateHalftonePalette
CreateDIBitmap
GetDIBits
GetViewportOrgEx
LPtoDP
GetStockObject
GetTextExtentPointA
SetTextColor
SetBkColor
GetObjectA
CreateBitmap
PatBlt
ExtTextOutA
DeleteDC
SaveDC
RestoreDC
SelectObject
SetBkMode
SetStretchBltMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
StretchDIBits
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
IntersectClipRect
SelectPalette
PtVisible
RectVisible
Escape
TextOutA
CreateDIBSection
DeleteObject
CreateSolidBrush

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyA
RegSetValueExA
RegCloseKey

shell32

DragQueryFileA
DragFinish
ShellExecuteA

comctl32

ord17
ImageList_Destroy

Sections

.text
Size: 226KB - Virtual size: 225KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

69142a2144af3dc6c5a012b75212b93f

Headers

File Characteristics

Imports

msvfw32

version

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

Sections

.text Size: 226KB - Virtual size: 225KB

.rdata Size: 33KB - Virtual size: 32KB

.data Size: 23KB - Virtual size: 39KB

.idata Size: 8KB - Virtual size: 8KB

.rsrc Size: 14KB - Virtual size: 13KB

.text
Size: 226KB - Virtual size: 225KB

.rdata
Size: 33KB - Virtual size: 32KB

.data
Size: 23KB - Virtual size: 39KB

.idata
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 14KB - Virtual size: 13KB