6f3103f74f861b0c3b334809324da14ff816e5b45b719e292211da1cdf15d2daN[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

6f3103f74f861b0c3b334809324da14ff816e5b45b719e292211da1cdf15d2daN.exe
Size

1.1MB
MD5

bee6fb1a8420b927f5246a3c37cc9a30
SHA1

16875b576cc53786a58511f680f26501454f2df7
SHA256

6f3103f74f861b0c3b334809324da14ff816e5b45b719e292211da1cdf15d2da
SHA512

6bdf7029dba1aad0b408a9babc49271935791bf4e46e46f7dd7bc2ebbbed7a5866a361739050a71525b837307e582847861d7f49e319983501df1557d9e16086
SSDEEP

24576:y0DWJipllr/87vToQadXAhfupPEQM8Cv8Cm4oYhlKrEH7k:N/XGfupPPC0CposY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6f3103f74f861b0c3b334809324da14ff816e5b45b719e292211da1cdf15d2daN.exe

Files

6f3103f74f861b0c3b334809324da14ff816e5b45b719e292211da1cdf15d2daN.exe
.dll windows:5 windows x86 arch:x86

1c627c61009004060ceb00ad3f21728e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\workspace\visual\crypto_c_5.4\build\ms\Release\inicrypto_v5.4.1.pdb

Imports

ws2_32

WSAStartup

kernel32

GetCurrentProcess
WideCharToMultiByte
LoadLibraryW
MultiByteToWideChar
GetProcAddress
GetVersion
GetCurrentProcessId
DisableThreadLibraryCalls
MapViewOfFile
UnmapViewOfFile
FreeLibrary
HeapAlloc
QueryPerformanceCounter
HeapFree
GetTickCount
GetCurrentThread
GetProcessHeap
CloseHandle
OpenProcess
Sleep
GetSystemPowerStatus
GetLocalTime
OpenFileMappingW
GetCurrentThreadId
CreateMutexA
GetVersionExW
SetEndOfFile
HeapSize
ReleaseMutex
WaitForSingleObject
FlushFileBuffers
GetProcessTimes
TlsSetValue
GetSystemTimeAsFileTime
GetLastError
HeapReAlloc
GetCommandLineA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
TlsGetValue
TlsAlloc
GetModuleHandleA
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
HeapCreate
HeapDestroy
VirtualFree
DeleteCriticalSection
VirtualAlloc
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
RtlUnwind
ReadFile
GetConsoleCP
GetConsoleMode
SetHandleCount
GetFileType
GetStartupInfoA
SetFilePointer
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
LoadLibraryA
CreateFileA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW

user32

GetClipboardViewer
GetForegroundWindow
GetCursorPos
GetDesktopWindow

advapi32

CryptReleaseContext

ole32

CoCreateGuid

iphlpapi

GetUdpStatistics
GetIpStatistics
GetTcpStatistics

Exports

Exports

ISC_Add_BIGINT
ISC_Add_BIGINT_Word
ISC_Add_EMSA_PKCS1_v1_5_Encode
ISC_Add_RSASSA_PKCS1_PSS_Encode
ISC_BIGINT_To_Binary
ISC_BIGINT_To_Binary_Unsigned
ISC_BIGINT_To_DEC
ISC_BIGINT_To_HEX
ISC_BLOCK_CIPHER
ISC_BLOCK_CIPHER_MAC
ISC_Binary_To_BIGINT
ISC_CBC_MAC
ISC_Calloc
ISC_Change_Non_Proven_Mode
ISC_Check_EMSA_PKCS1_v1_5_Encode
ISC_Check_RSASSA_PKCS1_PSS_Encode
ISC_Clean_BLOCK_CIPHER_MAC_Unit
ISC_Clean_BLOCK_CIPHER_Unit
ISC_Clean_CBC_MAC_Unit
ISC_Clean_DH
ISC_Clean_DH_Params
ISC_Clean_DIGEST_Unit
ISC_Clean_DSA
ISC_Clean_ECC_Key
ISC_Clean_ECDH
ISC_Clean_ECDSA
ISC_Clean_ECKCDSA
ISC_Clean_ECPOINT
ISC_Clean_ECURVE
ISC_Clean_HMAC_Unit
ISC_Clean_KCDSA
ISC_Clean_PRNG_Unit
ISC_Clean_RC4_Unit
ISC_Clean_RSA
ISC_Clear_BIGINT
ISC_Clear_BIGINT_Pool
ISC_Cmp_BIGINT
ISC_Compute_ECDH_Key
ISC_Compute_Key
ISC_Copy_BIGINT
ISC_Crypto_Initialize
ISC_Crypto_Self_Test
ISC_DES_MAC
ISC_DIGEST
ISC_Decode_RSAES_OAEP_PADDING
ISC_Decode_RSAES_PKCS1_PADDING
ISC_Decrypt_RSAES
ISC_Div_BIGINT
ISC_Div_BIGINT_Word
ISC_DoFinal_Advanced_BLOCK_CIPHER
ISC_Do_RC4
ISC_Dump_BIGINT
ISC_Dup_BIGINT
ISC_Dup_RSA
ISC_Encode_RSAES_OAEP_PADDING
ISC_Encode_RSAES_PKCS1_PADDING
ISC_Encrypt_RSAES
ISC_Final_BLOCK_CIPHER
ISC_Final_BLOCK_CIPHER_MAC
ISC_Final_CBC_MAC
ISC_Final_DIGEST
ISC_Final_DSA
ISC_Final_ECDSA
ISC_Final_ECKCDSA
ISC_Final_HMAC
ISC_Final_KCDSA
ISC_Final_RSASSA
ISC_Finish_BIGINT_Pool
ISC_Free
ISC_Free_BIGINT
ISC_Free_BIGINT_Pool
ISC_Free_BLOCK_CIPHER_MAC_Unit
ISC_Free_BLOCK_CIPHER_Unit
ISC_Free_CBC_MAC_Unit
ISC_Free_DH
ISC_Free_DH_Params
ISC_Free_DIGEST_Unit
ISC_Free_DSA
ISC_Free_ECC_Key
ISC_Free_ECDH
ISC_Free_ECDSA
ISC_Free_ECKCDSA
ISC_Free_ECPOINT
ISC_Free_ECURVE
ISC_Free_Ex
ISC_Free_HMAC_Unit
ISC_Free_KCDSA
ISC_Free_PRNG_Unit
ISC_Free_RC4_Unit
ISC_Free_RSA
ISC_Generate_BIGINT_Prime
ISC_Generate_BIGINT_Prime_Ex
ISC_Generate_DH_Key_Pair
ISC_Generate_DH_Params
ISC_Generate_DSA_Key_Pair
ISC_Generate_DSA_Params
ISC_Generate_ECDH_Key_Pair
ISC_Generate_ECDSA_Key_Pair
ISC_Generate_ECKCDSA_Key_Pair
ISC_Generate_KCDSA_Key_Pair
ISC_Generate_KCDSA_Key_Pair_Ex
ISC_Generate_KCDSA_Params
ISC_Generate_KCDSA_Params_Ex
ISC_Generate_RSA_Params
ISC_Generate_RSA_Params_Ex
ISC_Get_BIGINT_Bits_Length
ISC_Get_BIGINT_Pool
ISC_Get_BIGINT_Word
ISC_Get_Block_Alg_ID
ISC_Get_Block_Alg_Name
ISC_Get_Block_Length
ISC_Get_Crypto_Status
ISC_Get_Crypto_Version
ISC_Get_DH_PARAMS_Length
ISC_Get_DIGEST_Alg_ID
ISC_Get_DIGEST_Alg_ID_By_Name
ISC_Get_DIGEST_Alg_Name
ISC_Get_DIGEST_Length
ISC_Get_ECC_Byte_Length
ISC_Get_Error_String
ISC_Get_HMAC_Name
ISC_Get_IV_Length
ISC_Get_Initialize_Error
ISC_Get_KCDSA_Length
ISC_Get_Key_Length
ISC_Get_Mode_Name
ISC_Get_RSA_Length
ISC_Get_Rand
ISC_Get_Rand_BIGINT
ISC_Get_Rand_BIGINT_Ex
ISC_Get_Rand_DSA_BIGINT
ISC_Get_Reason_String
ISC_HEX_To_BIGINT
ISC_HMAC
ISC_Init_Advanced_BLOCK_CIPHER
ISC_Init_BIGINT
ISC_Init_BLOCK_CIPHER
ISC_Init_BLOCK_CIPHER_MAC
ISC_Init_CBC_MAC
ISC_Init_DH
ISC_Init_DIGEST
ISC_Init_DSA
ISC_Init_ECDSA
ISC_Init_ECKCDSA
ISC_Init_HMAC
ISC_Init_KCDSA
ISC_Init_KCDSA_Ex
ISC_Init_PRNG
ISC_Init_RC4
ISC_Init_RSAES
ISC_Init_RSASSA
ISC_Is_BIGINT_Bit_Set
ISC_Is_BIGINT_Prime
ISC_Is_BIGINT_Prime_Ex
ISC_Is_Proven
ISC_Malloc
ISC_Mod_BIGINT_Word
ISC_Mod_Exp_BIGINT
ISC_Mod_Exp_Mont_BIGINT
ISC_Mod_Inverse_BIGINT
ISC_Mod_Mtp_BIGINT
ISC_Mod_Sub_BIGINT
ISC_Mtp_BIGINT
ISC_Mtp_BIGINT_Word
ISC_New_BIGINT
ISC_New_BIGINT_Pool
ISC_New_BLOCK_CIPHER_MAC_Unit
ISC_New_BLOCK_CIPHER_Unit
ISC_New_CBC_MAC_Unit
ISC_New_DH
ISC_New_DH_Params
ISC_New_DIGEST_Unit
ISC_New_DSA
ISC_New_ECC_Key
ISC_New_ECDH
ISC_New_ECDSA
ISC_New_ECKCDSA
ISC_New_ECPOINT
ISC_New_ECURVE
ISC_New_HMAC_Unit
ISC_New_KCDSA
ISC_New_PRNG_Unit
ISC_New_RC4_Unit
ISC_New_RSA
ISC_PBKDF2
ISC_Print_BIGINT
ISC_Print_Error_String
ISC_Rand_BIGINT
ISC_Rand_BIGINT_Ex
ISC_Rand_Bytes
ISC_Rand_Bytes_DRBG
ISC_Rand_Bytes_PRNG
ISC_Realloc
ISC_Set_BIGINT_Bit
ISC_Set_BIGINT_Word
ISC_Set_DH_Params
ISC_Set_DSA_Params
ISC_Set_ECC_Key_Params
ISC_Set_ECC_Key_Params_Ex
ISC_Set_ECDH_Params
ISC_Set_ECDH_Params_Ex
ISC_Set_ECDSA_Params
ISC_Set_ECDSA_Params_Ex
ISC_Set_ECKCDSA_Params
ISC_Set_ECKCDSA_Params_Ex
ISC_Set_ECURVE_Params
ISC_Set_ECURVE_Params_Ex
ISC_Set_KCDSA_Params
ISC_Set_RSA_Params
ISC_Set_RSA_Public_Params
ISC_Sign_DSA
ISC_Sign_KCDSA
ISC_Sign_RSASSA
ISC_Sqr_BIGINT
ISC_Start_BIGINT_Pool
ISC_Sub_BIGINT
ISC_Sub_BIGINT_Word
ISC_Swap_BIGINT
ISC_Uninstantiate_DRBG
ISC_Update_BLOCK_CIPHER
ISC_Update_BLOCK_CIPHER_MAC
ISC_Update_CBC_MAC
ISC_Update_DIGEST
ISC_Update_DSA
ISC_Update_ECDSA
ISC_Update_ECKCDSA
ISC_Update_HMAC
ISC_Update_KCDSA
ISC_Update_RSASSA
ISC_Validate_ECC_Pub_Key
ISC_Value_One_BIGINT
ISC_Value_Zero_BIGINT
ISC_Verify_DSA
ISC_Verify_KCDSA
ISC_Verify_RSASSA

Sections

.text
Size: 598KB - Virtual size: 598KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 280KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 141KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1c627c61009004060ceb00ad3f21728e

Headers

File Characteristics

PDB Paths

Imports

ws2_32

kernel32

user32

advapi32

ole32

iphlpapi

Exports

Exports

Sections

.text Size: 598KB - Virtual size: 598KB

.rdata Size: 280KB - Virtual size: 279KB

.data Size: 141KB - Virtual size: 149KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 23KB - Virtual size: 23KB

.text
Size: 598KB - Virtual size: 598KB

.rdata
Size: 280KB - Virtual size: 279KB

.data
Size: 141KB - Virtual size: 149KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 23KB - Virtual size: 23KB