6d89a99510a6172e9ed4829f63b95971a3caf09f6df8faa5b1fe6bc79c0abe0aN[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

6d89a99510a6172e9ed4829f63b95971a3caf09f6df8faa5b1fe6bc79c0abe0aN.exe
Size

452KB
MD5

b5e39fa240670ce47287aea2692b0eb0
SHA1

3460b33a8714cd946a5e7a55d23ca0728541829a
SHA256

6d89a99510a6172e9ed4829f63b95971a3caf09f6df8faa5b1fe6bc79c0abe0a
SHA512

aed6be4508e14f85fd637d5a0c2ad384d93f342a435e8954461f09b294fb20d6f41e30d9986228b73cd4296a3d8584efb3b64b85a75c7b1896291ad94c9404c3
SSDEEP

12288:ma5nmns2C5E9KYS2wiMUIgdNdsfmBvgwjo:QSOMj4NWW4m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6d89a99510a6172e9ed4829f63b95971a3caf09f6df8faa5b1fe6bc79c0abe0aN.exe

Files

6d89a99510a6172e9ed4829f63b95971a3caf09f6df8faa5b1fe6bc79c0abe0aN.exe
.exe windows:5 windows x86 arch:x86

6661d0390b02fa9f418b5c5bdbc5d764

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
SetEndOfFile
GetSystemInfo
FileTimeToSystemTime
FileTimeToLocalFileTime
SystemTimeToFileTime
GetSystemTime
TerminateThread
WaitForMultipleObjects
GetTickCount
SetEnvironmentVariableA
WriteConsoleW
CreateFileA
FlushFileBuffers
SetStdHandle
LoadLibraryW
GetSystemTimeAsFileTime
VirtualFree
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetTimeZoneInformation
LCMapStringW
GetConsoleMode
GetConsoleCP
GetStringTypeW
CompareStringW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetFileType
SetHandleCount
ExitProcess
Sleep
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetStdHandle
GetStartupInfoW
HeapSetInformation
GetCommandLineW
CreateThread
ExitThread
RtlUnwind
EncodePointer
DecodePointer
InterlockedPopEntrySList
IsProcessorFeaturePresent
InterlockedPushEntrySList
InterlockedCompareExchange
InterlockedExchange
OpenFileMappingW
SleepEx
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
ReleaseMutex
OpenMutexW
CreateMutexW
LocalFree
GetProcessHeap
lstrcmpiW
GetProcAddress
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
CreateProcessW
GetExitCodeProcess
SetLastError
GetCurrentThreadId
lstrcpynW
lstrcmpW
GetCurrentProcess
FlushInstructionCache
LeaveCriticalSection
EnterCriticalSection
RaiseException
GetLocalTime
GetLastError
lstrcpyW
GlobalAlloc
GlobalLock
GlobalUnlock
LoadLibraryExW
FreeLibrary
GetModuleHandleW
GetModuleFileNameW
ResetEvent
WaitForSingleObject
SetEvent
CreateEventW
ReadFile
SetFilePointer
CreateFileW
WriteFile
CloseHandle
lstrlenW
WideCharToMultiByte
lstrlenA
MultiByteToWideChar
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
InterlockedDecrement
InterlockedIncrement
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
HeapCreate
GetCurrentProcessId

user32

ClientToScreen
CharNextW
GetActiveWindow
DialogBoxParamW
CallWindowProcW
CreateWindowExW
ScreenToClient
GetDC
MessageBoxW
CharUpperBuffA
CharUpperBuffW
PostMessageW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetDlgCtrlID
SetCursor
GetCursorPos
GetKeyState
DestroyMenu
TrackPopupMenu
InsertMenuW
CreatePopupMenu
CharUpperA
ReleaseDC
RegisterClassExW
GetSystemMetrics
wsprintfW
SetWindowLongW
GetWindowLongW
SendMessageW
SetWindowTextW
SetWindowPos
GetWindowPlacement
InvalidateRect
ShowWindow
EnableWindow
SetFocus
IsChild
GetDlgItem
GetWindow
GetTopWindow
MapWindowPoints
GetClientRect
GetMonitorInfoW
MonitorFromWindow
GetWindowRect
GetParent
DrawTextW
EndDialog
UnregisterClassA
DestroyWindow
GetFocus
IsWindow
LoadImageW
InflateRect
GetClassInfoExW
LoadCursorW
FillRect
GetSysColorBrush
DrawFocusRect
GetSysColor
MessageBeep
SendDlgItemMessageW
DefWindowProcW
GetWindowTextW
GetWindowTextLengthW

gdi32

DeleteObject
GetStockObject
DeleteDC
SetBkColor
SetBkMode
SetTextColor
ExtTextOutW
CreateFontIndirectW
GetTextExtentPoint32W
CreatePen
PatBlt
MoveToEx
LineTo
Rectangle
GetTextMetricsW
CreatePatternBrush
CreateBitmap
GetObjectW
SelectObject

advapi32

RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegOpenKeyExW
GetTokenInformation
ConvertStringSecurityDescriptorToSecurityDescriptorW
ConvertSidToStringSidW
CopySid
OpenProcessToken
LookupAccountNameW

ole32

CoFileTimeNow
CoCreateGuid
StringFromGUID2
CoInitialize
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoInitializeEx
CoCreateInstance
CoUninitialize

oleaut32

SysStringLen
VarUI4FromStr
VariantChangeType
VariantCopy
VariantClear
VariantInit
SysAllocString
SysFreeString

comctl32

InitCommonControlsEx

ws2_32

socket
connect
WSASocketW
bind
listen
setsockopt
getaddrinfo
freeaddrinfo
gethostname
gethostbyname
htons
ntohs
shutdown
inet_ntoa
WSACleanup
WSAStartup
sendto
select
recvfrom
recv
WSASetLastError
getpeername
getsockname
getsockopt
WSAGetLastError
inet_addr
closesocket
inet_ntop

iphlpapi

GetIpAddrTable

Sections

.text
Size: 284KB - Virtual size: 283KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

\W ��u/
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6661d0390b02fa9f418b5c5bdbc5d764

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

comctl32

ws2_32

iphlpapi

Sections

.text Size: 284KB - Virtual size: 283KB

.rdata Size: 56KB - Virtual size: 55KB

.data Size: 10KB - Virtual size: 22KB

.rsrc Size: 54KB - Virtual size: 54KB

.reloc Size: 29KB - Virtual size: 29KB

\W ��u/ Size: 16KB - Virtual size: 20KB

.text
Size: 284KB - Virtual size: 283KB

.rdata
Size: 56KB - Virtual size: 55KB

.data
Size: 10KB - Virtual size: 22KB

.rsrc
Size: 54KB - Virtual size: 54KB

.reloc
Size: 29KB - Virtual size: 29KB

\W ��u/
Size: 16KB - Virtual size: 20KB