f01ac29b0239a586e7c20a49703654a59a1dd41b165eeb4cf526558e06cb1116[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

f01ac29b0239a586e7c20a49703654a59a1dd41b165eeb4cf526558e06cb1116.exe
Size

547KB
MD5

c1cb09793d3039ff6c3c186a76104695
SHA1

563140bfcd1f9c698eea77808c19888c888a7b64
SHA256

f01ac29b0239a586e7c20a49703654a59a1dd41b165eeb4cf526558e06cb1116
SHA512

2b40b6e327e27edc2abaf0076cec2a801eccfef41549ee67c69b7b205b6d94bec6b997d62bebc3c1a157eed328f18851dff04397f43339d71336431975b048c3
SSDEEP

6144:OI/nB/9B0JQjRIntsEt45OvoU4Djn+sSAdfTmFdSm4FI/nNYV03S8ytG5dHL+SNU:O6vWJEut/oUaLd7lFI/nHDXZS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f01ac29b0239a586e7c20a49703654a59a1dd41b165eeb4cf526558e06cb1116.exe

Files

f01ac29b0239a586e7c20a49703654a59a1dd41b165eeb4cf526558e06cb1116.exe
.dll windows:6 windows x86 arch:x86

73b26bbc180ebcc2612d1a8830822aff

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

usp10.pdb

Imports

msvcrt

_isatty
_write
_lseeki64
_fileno
__pioinfo
__badioinfo
wctomb
_itoa
_snprintf
_iob
isleadbyte
memcpy
memset
_adjust_fdiv
_amsg_exit
_initterm
free
malloc
_XcptFilter
_errno
memmove
_vsnprintf

kernel32

IsValidLocale
GetLocaleInfoW
GetACP
GetProcAddress
GetLastError
InterlockedIncrement
MulDiv
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
GetProfileIntA
GetProfileStringA
lstrcmpiA
CreateFileA
ReadFile
CloseHandle
LoadLibraryA
InitializeCriticalSection
GetUserDefaultLCID
GetVersionExA
HeapCreate
DeleteCriticalSection
HeapDestroy
DisableThreadLibraryCalls
HeapAlloc
InterlockedExchange
HeapFree
IsDBCSLeadByte
FindResourceA
LoadResource
LockResource
Sleep
InterlockedCompareExchange
OutputDebugStringA
RtlUnwind
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
LeaveCriticalSection
EnterCriticalSection
ConvertDefaultLocale

user32

GetSystemMetrics
CharUpperW
GetDC
GetSysColor
SetRect
ReleaseDC

gdi32

GetTextExtentExPointW
GetTextExtentExPointA
GetObjectW
Ellipse
CreateSolidBrush
LineTo
CreatePen
GetStockObject
GetTextColor
DeleteDC
SetGraphicsMode
GetGraphicsMode
CreateCompatibleDC
MoveToEx
SetBkMode
GetObjectType
ExtTextOutA
GetBkMode
ExtTextOutW
GetTextMetricsW
CreateFontA
CreateFontIndirectW
TranslateCharsetInfo
GetFontData
GetCharWidthA
DPtoLP
GetGlyphOutlineA
GetTextCharset
GetDeviceCaps
GetTextFaceA
GetOutlineTextMetricsA
GetTextFaceW
GetOutlineTextMetricsW
GetTextMetricsA
SelectObject
CreateFontIndirectA
GetObjectA
GetCurrentObject
GetViewportExtEx
GetWindowExtEx
EnumFontFamiliesExW
SetTextAlign
SetTextColor
SetBkColor
GetTextAlign
GetCurrentPositionEx
DeleteObject

advapi32

RegEnumKeyExW
RegEnumValueW
RegQueryInfoKeyW
RegOpenKeyExW
RegCloseKey
RegQueryValueExA
RegOpenKeyExA

Exports

Exports

LpkPresent
ScriptApplyDigitSubstitution
ScriptApplyLogicalWidth
ScriptBreak
ScriptCPtoX
ScriptCacheGetHeight
ScriptFreeCache
ScriptGetCMap
ScriptGetFontAlternateGlyphs
ScriptGetFontFeatureTags
ScriptGetFontLanguageTags
ScriptGetFontProperties
ScriptGetFontScriptTags
ScriptGetGlyphABCWidth
ScriptGetLogicalWidths
ScriptGetProperties
ScriptIsComplex
ScriptItemize
ScriptItemizeOpenType
ScriptJustify
ScriptLayout
ScriptPlace
ScriptPlaceOpenType
ScriptPositionSingleGlyph
ScriptRecordDigitSubstitution
ScriptShape
ScriptShapeOpenType
ScriptStringAnalyse
ScriptStringCPtoX
ScriptStringFree
ScriptStringGetLogicalWidths
ScriptStringGetOrder
ScriptStringOut
ScriptStringValidate
ScriptStringXtoCP
ScriptString_pLogAttr
ScriptString_pSize
ScriptString_pcOutChars
ScriptSubstituteSingleGlyph
ScriptTextOut
ScriptXtoCP
UspAllocCache
UspAllocTemp
UspFreeMem

Sections

.text
Size: 343KB - Virtual size: 342KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Shared
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

73b26bbc180ebcc2612d1a8830822aff

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.text Size: 343KB - Virtual size: 342KB

.data Size: 62KB - Virtual size: 61KB

Shared Size: 7KB - Virtual size: 7KB

.rsrc Size: 71KB - Virtual size: 70KB

.reloc Size: 6KB - Virtual size: 6KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 343KB - Virtual size: 342KB

.data
Size: 62KB - Virtual size: 61KB

Shared
Size: 7KB - Virtual size: 7KB

.rsrc
Size: 71KB - Virtual size: 70KB

.reloc
Size: 6KB - Virtual size: 6KB

.rmnet
Size: 56KB - Virtual size: 60KB