a46205471aaa69484882f3eca7487f4fd4de02ba92644596deec477d947af2f8N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

a46205471aaa69484882f3eca7487f4fd4de02ba92644596deec477d947af2f8N.exe
Size

257KB
MD5

6ab87ded111268119ce1417f9ece8c70
SHA1

895a4ad32c39b6930d009d9e9d50669989eb5c9b
SHA256

a46205471aaa69484882f3eca7487f4fd4de02ba92644596deec477d947af2f8
SHA512

36c930370271db3c42522e29302f4e596725b0112bc160c30cb67561505eeea14d941c3ee3e8d0120b64d18fe37b425462e739136d26fdc2e38fd56ab35729f1
SSDEEP

6144:sZTlnN3HxAhazaSK4QM5HTPmOFGOGt/HqixmyYVgGo5n:mUM5LFfG5dfl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a46205471aaa69484882f3eca7487f4fd4de02ba92644596deec477d947af2f8N.exe

Files

a46205471aaa69484882f3eca7487f4fd4de02ba92644596deec477d947af2f8N.exe
.exe windows:4 windows x86 arch:x86

050afd4377373813224987acb5135daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupCloseInfFile
SetupCopyOEMInfW
SetupDiGetINFClassW
SetupGetInfFileListW
SetupOpenInfFileW
SetupUninstallOEMInfW
SetupGetLineTextW

ole32

CoUninitialize
StringFromGUID2
CoTaskMemFree
CoInitialize
CoInitializeEx
CoCreateInstance

user32

DispatchMessageW
GetMessageW
IsWindowUnicode
GetMessageA
MsgWaitForMultipleObjectsEx
PeekMessageW
DispatchMessageA
TranslateMessage

kernel32

VirtualAlloc
DeleteCriticalSection
VerSetConditionMask
CreateEventW
FlushFileBuffers
TlsGetValue
WriteConsoleA
CloseHandle
SetHandleCount
GetCurrentThreadId
ExitThread
OutputDebugStringW
GetConsoleCP
GetCommandLineW
GetSystemInfo
FreeLibrary
GetModuleHandleW
GetConsoleMode
LCMapStringA
SetUnhandledExceptionFilter
LCMapStringW
GetModuleHandleA
HeapDestroy
GetSystemDirectoryW
SizeofResource
ReadFile
DeleteFileW
VerifyVersionInfoW
GetFileType
InitializeCriticalSectionAndSpinCount
LoadResource
TerminateThread
LocalFree
RtlUnwind
UnhandledExceptionFilter
OpenProcess
GetConsoleOutputCP
FindResourceW
GetFileSize
EnterCriticalSection
WaitForMultipleObjects
lstrlenW
SetLastError
HeapFree
SetFilePointer
GetStdHandle
WriteFile
IsDebuggerPresent
HeapSize
LeaveCriticalSection
CreateThread
HeapReAlloc
WaitForSingleObject
GetSystemTimeAsFileTime
GetLocalTime
WriteConsoleW
GetACP
LoadLibraryExW
VirtualFree
GetOEMCP
GetProcessHeap
TlsSetValue
TlsAlloc
ResetEvent
FreeEnvironmentStringsW
CreateFileW
LockResource
IsValidCodePage
SetStdHandle
HeapAlloc
TlsFree
WideCharToMultiByte
ResumeThread
CreateFileA
RaiseException
SetFileAttributesW
FindResourceExW
GetFullPathNameA
VirtualAllocEx
LocalAlloc

shell32

SHGetFolderPathW
CommandLineToArgvW
SHGetSpecialFolderPathW

advapi32

RegEnumValueW
RegCreateKeyExW
RegCloseKey
RegQueryValueExW
RegSetValueExW
RegOpenKeyExW
TraceMessage
RegDeleteValueW

shlwapi

SHCopyKeyW
PathIsUNCServerW
PathStripPathW
SHDeleteKeyW
PathFileExistsW
PathAppendW
PathAddBackslashW
PathRemoveFileSpecW

dbghelp

MakeSureDirectoryPathExists
SymEnumerateSymbolsW
SymLoadModuleEx
ImageRvaToVa
SymGetSymNext
SymLoadModule64
SymGetTypeFromName
SymGetLineNext64
UnDecorateSymbolName
SymSetContext
SymGetModuleInfo
SymGetSymFromAddr64
EnumerateLoadedModules
SymGetSymPrev64

printui

PrinterPropPageProvider
DocumentPropertiesWrap
vDocumentDefaults

Sections

.text
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.RSrv
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.MoDk
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.IiUjAp
Size: 1024B - Virtual size: 929B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 129KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.OaRtLe
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.FGIB
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.JGVDv
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.FiyYSmH
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

050afd4377373813224987acb5135daa

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

ole32

user32

kernel32

shell32

advapi32

shlwapi

dbghelp

printui

Sections

.text Size: 97KB - Virtual size: 97KB

.RSrv Size: 2KB - Virtual size: 1KB

.MoDk Size: 4KB - Virtual size: 4KB

.IiUjAp Size: 1024B - Virtual size: 929B

.data Size: 6KB - Virtual size: 173KB

.rdata Size: 129KB - Virtual size: 128KB

.OaRtLe Size: 1KB - Virtual size: 1KB

.FGIB Size: 3KB - Virtual size: 3KB

.rsrc Size: 2KB - Virtual size: 2KB

.JGVDv Size: 5KB - Virtual size: 4KB

.FiyYSmH Size: 3KB - Virtual size: 2KB

.text
Size: 97KB - Virtual size: 97KB

.RSrv
Size: 2KB - Virtual size: 1KB

.MoDk
Size: 4KB - Virtual size: 4KB

.IiUjAp
Size: 1024B - Virtual size: 929B

.data
Size: 6KB - Virtual size: 173KB

.rdata
Size: 129KB - Virtual size: 128KB

.OaRtLe
Size: 1KB - Virtual size: 1KB

.FGIB
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 2KB - Virtual size: 2KB

.JGVDv
Size: 5KB - Virtual size: 4KB

.FiyYSmH
Size: 3KB - Virtual size: 2KB