3da2c1e161da9d036bd4987f77b617434fad50a5e1f69fbd89da839468115cd7N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

3da2c1e161da9d036bd4987f77b617434fad50a5e1f69fbd89da839468115cd7N.exe
Size

547KB
MD5

a6c529a38efca7cbadddb13f1bfbeca0
SHA1

cba60d1521f3863b2a85948b8050f3303b51a886
SHA256

3da2c1e161da9d036bd4987f77b617434fad50a5e1f69fbd89da839468115cd7
SHA512

483c71a3d769b9e610502ff9a58809c2ae7a12d73d036d4296a1d5f724391d51c7bd0a9ba67c466546244c101e3931aa8359f198bf207c5042d2c997ac6ceb72
SSDEEP

6144:OI/nB/9B0JQjRIntsEt45OvoU4Djn+sSAdfTmFdSm4FI/nNYV03S8ytG5dHL+SNh:O6vWJEut/oUaLd7lFI/nHDXZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3da2c1e161da9d036bd4987f77b617434fad50a5e1f69fbd89da839468115cd7N.exe

Files

3da2c1e161da9d036bd4987f77b617434fad50a5e1f69fbd89da839468115cd7N.exe
.dll windows:6 windows x86 arch:x86

73b26bbc180ebcc2612d1a8830822aff

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

usp10.pdb

Imports

msvcrt

_isatty
_write
_lseeki64
_fileno
__pioinfo
__badioinfo
wctomb
_itoa
_snprintf
_iob
isleadbyte
memcpy
memset
_adjust_fdiv
_amsg_exit
_initterm
free
malloc
_XcptFilter
_errno
memmove
_vsnprintf

kernel32

IsValidLocale
GetLocaleInfoW
GetACP
GetProcAddress
GetLastError
InterlockedIncrement
MulDiv
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
GetProfileIntA
GetProfileStringA
lstrcmpiA
CreateFileA
ReadFile
CloseHandle
LoadLibraryA
InitializeCriticalSection
GetUserDefaultLCID
GetVersionExA
HeapCreate
DeleteCriticalSection
HeapDestroy
DisableThreadLibraryCalls
HeapAlloc
InterlockedExchange
HeapFree
IsDBCSLeadByte
FindResourceA
LoadResource
LockResource
Sleep
InterlockedCompareExchange
OutputDebugStringA
RtlUnwind
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
LeaveCriticalSection
EnterCriticalSection
ConvertDefaultLocale

user32

GetSystemMetrics
CharUpperW
GetDC
GetSysColor
SetRect
ReleaseDC

gdi32

GetTextExtentExPointW
GetTextExtentExPointA
GetObjectW
Ellipse
CreateSolidBrush
LineTo
CreatePen
GetStockObject
GetTextColor
DeleteDC
SetGraphicsMode
GetGraphicsMode
CreateCompatibleDC
MoveToEx
SetBkMode
GetObjectType
ExtTextOutA
GetBkMode
ExtTextOutW
GetTextMetricsW
CreateFontA
CreateFontIndirectW
TranslateCharsetInfo
GetFontData
GetCharWidthA
DPtoLP
GetGlyphOutlineA
GetTextCharset
GetDeviceCaps
GetTextFaceA
GetOutlineTextMetricsA
GetTextFaceW
GetOutlineTextMetricsW
GetTextMetricsA
SelectObject
CreateFontIndirectA
GetObjectA
GetCurrentObject
GetViewportExtEx
GetWindowExtEx
EnumFontFamiliesExW
SetTextAlign
SetTextColor
SetBkColor
GetTextAlign
GetCurrentPositionEx
DeleteObject

advapi32

RegEnumKeyExW
RegEnumValueW
RegQueryInfoKeyW
RegOpenKeyExW
RegCloseKey
RegQueryValueExA
RegOpenKeyExA

Exports

Exports

LpkPresent
ScriptApplyDigitSubstitution
ScriptApplyLogicalWidth
ScriptBreak
ScriptCPtoX
ScriptCacheGetHeight
ScriptFreeCache
ScriptGetCMap
ScriptGetFontAlternateGlyphs
ScriptGetFontFeatureTags
ScriptGetFontLanguageTags
ScriptGetFontProperties
ScriptGetFontScriptTags
ScriptGetGlyphABCWidth
ScriptGetLogicalWidths
ScriptGetProperties
ScriptIsComplex
ScriptItemize
ScriptItemizeOpenType
ScriptJustify
ScriptLayout
ScriptPlace
ScriptPlaceOpenType
ScriptPositionSingleGlyph
ScriptRecordDigitSubstitution
ScriptShape
ScriptShapeOpenType
ScriptStringAnalyse
ScriptStringCPtoX
ScriptStringFree
ScriptStringGetLogicalWidths
ScriptStringGetOrder
ScriptStringOut
ScriptStringValidate
ScriptStringXtoCP
ScriptString_pLogAttr
ScriptString_pSize
ScriptString_pcOutChars
ScriptSubstituteSingleGlyph
ScriptTextOut
ScriptXtoCP
UspAllocCache
UspAllocTemp
UspFreeMem

Sections

.text
Size: 343KB - Virtual size: 342KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Shared
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

73b26bbc180ebcc2612d1a8830822aff

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.text Size: 343KB - Virtual size: 342KB

.data Size: 62KB - Virtual size: 61KB

Shared Size: 7KB - Virtual size: 7KB

.rsrc Size: 71KB - Virtual size: 70KB

.reloc Size: 6KB - Virtual size: 6KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 343KB - Virtual size: 342KB

.data
Size: 62KB - Virtual size: 61KB

Shared
Size: 7KB - Virtual size: 7KB

.rsrc
Size: 71KB - Virtual size: 70KB

.reloc
Size: 6KB - Virtual size: 6KB

.rmnet
Size: 56KB - Virtual size: 60KB