cbae34de0fecb3420eb88ca7a9ce2ae3ce642b19c6b36c5492a252fdaa07eb84N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

cbae34de0fecb3420eb88ca7a9ce2ae3ce642b19c6b36c5492a252fdaa07eb84N.exe
Size

513KB
MD5

04a664059340f543c385a4de602c3960
SHA1

3975fc2d61963d79d01b4f4371ac193220d272c5
SHA256

cbae34de0fecb3420eb88ca7a9ce2ae3ce642b19c6b36c5492a252fdaa07eb84
SHA512

027e23881fb2b7270ce60b369f7399176ce96a2a33f0396fd2b5e2a229d4ebb95b0f46343b07cb56986ef115d4ec97c9c3a52dc8757dfd26dec8dd42c7a166c0
SSDEEP

6144:JcpVgme/jCaRnuFuwGDh9v7D87ICjC0YUaneD:iVgmertRuzonhCjC0Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cbae34de0fecb3420eb88ca7a9ce2ae3ce642b19c6b36c5492a252fdaa07eb84N.exe

Files

cbae34de0fecb3420eb88ca7a9ce2ae3ce642b19c6b36c5492a252fdaa07eb84N.exe
.dll regsvr32 windows:4 windows x86 arch:x86

04de9dfb3a9fb00e41247636d7b6df66

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindResourceA
LoadResource
LockResource
FreeResource
SizeofResource
lstrlenA
MultiByteToWideChar
LocalFree
FormatMessageA
GlobalFree
GlobalReAlloc
GlobalUnlock
GlobalLock
GlobalAlloc
WideCharToMultiByte
VirtualAlloc
GetSystemInfo
VirtualFree
VirtualQuery
FreeLibrary
LoadLibraryA
GetProcAddress
CloseHandle
GetLastError
CreateFileA
GetVersion
RtlUnwind
GetCommandLineA
RaiseException
HeapAlloc
HeapFree
HeapReAlloc
EnterCriticalSection
GetModuleFileNameA
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetModuleHandleA
ExitProcess
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
WriteFile
InitializeCriticalSection
SetUnhandledExceptionFilter
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
LCMapStringW
IsBadWritePtr
GetStringTypeA
GetStringTypeW
ReadFile
SetFilePointer
HeapSize
SetStdHandle
FlushFileBuffers
IsBadReadPtr
IsBadCodePtr
InterlockedDecrement
InterlockedIncrement
SetEndOfFile
lstrcpyA
lstrcatA
LeaveCriticalSection
DisableThreadLibraryCalls

user32

EmptyClipboard
CloseClipboard
SetClipboardData
GetDesktopWindow
GetDC
ReleaseDC
MessageBoxA
GetSysColor
GetSystemMetrics
OpenClipboard

gdi32

GetObjectA
RealizePalette
GetStockObject
SelectPalette
DeleteObject
DeleteDC
SetDIBitsToDevice
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
GetDIBits

advapi32

RegSetValueExA
RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegEnumKeyExA
RegOpenKeyExA

oleaut32

SysFreeString
SysStringLen
SysAllocString
VariantClear
VariantChangeType

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 213KB - Virtual size: 212KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 53KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

04de9dfb3a9fb00e41247636d7b6df66

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

oleaut32

Exports

Exports

Sections

.text Size: 213KB - Virtual size: 212KB

.rdata Size: 122KB - Virtual size: 122KB

.data Size: 53KB - Virtual size: 63KB

.rsrc Size: 19KB - Virtual size: 18KB

.reloc Size: 48KB - Virtual size: 48KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 213KB - Virtual size: 212KB

.rdata
Size: 122KB - Virtual size: 122KB

.data
Size: 53KB - Virtual size: 63KB

.rsrc
Size: 19KB - Virtual size: 18KB

.reloc
Size: 48KB - Virtual size: 48KB

.rmnet
Size: 56KB - Virtual size: 60KB