10249c5098fc904195cc93885fd69c523b1b8c05159f95018e2e1a23c06ca8b1N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

10249c5098fc904195cc93885fd69c523b1b8c05159f95018e2e1a23c06ca8b1N.exe
Size

550KB
MD5

1ac6567d7ffb565fe0564093d5edbf00
SHA1

4a29a6c735a40b6662a3fbf7c50c9fdadc68e141
SHA256

10249c5098fc904195cc93885fd69c523b1b8c05159f95018e2e1a23c06ca8b1
SHA512

c47ed1d72d673ad2c3c0e5454a878480d158760b281413a618eb7dc8a76ae33325703acf38e342c07923625be6b493b3ba75fb10c4d4431c2dd09b58df924222
SSDEEP

6144:+VfptYpsqBfiuMFbkLbf+76uWx3YTGUpa7WC34QKQt9mmg3VB0qg8:usiLu6P7Q3sGUvQK2gdby8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10249c5098fc904195cc93885fd69c523b1b8c05159f95018e2e1a23c06ca8b1N.exe

Files

10249c5098fc904195cc93885fd69c523b1b8c05159f95018e2e1a23c06ca8b1N.exe
.exe windows:5 windows x86 arch:x86

5f78ebbcd1552b6c6f9de5f5a9ce6ffa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsBadCodePtr
IsBadReadPtr
IsBadWritePtr
IsDebuggerPresent
LCMapStringA
LCMapStringW
LoadLibraryA
LoadLibraryW
LoadResource
LocalAlloc
LocalFileTimeToFileTime
LocalFlags
LocalFree
LockResource
MapViewOfFile
Module32First
MoveFileA
MoveFileExA
MultiByteToWideChar
OpenEventW
OpenFile
OpenWaitableTimerA
OutputDebugStringA
OutputDebugStringW
QueryPerformanceCounter
QueueUserAPC
RaiseException
ReadConsoleW
ReadFile
ReadProcessMemory
RemoveDirectoryA
ResumeThread
RtlUnwind
SetComputerNameExW
SetConsoleCtrlHandler
SetConsoleCursorPosition
SetConsoleMode
SetConsoleWindowInfo
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableA
SetEnvironmentVariableW
SetErrorMode
InterlockedCompareExchange
SetFileApisToOEM
SetFileAttributesA
SetFilePointer
SetFileTime
SetHandleCount
SetLastError
SetPriorityClass
SetStdHandle
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
Sleep
SleepEx
SwitchToThread
SystemTimeToFileTime
TerminateProcess
TlsFree
UnhandledExceptionFilter
UnmapViewOfFile
VerSetConditionMask
VerifyVersionInfoA
VerifyVersionInfoW
VirtualAlloc
VirtualFree
VirtualFreeEx
VirtualLock
WaitForSingleObject
WideCharToMultiByte
WriteConsoleW
WriteFile
WritePrivateProfileStringA
WriteProfileStringA
_lopen
_lread
_lwrite
lstrcatW
lstrcmpW
lstrcmpiW
lstrcpyA
lstrcpyW
lstrcpynW
lstrlenA
lstrlenW
GetDriveTypeW
GetFileAttributesW
HeapSize
HeapReAlloc
HeapLock
HeapFree
HeapDestroy
HeapCreate
HeapAlloc
GlobalUnlock
GlobalSize
GlobalReAlloc
GlobalLock
GlobalFree
BackupSeek
GlobalFlags
GlobalAlloc
GetWindowsDirectoryA
GetVersionExA
GetVersion
GetUserDefaultLCID
GetTimeZoneInformation
GetTimeFormatW
GetTickCount
GetThreadSelectorEntry
GetTempPathA
GetTempFileNameA
GetSystemTimeAsFileTime
GetSystemTime
GetSystemDirectoryA
GetStringTypeW
GetStringTypeA
GetStdHandle
GetStartupInfoA
GetShortPathNameW
GetShortPathNameA
GetProfileStringA
GetProfileIntA
GetProcessPriorityBoost
GetProcessAffinityMask
GetProcAddress
GetOEMCP
GetNumberFormatW
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
GetModuleFileNameA
GetLocaleInfoW
GetLocaleInfoA
GetLocalTime
GetLastError
GetFullPathNameA
GetFileType
GetFileSize
GetFileAttributesA
GetExitCodeProcess
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
GetDriveTypeA
GetDiskFreeSpaceExW
GetDiskFreeSpaceA
GetDefaultCommConfigW
GetDateFormatW
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetCurrentDirectoryA
GetConsoleScreenBufferInfo
GetConsoleMode
GetConsoleAliasA
GetComputerNameExW
GetComputerNameExA
GetCommandLineA
GetCalendarInfoW
GetCPInfo
GetBinaryTypeA
GetACP
FreeLibrary
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FormatMessageW
FormatMessageA
FlushFileBuffers
FindResourceA
FindNextFileW
FindNextFileA
FindFirstFileA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
ExitProcess
EnumResourceNamesW
EnumResourceLanguagesA
EnumCalendarInfoExA
DeleteFileA
DebugBreak
CreateThread
CreateProcessA
CreateFileW
CreateFileMappingA
CreateFileA
CreateEventW
CreateEventA
CreateDirectoryA
CopyFileA
CompareStringW
CompareStringA
CloseHandle
CancelIo
SetEvent

user32

ReleaseCapture
RegisterWindowMessageA
RegisterClassA
PtInRect
PostMessageA
PeekMessageA
OffsetRect
OemToCharA
MsgWaitForMultipleObjects
MoveWindow
MessageBoxA
MessageBeep
MapWindowPoints
LoadStringA
LoadIconA
LoadCursorA
LoadBitmapA
KillTimer
IsWindowEnabled
IsDlgButtonChecked
IsDialogMessageA
InternalGetWindowText
IMPQueryIMEW
GetWindowTextLengthA
GetWindowTextA
GetWindowRect
GetTabbedTextExtentW
GetSysColor
GetQueueStatus
ReleaseDC
GetParent
GetMessageA
GetFocus
GetDlgItem
GetDC
GetClientRect
GetClassNameA
GetClassInfoExA
FindWindowA
FillRect
ExitWindowsEx
EnumWindows
EnumThreadWindows
EnumChildWindows
EndDialog
EnableWindow
DragObject
DispatchMessageA
DestroyWindow
DefWindowProcA
DefMDIChildProcW
DdeAbandonTransaction
CreateWindowExA
CreateDialogParamA
CheckRadioButton
CheckDlgButton
CharToOemA
SendDlgItemMessageA
SendMessageA
SendMessageTimeoutA
SetCapture
SetCursor
SetDlgItemTextA
SetFocus
SetForegroundWindow
SetPropA
SetTimer
SetWindowPos
SetWindowTextA
ShowWindow
SystemParametersInfoA
TranslateMessage
UpdateWindow
WaitForInputIdle
wsprintfA
CharLowerA
CharNextA
CharPrevA
LoadIconW
DestroyIcon
GetPropA
DialogBoxParamA

gdi32

ExtSelectClipRgn
FrameRgn
GdiDeleteSpoolFileHandle
GdiEntry2
GdiFullscreenControl
GdiGetBatchLimit
GdiIsPlayMetafileDC
GdiQueryFonts
GetBrushOrgEx
GetCharWidthW
GetCharacterPlacementW
GetColorSpace
GetDeviceCaps
GetEnhMetaFileA
GetEnhMetaFilePaletteEntries
GetFontLanguageInfo
GetGlyphIndicesW
GetMapMode
GetObjectA
GetPath
GetPixel
GetRasterizerCaps
GetStockObject
GetSystemPaletteEntries
GetTextExtentPoint32A
AddFontResourceA
GetTextFaceA
GetTextMetricsA
GetTransform
InvertRgn
MaskBlt
PATHOBJ_bEnum
PolyDraw
PtInRegion
Rectangle
RemoveFontResourceA
STROBJ_bEnum
SelectClipRgn
SelectObject
SetBitmapDimensionEx
SetBkColor
SetBkMode
SetGraphicsMode
SetICMProfileA
SetMapMode
SetRectRgn
SetTextAlign
SetTextColor
SetViewportOrgEx
StartPage
TextOutA
ArcTo
CLIPOBJ_bEnum
BitBlt
CopyEnhMetaFileA
CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontA
CreateFontIndirectA
CreatePen
CreateRectRgn
CreateSolidBrush
DPtoLP
DeleteDC
DeleteObject
EndDoc
EngAcquireSemaphore
EngDeletePalette
EngDeleteSemaphore
EngMarkBandingSurface
EngStretchBltROP
EnumFontFamiliesExA
EnumFontFamiliesExW
ExcludeClipRect
ExtEscape
GetTextExtentPointA
ExtFloodFill

comdlg32

CommDlgExtendedError
GetOpenFileNameA

advapi32

RegQueryValueExW
SetSecurityDescriptorDacl
RegSetValueExA
RegSetValueA
RegQueryValueExA
RegQueryValueA
RegQueryInfoKeyA
RegOpenKeyExA
RegOpenKeyA
RegEnumValueA
RegEnumKeyExA
RegEnumKeyA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegCreateKeyA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA
IsValidSecurityDescriptor
InitializeSecurityDescriptor
AdjustTokenPrivileges
RegOpenKeyW

shell32

SHFileOperation
ShellExecuteExA
ShellExecuteA
CheckEscapesW
DragFinish
DragQueryFileAorW
ExtractAssociatedIconW
SHChangeNotify
SHCreateProcessAsUserW
Shell_NotifyIconA
SHFileOperationA
SHGetDesktopFolder
SHGetFileInfoW
SHGetMalloc
SHGetPathFromIDListA
SHGetSettings
SHInvokePrinterCommandA

ole32

OleSetAutoConvert
OleUninitialize
StringFromCLSID
OleInitialize
OleGetAutoConvert
CoUninitialize
CoInitialize
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
OleRegGetUserType

shlwapi

StrRChrA
StrChrW
StrCmpNIA

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

Sections

.text
Size: 435KB - Virtual size: 435KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 736B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5f78ebbcd1552b6c6f9de5f5a9ce6ffa

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

shlwapi

imm32

Sections

.text Size: 435KB - Virtual size: 435KB

.rdata Size: 109KB - Virtual size: 109KB

.data Size: 2KB - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 736B

.text
Size: 435KB - Virtual size: 435KB

.rdata
Size: 109KB - Virtual size: 109KB

.data
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 736B