b2d811aca4583900557c6467212d0dc35680ed1707530ce41bb616f08adabe99N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

b2d811aca4583900557c6467212d0dc35680ed1707530ce41bb616f08adabe99N.exe
Size

227KB
MD5

e755bd05c333b8773444f81cab0925f0
SHA1

0ba8fc9877b55a340963ebd69d9a05b5e6178a04
SHA256

b2d811aca4583900557c6467212d0dc35680ed1707530ce41bb616f08adabe99
SHA512

2f083dae13a74ef331734260f48cd08ccec203f5653fcdd50ba9c9ec58588bc170518c25e3bcfd1b9395ffa06e296f47f78a5fce0dde55433f2f1b7319725518
SSDEEP

6144:4rx9HGCenzAjjHlEJyWYg1vvIAJVRqR70v6860Y:47HgIuYg1rvRF6X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b2d811aca4583900557c6467212d0dc35680ed1707530ce41bb616f08adabe99N.exe

Files

b2d811aca4583900557c6467212d0dc35680ed1707530ce41bb616f08adabe99N.exe
.exe windows:4 windows x86 arch:x86

301acaa9297e042e49f1583df2aac621

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDateFormatA
GetUserDefaultLangID
CreateSemaphoreA
OpenMutexW
CreateThread
GetShortPathNameA
MoveFileA
CreatePipe
GetEnvironmentVariableW
GetAtomNameA
CreateMailslotW
BeginUpdateResourceW
CreateNamedPipeA
CompareFileTime
GetSystemTime
GetEnvironmentStringsW
RemoveDirectoryW
GetCalendarInfoW
WinExec
DisconnectNamedPipe
GetNumberFormatW
SetEvent
GetAtomNameW
GetLogicalDrives
GetCPInfo
CreateEventA
LoadLibraryA
GetSystemInfo
GetTempPathW
IsValidCodePage
SetPriorityClass
EnumDateFormatsA
FindResourceW
OpenSemaphoreW
EndUpdateResourceA
lstrcpy
GetTimeFormatW
ReadDirectoryChangesW
SetErrorMode
GlobalGetAtomNameW
OpenEventA
CreateDirectoryW
lstrcmpi
GetVersionExA
GetCommandLineA
RaiseException
GetProcAddress
GetFileTime
SearchPathA
SetCalendarInfoW
OpenProcess
GetOEMCP
EndUpdateResourceW

user32

DestroyIcon
GetSysColorBrush
EnumClipboardFormats
SetWindowTextW
LoadCursorA
SetTimer
DestroyWindow
PostQuitMessage
EmptyClipboard
SetWindowRgn
GetClassInfoW
GetClassNameW
ReleaseDC
WaitForInputIdle
LoadBitmapW
LoadIconW
CreateAcceleratorTableA
CreateDialogIndirectParamW
MessageBoxIndirectA
DialogBoxIndirectParamA
GetIconInfo
GetDC
CreateWindowExW
MonitorFromRect
CreateCaret
IsMenu

gdi32

PaintRgn
SetPixel
DeleteDC
GetMetaFileA
SetDIBColorTable
SetDeviceGammaRamp
SetViewportOrgEx
GetCharWidth32W
SetTextAlign
UnrealizeObject
CreateICW
PolyDraw
CreateFontA
LPtoDP
RemoveFontResourceExW
SetColorAdjustment

advapi32

RegSaveKeyA
RegOpenKeyW
RegOpenKeyExA
RegDeleteKeyA
RegCloseKey
RegDeleteValueW
RegQueryValueA

shell32

SHGetFileInfoA
SHGetDataFromIDListA

shlwapi

StrRStrIA
PathSearchAndQualifyW
PathIsNetworkPathW
PathBuildRootW
StrStrIW
UrlUnescapeA
IntlStrEqWorkerW
StrToIntA
SHRegSetUSValueA
PathIsURLA
StrChrA
PathMakeSystemFolderA
PathGetCharTypeA
UrlGetLocationA
PathStripPathW
SHDeleteKeyA
SHDeleteKeyW

opengl32

glMap1d
glViewport
wglSwapMultipleBuffers
glAlphaFunc
glVertex3dv
GlmfEndPlayback
glFinish

urlmon

GetMarkOfTheWeb
SetSoftwareUpdateAdvertisementState
AsyncInstallDistributionUnit
CreateAsyncBindCtxEx
RegisterMediaTypeClass
FindMimeFromData
CoGetClassObjectFromURL

sqlunirl

_ChooseFont_@4
_NDdeTrustedShareEnum_@24
_CreateEvent_@16
_MapVirtualKey_@8
ConvertMultiSZNameToW
_CreateAcceleratorTable_@8
_FindResourceEx_@16
_ObjectOpenAuditAlarm_@48
_GetUserObjectInformation_@20
_DrawState_@40
_GlobalAddAtom_@4
_SendMessage@16
_CharPrev_@8
_GetWindowsDirectory_@8
newWideCharFromMultiByte
_CreateMailslot_@16
_CopyAcceleratorTable_@12
_GetSaveFileName@4
_LookupPrivilegeDisplayName_@20
_GetPrivateProfileSectionNames_@12
_IsDialogMessage@8
_GetBinaryType_@8
_CreateDesktop_@24

crypt32

CertSerializeCertificateStoreElement
CryptMsgGetAndVerifySigner
RegOpenHKCUKeyExU
CryptVerifyMessageHash
CryptVerifySignatureU
CertVerifyCRLRevocation
CertUnregisterPhysicalStore
CertGetIntendedKeyUsage
CryptSignAndEncodeCertificate
I_CertUpdateStore

Sections

.MMzeu
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.YlZ
Size: 512B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Ao
Size: 4KB - Virtual size: 282KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ls
Size: 5KB - Virtual size: 404KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zvNLW
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.F
Size: 4KB - Virtual size: 223KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.soXfM
Size: 5KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.PGXCF
Size: 5KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.XWMJVR
Size: 5KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 98KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 692B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

301acaa9297e042e49f1583df2aac621

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

shlwapi

opengl32

urlmon

sqlunirl

crypt32

Sections

.MMzeu Size: 6KB - Virtual size: 6KB

.YlZ Size: 512B - Virtual size: 92KB

.Ao Size: 4KB - Virtual size: 282KB

.ls Size: 5KB - Virtual size: 404KB

.zvNLW Size: 9KB - Virtual size: 8KB

.F Size: 4KB - Virtual size: 223KB

.soXfM Size: 5KB - Virtual size: 17KB

.PGXCF Size: 5KB - Virtual size: 416KB

.XWMJVR Size: 5KB - Virtual size: 182KB

.data Size: 98KB - Virtual size: 113KB

.rsrc Size: 82KB - Virtual size: 82KB

.reloc Size: 1024B - Virtual size: 692B

.MMzeu
Size: 6KB - Virtual size: 6KB

.YlZ
Size: 512B - Virtual size: 92KB

.Ao
Size: 4KB - Virtual size: 282KB

.ls
Size: 5KB - Virtual size: 404KB

.zvNLW
Size: 9KB - Virtual size: 8KB

.F
Size: 4KB - Virtual size: 223KB

.soXfM
Size: 5KB - Virtual size: 17KB

.PGXCF
Size: 5KB - Virtual size: 416KB

.XWMJVR
Size: 5KB - Virtual size: 182KB

.data
Size: 98KB - Virtual size: 113KB

.rsrc
Size: 82KB - Virtual size: 82KB

.reloc
Size: 1024B - Virtual size: 692B