6286f436c7b9a47e85ad85b07886008bf313dddb44200cfbda5589ca33c00356N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

6286f436c7b9a47e85ad85b07886008bf313dddb44200cfbda5589ca33c00356N.exe
Size

324KB
MD5

7391e01585ff0b2683bb6e06061ab2a0
SHA1

d1edb328954d3dae8834950218600f26468a99f4
SHA256

6286f436c7b9a47e85ad85b07886008bf313dddb44200cfbda5589ca33c00356
SHA512

98267cd8e75e067c61c8d7ff4948a3ffaf99ac5f5ff2b8d0cc997b4d1c20cde20860ce4bbd260a79771d8a356ec2a60d63db34025e2a90f3d8f47a338b3a3833
SSDEEP

6144:N+gqC4Wta3HEkrmC15wFeoxKhbgnKucl/r888888888888W88888888888I:krCHa33rreFebM2r888888888888W88Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6286f436c7b9a47e85ad85b07886008bf313dddb44200cfbda5589ca33c00356N.exe

Files

6286f436c7b9a47e85ad85b07886008bf313dddb44200cfbda5589ca33c00356N.exe
.exe windows:5 windows x86 arch:x86

2e55d30aa29ed8e4cf8430264ff6a171

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
Sleep
SuspendThread
SystemTimeToFileTime
TerminateProcess
TerminateThread
TlsGetValue
TlsSetValue
UnmapViewOfFile
VirtualAlloc
SetLastError
VirtualProtect
VirtualQuery
WaitForSingleObject
WriteFile
WritePrivateProfileStringW
WriteProcessMemory
lstrcmpA
lstrcmpW
lstrlenW
LoadLibraryA
SetFilePointer
SetFileAttributesA
SetEvent
SetEndOfFile
RtlUnwind
ResetEvent
QueueUserWorkItem
QueryPerformanceCounter
OutputDebugStringW
OpenProcess
OpenFileMappingW
OpenFileMappingA
MulDiv
MoveFileW
MapViewOfFile
LockResource
LocalSize
LocalFree
LocalAlloc
LoadResource
LoadLibraryW
LoadLibraryExA
LeaveCriticalSection
IsBadReadPtr
InterlockedIncrement
InterlockedExchangeAdd
InterlockedExchange
InterlockedDecrement
InterlockedCompareExchange
InitializeCriticalSection
HeapFree
HeapDestroy
HeapCreate
HeapAlloc
GlobalUnlock
GlobalReAlloc
GlobalMemoryStatus
GlobalLock
GlobalHandle
GlobalFree
GlobalDeleteAtom
GlobalAlloc
GlobalAddAtomW
GetWindowsDirectoryW
GetWindowsDirectoryA
GetVersionExW
GetVersionExA
GetVersion
GetTickCount
GetThreadPriority
Beep
GetThreadLocale
GetThreadContext
GetTempPathW
GetTempPathA
GetSystemTime
GetSystemDirectoryW
GetProcAddress
GetPrivateProfileStringW
GetPriorityClass
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
GetModuleFileNameA
GetLocaleInfoA
GetLocalTime
GetLastError
GetFileTime
GetFileSizeEx
GetFileSize
GetFileAttributesW
GetFileAttributesA
GetDiskFreeSpaceA
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetComputerNameA
GetCommandLineW
GetCommandLineA
FreeResource
FreeLibrary
FormatMessageA
FlushInstructionCache
FindResourceW
FindResourceA
FindNextFileW
FindNextFileA
FindFirstFileW
FindFirstFileA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FileTimeToDosDateTime
ExpandEnvironmentStringsW
ExpandEnvironmentStringsA
ExitThread
ExitProcess
EnterCriticalSection
DuplicateHandle
DeleteFileW
DeleteFileA
DeleteCriticalSection
CreateThread
CreateRemoteThread
CreateProcessW
CreateProcessA
CreatePipe
CreateMutexW
CreateMutexA
CreateFileW
CreateFileMappingW
CreateFileMappingA
CreateFileA
CreateEventW
CreateDirectoryA
CopyFileA
CloseHandle
VirtualFree

user32

SetWindowPos
SetWindowLongW
SetWindowLongA
SetTimer
SetRect
SetForegroundWindow
SetFocus
SetCursor
SetClipboardData
SetCapture
SetActiveWindow
SendMessageW
SendMessageTimeoutA
SendMessageA
ScreenToClient
RemoveMenu
ReleaseDC
ReleaseCapture
RegisterWindowMessageW
RegisterHotKey
RegisterClipboardFormatW
RegisterClassA
RedrawWindow
PtInRect
PrivateExtractIconsW
PostThreadMessageW
PostThreadMessageA
PostQuitMessage
PostMessageW
PostMessageA
PeekMessageW
PeekMessageA
OpenClipboard
OffsetRect
MessageBoxW
MessageBoxA
MessageBeep
LockWindowUpdate
LoadImageA
LoadCursorW
KillTimer
IsWindowVisible
IsWindowUnicode
IsWindowEnabled
IsWindow
IsIconic
IsDialogMessageW
InvalidateRect
SetWindowTextA
HideCaret
GetWindowTextA
GetWindowRect
GetWindowPlacement
GetWindowLongW
GetWindowDC
GetWindow
GetSystemMetrics
GetSystemMenu
GetSysColorBrush
GetSysColor
GetScrollInfo
GetScrollBarInfo
GetMessageW
GetMessageA
GetKeyState
GetIconInfo
GetForegroundWindow
GetFocus
GetDesktopWindow
GetDC
GetCursorPos
GetCursor
GetClientRect
GetClassNameW
GetClassNameA
GetCapture
FrameRect
FindWindowW
FillRect
EnumWindows
EnumChildWindows
EndPaint
EnableWindow
EmptyClipboard
DrawTextW
DrawTextA
DrawIconEx
DrawFrameControl
DrawFocusRect
DispatchMessageW
DestroyWindow
DefWindowProcW
DefWindowProcA
CreateWindowExW
CreateWindowExA
CloseClipboard
CallWindowProcW
BringWindowToTop
ShowCaret
ShowWindow
SystemParametersInfoW
TranslateMessage
UnregisterHotKey
WindowFromPoint
LoadIconA
LoadCursorA
InflateRect
AttachThreadInput
BeginPaint
GetWindowThreadProcessId

gdi32

GetStockObject
GetTextExtentPoint32A
GetTextFaceA
GetTextMetricsW
GetViewportOrgEx
IntersectClipRect
LineTo
MoveToEx
RealizePalette
ResizePalette
RestoreDC
SaveDC
SelectClipRgn
SelectObject
SelectPalette
SetBkMode
SetStretchBltMode
SetViewportOrgEx
StretchBlt
StretchDIBits
TextOutA
WidenPath
StrokePath
GetTextColor
FillPath
CancelDC
GetGraphicsMode
GetMapMode
GetBkColor
UnrealizeObject
CloseFigure
GetRgnBox
BeginPath
GetSystemPaletteUse
CloseMetaFile
GetPixelFormat
GetColorSpace
GetBkMode
GetPolyFillMode
DeleteColorSpace
GetEnhMetaFileA
FlattenPath
GetFontLanguageInfo
CreateMetaFileA
GetTextCharacterExtra
GetROP2
CloseEnhMetaFile
SetMetaRgn
GetStretchBltMode
GetDCPenColor
DeleteMetaFile
GetDCBrushColor
UpdateColors
DeleteEnhMetaFile
EndPath
PathToRegion
GetTextAlign
CreatePatternBrush
SwapBuffers
CreateMetaFileW
GetTextCharset
GetLayout
GetPaletteEntries
GetObjectType
GetObjectW
GetNearestPaletteIndex
GetDeviceCaps
GetDIBits
GetCurrentObject
GetClipBox
GdiFlush
EndPage
EndDoc
DeleteObject
DeleteDC
CreateSolidBrush
CreateRectRgnIndirect
CreateRectRgn
CreatePen
CreatePalette
CreateHalftonePalette
BitBlt
CombineRgn
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCW
CreateDIBSection
CreateFontA
GetEnhMetaFileW
CreateFontW

comdlg32

GetSaveFileNameA
PrintDlgW

advapi32

RegEnumKeyA
FreeSid
SetSecurityDescriptorDacl
RegSetValueExW
RegSetValueExA
RegQueryValueExW
RegQueryValueExA
RegQueryInfoKeyW
RegOpenKeyW
RegOpenKeyExW
RegOpenKeyExA
AllocateAndInitializeSid
RegDeleteValueW
RegDeleteValueA
RegDeleteKeyW
RegCreateKeyExW
RegCreateKeyExA
RegCloseKey
InitializeSecurityDescriptor
GetUserNameW
GetUserNameA

shell32

SHGetFileInfoW
SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetSpecialFolderPathW
ShellExecuteA
ShellExecuteExA
ShellExecuteW
ExtractIconW

ole32

CoCreateInstance
IsEqualGUID

comctl32

ImageList_Create
ord17

Sections

.text
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2e55d30aa29ed8e4cf8430264ff6a171

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

comctl32

Sections

.text Size: 172KB - Virtual size: 172KB

.rdata Size: 30KB - Virtual size: 30KB

.data Size: 76KB - Virtual size: 76KB

.rsrc Size: 44KB - Virtual size: 44KB

.text
Size: 172KB - Virtual size: 172KB

.rdata
Size: 30KB - Virtual size: 30KB

.data
Size: 76KB - Virtual size: 76KB

.rsrc
Size: 44KB - Virtual size: 44KB