3eab337341a660883dd9fbcc17905dfbc8e6f6ac4207c0c4fc466eafc039e52eN[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

3eab337341a660883dd9fbcc17905dfbc8e6f6ac4207c0c4fc466eafc039e52eN.exe
Size

671KB
MD5

8668a57c51d2cbd4489dc1ed14d213b0
SHA1

6b298e013db31bf2cc10992f4b49177f19c5f4af
SHA256

3eab337341a660883dd9fbcc17905dfbc8e6f6ac4207c0c4fc466eafc039e52e
SHA512

fbe9b69d110d923589068ee54f4a94d9e40cbce2ab6ff36482c19f59c0ac0f7cde11f28f5b171d6331ad7c02bd18971db1af1541fdd4cc85dd92013fef98c6a8
SSDEEP

12288:UYdfTGnYdfTGtsgqZXoYXMHGy1HxHFvja1E+YzVQ7aQEwhD94i:UYdbyYdb6u3XMHGy1JFvuYzPSei

Score

1^/10

Malware Config

Signatures

Files

3eab337341a660883dd9fbcc17905dfbc8e6f6ac4207c0c4fc466eafc039e52eN.exe
.exe windows:4 windows x86 arch:x86

056ae29c1bd943a3449fbffd9a647e34

Code Sign

63:77:fa:02:07:4e:6a:d5:f4:fd:59:ab:4a:3a:68:54:f4:b8:46:3b
Signer

Actual PE Digest

63:77:fa:02:07:4e:6a:d5:f4:fd:59:ab:4a:3a:68:54:f4:b8:46:3b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
LoadLibraryA
GetProcAddress
GetLastError
GetModuleHandleA
MultiByteToWideChar
DeleteFileW
GetFileAttributesW
FindResourceW
OutputDebugStringA
GetModuleHandleW
LoadLibraryExW
LoadLibraryW
CreateMutexW
lstrcmpiW
CloseHandle
SizeofResource
LoadResource
Sleep
SystemTimeToFileTime
CreateFileA
GetDriveTypeA
GetModuleFileNameW
WaitForSingleObject
ReleaseMutex
DeleteCriticalSection
SetErrorMode
SetLastError
GetCurrentThreadId
RaiseException
GetCurrentProcessId
GetCurrentProcess
OpenProcess
FlushInstructionCache
InitializeCriticalSection
GetFileSize
WriteFile
GetSystemTime
GetLocalTime
CreateFileW
FreeResource
LockResource
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
MulDiv
lstrcpynW
GetVersionExA
GetLocaleInfoW
EnumSystemLanguageGroupsW
EnumLanguageGroupLocalesW
GetTickCount
GetVersionExW
SetThreadPriority
ResumeThread
GetSystemTimeAsFileTime
GetFileInformationByHandle
ReadFile
DeviceIoControl
SetEndOfFile
SetFilePointer
FindClose
ExpandEnvironmentStringsW
GetTempPathW
GetCurrentDirectoryW
CreateDirectoryW
RemoveDirectoryW
SetFileAttributesW
GetFileAttributesExW
FindFirstFileW
FindNextFileW
CopyFileExW
MoveFileExW
GetLongPathNameW
GetExitCodeProcess
GetLogicalDrives
GetDriveTypeW
GetTempFileNameW
GetWindowsDirectoryW
GetDiskFreeSpaceExW
GetFullPathNameW
lstrcpyW
lstrcatW
GlobalMemoryStatusEx
FormatMessageW
WideCharToMultiByte
GetNumberFormatW
lstrlenA
GetTimeZoneInformation
GetTimeFormatW
GetDateFormatW
GetStdHandle
GetFileType
QueryPerformanceCounter
GlobalMemoryStatus
GetSystemDirectoryA
GetDateFormatA
FlushConsoleInputBuffer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
TerminateProcess
CreateProcessW
CopyFileW
VirtualQuery
SetUnhandledExceptionFilter
GetCurrentThread
CreateEventW
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
GlobalReAlloc
CompareStringW
HeapAlloc
HeapFree
GetProcessHeap
InterlockedCompareExchange
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
IsProcessorFeaturePresent
VirtualFree
DecodePointer
HeapReAlloc
RtlUnwind
EncodePointer
IsDebuggerPresent
GetCommandLineW
CreateThread
ExitThread
SetStdHandle
ExitProcess
GetModuleHandleExW
AreFileApisANSI
SetConsoleCtrlHandler
GetConsoleMode
ReadConsoleInputA
SetConsoleMode
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
HeapSize
UnhandledExceptionFilter
GetStartupInfoW
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
ReadConsoleW
SetFilePointerEx
GetConsoleCP
FileTimeToLocalFileTime
FindFirstFileExW
FileTimeToSystemTime
FlushFileBuffers
OutputDebugStringW
GetStringTypeW
WriteConsoleW
SetEnvironmentVariableA
PeekNamedPipe
LocalFree
LocalAlloc
GetVersion
FreeLibrary
InitializeCriticalSectionAndSpinCount
GetVolumeInformationW
LeaveCriticalSection
EnterCriticalSection
GetExitCodeThread
InterlockedDecrement
InterlockedIncrement
lstrlenW

user32

LoadIconA
LoadCursorFromFileA
GetMenuContextHelpId

gdi32

GetStockObject
GetEnhMetaFileA
GetEnhMetaFileBits

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

r421
Size: 512B - Virtual size: 1B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 195KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdatax5
Size: 512B - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdatax3
Size: 512B - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdatax2
Size: 512B - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdatax
Size: 512B - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

g2
Size: 512B - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

g
Size: 351KB - Virtual size: 350KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

r4227
Size: 512B - Virtual size: 1B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

r4226
Size: 512B - Virtual size: 1B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

r4225
Size: 512B - Virtual size: 1B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

r4224
Size: 512B - Virtual size: 1B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

r4223
Size: 512B - Virtual size: 1B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

r422
Size: 512B - Virtual size: 1B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.rsrc
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

056ae29c1bd943a3449fbffd9a647e34

Code Sign

63:77:fa:02:07:4e:6a:d5:f4:fd:59:ab:4a:3a:68:54:f4:b8:46:3bSigner

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 24KB - Virtual size: 24KB

r421 Size: 512B - Virtual size: 1B

.rdata Size: 195KB - Virtual size: 195KB

.data Size: 6KB - Virtual size: 6KB

.rdatax5 Size: 512B - Virtual size: 1B

.rdatax3 Size: 512B - Virtual size: 1B

.rdatax2 Size: 512B - Virtual size: 1B

.rdatax Size: 512B - Virtual size: 1B

g2 Size: 512B - Virtual size: 1B

g Size: 351KB - Virtual size: 350KB

r4227 Size: 512B - Virtual size: 1B

r4226 Size: 512B - Virtual size: 1B

r4225 Size: 512B - Virtual size: 1B

r4224 Size: 512B - Virtual size: 1B

r4223 Size: 512B - Virtual size: 1B

r422 Size: 512B - Virtual size: 1B

.rsrc Size: 85KB - Virtual size: 84KB

63:77:fa:02:07:4e:6a:d5:f4:fd:59:ab:4a:3a:68:54:f4:b8:46:3b
Signer

.text
Size: 24KB - Virtual size: 24KB

r421
Size: 512B - Virtual size: 1B

.rdata
Size: 195KB - Virtual size: 195KB

.data
Size: 6KB - Virtual size: 6KB

.rdatax5
Size: 512B - Virtual size: 1B

.rdatax3
Size: 512B - Virtual size: 1B

.rdatax2
Size: 512B - Virtual size: 1B

.rdatax
Size: 512B - Virtual size: 1B

g2
Size: 512B - Virtual size: 1B

g
Size: 351KB - Virtual size: 350KB

r4227
Size: 512B - Virtual size: 1B

r4226
Size: 512B - Virtual size: 1B

r4225
Size: 512B - Virtual size: 1B

r4224
Size: 512B - Virtual size: 1B

r4223
Size: 512B - Virtual size: 1B

r422
Size: 512B - Virtual size: 1B

.rsrc
Size: 85KB - Virtual size: 84KB