easy_Malicious_2bf82311960771b8fe98866e25e8b45d9559f852bff313b5f78a02c0b971a4f8[.]exe

General

Target

easy_Malicious_2bf82311960771b8fe98866e25e8b45d9559f852bff313b5f78a02c0b971a4f8.exe
Size

32KB
MD5

78e4a1dcf295e4c9a9b0d5352e76c37d
SHA1

b591df37f36cf29b2e9168c001140344b2abd158
SHA256

07d6b1b8db3b7b3878b3b016c57ea7ea6ea0dee44100f1a547713075434f2922
SHA512

17df785e8d51c4e6b5b8c3c31764f1add4fa3284438abe92aa39422f77ee12d4c13b5fb41a65a4074d2852f65497173725944683bc2c3a97eb3c0bb664212c20
SSDEEP

384:f98xUHQU2iJoY0by4/q8zLeiTertpIjSVTiaPluy3XQfNjir5f:WwFmBqopsYfeH2Njir5f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
easy_Malicious_2bf82311960771b8fe98866e25e8b45d9559f852bff313b5f78a02c0b971a4f8.exe

Files

easy_Malicious_2bf82311960771b8fe98866e25e8b45d9559f852bff313b5f78a02c0b971a4f8.exe
.exe windows x86

bef229bd8a414afbbd1edba1aeb00206

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
HeapAlloc
GetProcessHeap
GetFileSize
CreateFileA
CopyFileA
MoveFileExA
GetTempFileNameA
GetTempPathA
GetModuleFileNameA
LockResource
LoadResource
SizeofResource
FindResourceA
GetLastError
lstrcpyA
LeaveCriticalSection
GetProcAddress
ExitProcess
EnterCriticalSection
VirtualProtect
InitializeCriticalSection
GetModuleHandleA
MoveFileA
DeleteFileA
lstrcmpiA
GetLongPathNameA
ExpandEnvironmentStringsA
GetTickCount
lstrlenA
OutputDebugStringA
TerminateProcess
VirtualAllocEx
HeapFree
VirtualAlloc
Sleep
WinExec
SetFilePointer
WriteFile
CloseHandle
BeginUpdateResourceA
UpdateResourceA
lstrcatA
EndUpdateResourceA

user32

wsprintfA
MessageBeep
MessageBoxA

advapi32

CryptAcquireContextA
CryptReleaseContext
CloseServiceHandle
EnumServicesStatusA
OpenSCManagerA
CryptGenRandom

shlwapi

PathRemoveFileSpecA
StrChrA

Exports

Exports

szFile

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bef229bd8a414afbbd1edba1aeb00206

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 5KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 8KB - Virtual size: 5KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 12KB - Virtual size: 11KB