Epathobj_Exploit[.]exe

General

Target

Epathobj_Exploit.exe
Size

48KB
MD5

a499ce6f490df5860f1803c435391669
SHA1

7bf65d30208458e641953fb0e74a1c20b736b822
SHA256

a3473a7740983cb18ec651e2e5087ef4c4034db442b3ee64c2ab8b17be2b8f97
SHA512

1995b4ce5cbaba7ad586bda42681f89bb8f1af0c12a1547f8b23dcac6e4022e002207dc89941647d332d1d5caaf68e7c1d46a71d277d61c7dbf6b52783b67182
SSDEEP

768:fSO+r+4h9dyIHxhEYP2uT+eiOSQ4RZ8Rdhdlb:6ZQ42M+K4RZglb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Epathobj_Exploit.exe

Files

Epathobj_Exploit.exe
.exe windows x86

04af692e42ce9a143d24da157388fede

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReleaseMutex
CreateThread
CreateMutexA
VirtualAlloc
GetLastError
LoadLibraryA
VirtualQuery
GetProcAddress
GetModuleHandleA
FreeLibrary
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
GetOEMCP
CloseHandle
Sleep
GetVersionExA
GetCurrentThreadId
WaitForSingleObject
InitializeCriticalSection
InterlockedExchange
GetACP
GetCPInfo
GetCommandLineA
GetVersion
ExitProcess
FlushFileBuffers
WriteFile
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
SetStdHandle
SetFilePointer
HeapReAlloc
GetStringTypeW

user32

SetThreadDesktop
GetDC
ReleaseDC
CreateDesktopA

gdi32

CreateRoundRectRgn
BeginPath
PolyDraw
EndPath
DeleteObject
FlattenPath

netapi32

NetUserAdd
NetLocalGroupAddMembers

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 265KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

04af692e42ce9a143d24da157388fede

Headers

File Characteristics

Imports

kernel32

user32

gdi32

netapi32

Sections

.text Size: 24KB - Virtual size: 21KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 16KB - Virtual size: 265KB

.text
Size: 24KB - Virtual size: 21KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 16KB - Virtual size: 265KB