Challenge_Benign_0b5f95269f7c333807d2a6ffe782d71f4541410bee2e7a33cdfb2832eb68412d[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

Challenge_Benign_0b5f95269f7c333807d2a6ffe782d71f4541410bee2e7a33cdfb2832eb68412d.exe
Size

82KB
MD5

4c151cde7fe121728a3bf1debb5d0d77
SHA1

c97eb98d4adb31158870f60fc06bc8371802c1bb
SHA256

d920665a48affaefd19fbbacf1be784f6acd17df4484c05f52af2434ffaa0f96
SHA512

b650cca84dac884f15122cfc2d9bb89cab48b1a5f94d4b3ce861ea299f883089b312db35e30b01cbd60d9c883567162e07c249d60cdf138dc4cd5258f299b4ed
SSDEEP

1536:mPnevjJzT7fQn3K8B/tH1NOCF59esCF0+u9RvIxCRmuoD5KUC5Hqj1:0ev9TsF1H19F59esC/xB5CMZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Challenge_Benign_0b5f95269f7c333807d2a6ffe782d71f4541410bee2e7a33cdfb2832eb68412d.exe

Files

Challenge_Benign_0b5f95269f7c333807d2a6ffe782d71f4541410bee2e7a33cdfb2832eb68412d.exe
.exe windows x86

33c96e5c317f485c24238cfa6c1e9503

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

nss3

PR_NewLock
PR_EnterMonitor
PR_GetThreadPrivate
PR_WaitCondVar
PR_SetThreadPrivate
PR_NewThreadPrivateIndex
PR_ExitMonitor
PR_Wait
PR_DestroyLock
PR_Lock
PR_AssertCurrentThreadInMonitor
PR_Unlock
PR_AssertCurrentThreadOwnsLock
PL_strcmp
PR_Seek64
PR_Now
PR_Free
PR_dtoa
PR_Assert
PR_FileDesc2NativeHandle
PR_SetCurrentThreadName
PR_GetCurrentThread
PR_sscanf
PR_IntervalNow
PR_CallOnce

xul

?_external_GetObserverService@services@mozilla@@YG?AU?$already_AddRefed@VnsIObserverService@@@@XZ
NS_LogDtor
NS_LogCtor
NS_GetComponentManager
NS_GetServiceManager
NS_UTF16ToCString
NS_CStringToUTF16
NS_CStringCopy
NS_CStringSetDataRange
NS_CStringSetData
NS_CStringCloneData
NS_CStringGetMutableData
NS_CStringGetData
NS_CStringContainerFinish
NS_CStringContainerInit2
NS_CStringContainerInit
NS_StringCopy
NS_StringSetDataRange
NS_StringGetMutableData
NS_StringGetData
NS_StringContainerFinish
NS_StringContainerInit2
NS_StringContainerInit
NS_LogCOMPtrRelease
NS_LogCOMPtrAddRef
NS_LogRelease
NS_LogAddRef
NS_DebugBreak
NS_GetMemoryManager

mozglue

moz_xmalloc
wcsdup
realloc
free
strdup
moz_xrealloc
?gChaosFeatures@detail@mozilla@@3W4ChaosFeature@2@A
?gChaosModeCounter@detail@mozilla@@3V?$Atomic@I$01X@2@A
malloc

kernel32

CloseHandle
GetStartupInfoW
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetModuleHandleW
OutputDebugStringA
IsDebuggerPresent
SetFilePointerEx
SetEndOfFile
ReadFile
CreateFileW
WideCharToMultiByte
MultiByteToWideChar
VerifyVersionInfoA
SetThreadPriority
GetCurrentThread
VerSetConditionMask
GetCurrentProcess
TerminateProcess

vcruntime140

memmove
strchr
wcschr
memcmp
memcpy
memset
__telemetry_main_invoke_trigger
__telemetry_main_return_trigger
__std_type_info_destroy_list
_except_handler4_common
_purecall

api-ms-win-crt-stdio-l1-1-0

fread
__p__commode
_dup
fputs
__stdio_common_vsprintf
ftell
fseek
fflush
fclose
_wfopen
__stdio_common_vfprintf
__acrt_iob_func
_set_fmode

api-ms-win-crt-convert-l1-1-0

wcstol
strtol

api-ms-win-crt-string-l1-1-0

strpbrk
strncpy
wcspbrk
wcsncmp

api-ms-win-crt-utility-l1-1-0

rand
srand

api-ms-win-crt-math-l1-1-0

_fdopen
_except1
__setusermatherr

api-ms-win-crt-runtime-l1-1-0

_configure_narrow_argv
_initialize_onexit_table
_seh_filter_dll
_crt_atexit
_set_app_type
_crt_at_quick_exit
_seh_filter_exe
_controlfp_s
_initialize_narrow_environment
terminate
_register_onexit_function
_get_initial_narrow_environment
_initterm
_initterm_e
exit
_exit
__p___argc
__p___argv
_cexit
_c_exit
_execute_onexit_table
_register_thread_local_exe_atexit_callback

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

_set_new_mode

Sections

.text
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

33c96e5c317f485c24238cfa6c1e9503

Headers

DLL Characteristics

File Characteristics

Imports

nss3

xul

mozglue

kernel32

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-heap-l1-1-0

Sections

.text Size: 58KB - Virtual size: 58KB

.rdata Size: 17KB - Virtual size: 17KB

.data Size: 512B - Virtual size: 1KB

.gfids Size: 512B - Virtual size: 36B

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 58KB - Virtual size: 58KB

.rdata
Size: 17KB - Virtual size: 17KB

.data
Size: 512B - Virtual size: 1KB

.gfids
Size: 512B - Virtual size: 36B

.reloc
Size: 4KB - Virtual size: 4KB