Challenge_Benign_111fa24233d599320a2f4b162ce57faff78e340707c48a3bf28f2544eeeaff76[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

Challenge_Benign_111fa24233d599320a2f4b162ce57faff78e340707c48a3bf28f2544eeeaff76.exe
Size

83KB
MD5

18634b0fa6ee23365bbe6a78139ec0c2
SHA1

a9008e0a25e776734a33dd55b876984e5e4dff7a
SHA256

3b2a762bf303bc9679f235bf0ca88d70ea24ae1a36d5d61d665d6dd8d45736e5
SHA512

742c99ea5e7dee78f133c149a6e481dd3f572b3272c18f1e6330ccb86880e48ceb0d3f814bfb3d7e9e7dbb887013b4622542ea0a2965c48aee5c6ed32cff9355
SSDEEP

1536:OaV0ssPONCLKpwXPVrM2SaoFr4un7RoPeA1q/TRRZppOzv6:dV0hPONCLKpcPVoBJFr4AR3A1ST3pOzS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Challenge_Benign_111fa24233d599320a2f4b162ce57faff78e340707c48a3bf28f2544eeeaff76.exe

Files

Challenge_Benign_111fa24233d599320a2f4b162ce57faff78e340707c48a3bf28f2544eeeaff76.exe
.exe windows x86

20fd555a987b1a25347578578f249358

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

nss3

PR_sscanf
PR_Free
PR_dtoa
PR_Assert
PR_Unlock
PR_AssertCurrentThreadOwnsLock
PR_WaitCondVar
PR_EnterMonitor
PR_SetCurrentThreadName
PR_Wait
PR_AssertCurrentThreadInMonitor
PR_FileDesc2NativeHandle
PR_IntervalNow
PR_Lock
PR_DestroyLock
PR_NewLock
PR_CallOnce
PR_GetThreadPrivate
PR_SetThreadPrivate
PR_Now
PR_NewThreadPrivateIndex
PR_GetCurrentThread
PR_Seek64
PR_ExitMonitor

xul

NS_NewNativeLocalFile
NS_UTF16ToCString
NS_CStringGetMutableData
NS_StringCopy
NS_StringSetDataRange
NS_StringGetMutableData
NS_StringGetData
NS_GetMemoryManager
?_external_GetObserverService@services@mozilla@@YG?AU?$already_AddRefed@VnsIObserverService@@@@XZ
NS_LogRelease
NS_LogAddRef
NS_LogDtor
NS_LogCtor
NS_GetComponentManager
NS_GetServiceManager
NS_CStringToUTF16
NS_CStringCopy
NS_CStringSetDataRange
NS_CStringSetData
NS_CStringCloneData
NS_CStringGetData
NS_CStringContainerInit
NS_StringContainerFinish
NS_StringContainerInit2
NS_StringContainerInit
NS_CStringContainerFinish
NS_CStringContainerInit2
NS_LogCOMPtrRelease
NS_LogCOMPtrAddRef
NS_DebugBreak

mozglue

malloc
realloc
moz_xrealloc
?gChaosModeCounter@detail@mozilla@@3V?$Atomic@I$01X@2@A
?gChaosFeatures@detail@mozilla@@3W4ChaosFeature@2@A
wcsdup
free
strdup
moz_xmalloc

kernel32

WideCharToMultiByte
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetModuleHandleW
MultiByteToWideChar
VerifyVersionInfoA
SetThreadPriority
GetCurrentThread
VerSetConditionMask
CloseHandle
OutputDebugStringA
IsDebuggerPresent
SetFilePointerEx
SetEndOfFile
ReadFile
CreateFileW
GetCurrentProcess
TerminateProcess

vcruntime140

memcpy
memset
_purecall
strchr
wcschr
memcmp
__telemetry_main_invoke_trigger
__telemetry_main_return_trigger
__std_type_info_destroy_list
_except_handler4_common
memmove

api-ms-win-crt-stdio-l1-1-0

_set_fmode
fflush
__stdio_common_vfprintf
__p__commode
fclose
fputs
__stdio_common_vsprintf
_dup
ftell
fseek
fread
_wfopen
__acrt_iob_func

api-ms-win-crt-utility-l1-1-0

srand
rand

api-ms-win-crt-math-l1-1-0

__setusermatherr
_except1
_fdopen

api-ms-win-crt-convert-l1-1-0

wcstol
strtol

api-ms-win-crt-string-l1-1-0

wcspbrk
strncpy
strpbrk
wcsncmp

api-ms-win-crt-runtime-l1-1-0

_crt_at_quick_exit
_seh_filter_dll
_controlfp_s
_seh_filter_exe
terminate
_initialize_onexit_table
_crt_atexit
_configure_narrow_argv
_set_app_type
_register_onexit_function
_initialize_narrow_environment
_get_initial_narrow_environment
_initterm
_initterm_e
exit
_exit
_register_thread_local_exe_atexit_callback
__p___argc
__p___argv
_cexit
_execute_onexit_table
_c_exit

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

_set_new_mode

Sections

.text
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

20fd555a987b1a25347578578f249358

Headers

DLL Characteristics

File Characteristics

Imports

nss3

xul

mozglue

kernel32

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-heap-l1-1-0

Sections

.text Size: 59KB - Virtual size: 59KB

.rdata Size: 17KB - Virtual size: 16KB

.data Size: 512B - Virtual size: 1KB

.gfids Size: 512B - Virtual size: 36B

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 59KB - Virtual size: 59KB

.rdata
Size: 17KB - Virtual size: 16KB

.data
Size: 512B - Virtual size: 1KB

.gfids
Size: 512B - Virtual size: 36B

.reloc
Size: 4KB - Virtual size: 4KB