malware_mock_sample2[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

malware_mock_sample2.exe
Size

577KB
MD5

418df4baab72fdec825c7a8eb900f038
SHA1

ef98ec1c736494b29960ed06228a74157b718199
SHA256

bd3cb9af2d60dee1db0489faf8a7e4bec8a5be8194e53e79371b110440317cac
SHA512

3892cd1730a729c58e77e5c4feff78fa52bdad27c8a3a1550a5aa534ed053987ebd858c76f058a811afa36f042ec4bb21a545ffa2e5fbe9ef1e5ec89c3134d58
SSDEEP

12288:ZklT6YAksfaznwkZJsArx38G7PzHk86GCQw:Z8YksfAZeArqGbr6J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
malware_mock_sample2.exe

Files

malware_mock_sample2.exe
.exe windows:5 windows x86 arch:x86

79a39819aff4ad4e946c152b87e0d79a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempFileNameW
GetNativeSystemInfo
GetModuleHandleExA
SetEndOfFile
MapUserPhysicalPages
SystemTimeToTzSpecificLocalTime
HeapAlloc
InterlockedIncrement
MapViewOfFileEx
MoveFileExW
GetModuleHandleW
GenerateConsoleCtrlEvent
ActivateActCtx
SizeofResource
ReadConsoleOutputW
HeapCreate
Beep
SetTimeZoneInformation
GetCompressedFileSizeA
CompareStringW
ExitThread
FindNextVolumeMountPointW
GlobalUnfix
GetLastError
IsDBCSLeadByteEx
ChangeTimerQueueTimer
GetProcAddress
HeapSize
GetConsoleDisplayMode
OpenWaitableTimerA
GetAtomNameA
AddVectoredExceptionHandler
SetConsoleCursorInfo
GetModuleHandleA
lstrcatW
EraseTape
LCMapStringW
GetCommandLineW
HeapSetInformation
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
DecodePointer
EncodePointer
GetModuleFileNameW
HeapValidate
IsBadReadPtr
EnterCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
InterlockedDecrement
ExitProcess
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
WriteFile
SetFilePointer
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
OutputDebugStringA
WriteConsoleW
OutputDebugStringW
LoadLibraryW
GetModuleFileNameA
HeapReAlloc
HeapQueryInformation
HeapFree
RtlUnwind
MultiByteToWideChar
SetStdHandle
GetStringTypeW
IsProcessorFeaturePresent
FlushFileBuffers
ReadFile
CreateFileW
CloseHandle
RaiseException

Sections

.text
Size: 429KB - Virtual size: 429KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 38.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

79a39819aff4ad4e946c152b87e0d79a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 429KB - Virtual size: 429KB

.rdata Size: 32KB - Virtual size: 31KB

.data Size: 10KB - Virtual size: 38.6MB

.rsrc Size: 36KB - Virtual size: 36KB

.reloc Size: 68KB - Virtual size: 67KB

.text
Size: 429KB - Virtual size: 429KB

.rdata
Size: 32KB - Virtual size: 31KB

.data
Size: 10KB - Virtual size: 38.6MB

.rsrc
Size: 36KB - Virtual size: 36KB

.reloc
Size: 68KB - Virtual size: 67KB