local[.]exe | Triage

General

Target

local.exe
Size

88KB
MD5

6236b621195dba9c83305c61b9ad0c71
SHA1

4b80478091b204e76ecdfffa275637bb1b98d103
SHA256

9f8bc496368241979ad77d62928dbc00f2104467dc98a1baa84e1a71915bfa58
SHA512

a26271a1f8fbbe914d4ff93c67202f39ebe0723c4c3b3caa760b781f53a47d29e83989846f1a37cd4beca6bcca7c99c2c73dcd70ae66eddd7208f5072e269968
SSDEEP

768:vGJY2kHEYMMx0pLsT2quqfRkAkfmcN9mz+kOiprVH7MfgDT9G034v7yLVtKdrZU4:jvMMx0etvkfm49aOip1kgo034zRdt8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
local.exe

Files

local.exe
.exe windows:4 windows x86 arch:x86

993b27f3d24d69440d8c9819308a27b9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
GetCPInfo
GetACP
LCMapStringA
CloseHandle
GetCommandLineA
GetVersion
DebugBreak
GetStdHandle
InterlockedDecrement
OutputDebugStringA
WriteFile
GetProcAddress
LoadLibraryA
InterlockedIncrement
GetModuleFileNameA
ExitProcess
TerminateProcess
GetCurrentProcess
RtlUnwind
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
MultiByteToWideChar
HeapValidate
LCMapStringW
GetOEMCP
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
IsBadReadPtr
HeapReAlloc
GetLastError
SetConsoleCtrlHandler
HeapFree
VirtualAlloc
HeapAlloc
FlushFileBuffers
SetFilePointer
GetStringTypeA
GetStringTypeW
SetStdHandle

netapi32

NetApiBufferFree
NetLocalGroupGetMembers
NetGetDCName

Sections

.text
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

993b27f3d24d69440d8c9819308a27b9

Headers

File Characteristics

Imports

kernel32

netapi32

Sections

.text Size: 66KB - Virtual size: 66KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 10KB - Virtual size: 17KB

.idata Size: 2KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 66KB - Virtual size: 66KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 10KB - Virtual size: 17KB

.idata
Size: 2KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 2KB