e8a091a84dd2ea7ee429135ff48e9f48f7787637ccb79f6c3eb42f34588bc684[.]exe

General

Target

e8a091a84dd2ea7ee429135ff48e9f48f7787637ccb79f6c3eb42f34588bc684.exe
Size

417KB
MD5

da191d01e0e5999de2040f53fab3cd21
SHA1

fc461cced0aaa6d0a033ed796df7a09f2ec188ac
SHA256

7d6c915a240ae9fe189d08bb385108470a01e474048ae1b9e124b011512f2032
SHA512

c3a7aa344d06df0ec8bf4010a95fa87db01e727958fe024300c0d3830113e2ebbd9610ee62ce8d5867e989d6d8ba8a4430710c32ddc75d4a3acd020914a3d881
SSDEEP

6144:8DLEaEmTKU8RW2HXHEHC1o+me80/ns1SYMyk91juJqVs9xqhJigJZbDaSEOD:W+FRW2XHEYmc/nySYa1KJq2xeiQBQY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Device/HarddiskVolume3/Users/User1/Desktop/LetsDefend/SOC104 - Malware Detected/e8a091a84dd2ea7ee429135ff48e9f48f7787637ccb79f6c3eb42f34588bc684.exe

Files

e8a091a84dd2ea7ee429135ff48e9f48f7787637ccb79f6c3eb42f34588bc684.exe
.zip

Password: S1P@ssw0rd
Device/HarddiskVolume3/Users/User1/Desktop/LetsDefend/SOC104 - Malware Detected/e8a091a84dd2ea7ee429135ff48e9f48f7787637ccb79f6c3eb42f34588bc684.exe
.exe windows:6 windows x86 arch:x86

Password: S1P@ssw0rd

1f97faaf5d0b752f37d1b1b225d14964

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

kernel32

GetEnvironmentStringsW
CloseHandle
lstrlenA
GetModuleHandleA
LoadLibraryA
lstrcpyA
lstrcatA
GetProcAddress
VirtualAlloc
CreateThread
OutputDebugStringA
ExitProcess
CreateTimerQueueTimer
Sleep
ExitThread
EncodePointer
DecodePointer
RtlUnwind
GetCommandLineA
IsProcessorFeaturePresent
GetLastError
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
HeapSize
HeapFree
HeapAlloc
RaiseException
SetLastError
GetCurrentThreadId
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameA
WriteFile
GetModuleFileNameW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
CreateFileW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
LoadLibraryExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
HeapReAlloc
LCMapStringW
OutputDebugStringW
GetStringTypeW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetStdHandle
SetFilePointerEx
WriteConsoleW

Sections

.text
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 361KB - Virtual size: 368KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
manifest.json

Sharing

General

Malware Config

Signatures

Files

Password: S1P@ssw0rd

Password: S1P@ssw0rd

1f97faaf5d0b752f37d1b1b225d14964

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

Sections

.text Size: 80KB - Virtual size: 80KB

.rdata Size: 25KB - Virtual size: 25KB

.data Size: 361KB - Virtual size: 368KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 80KB - Virtual size: 80KB

.rdata
Size: 25KB - Virtual size: 25KB

.data
Size: 361KB - Virtual size: 368KB

.reloc
Size: 5KB - Virtual size: 4KB