newmodel[.]exe

Resubmissions

28/03/2024, 12:15

240328-pevt4shh97 3

28/03/2024, 09:53

240328-lw2r7shh4x 3

Sharing

Copy URL

Twitter E-mail

General

Target

newmodel.exe
Size

3.5MB
MD5

a211f1a367c232fffcc0e45928f8ff02
SHA1

ac7c8664ba1293c3f14c1107b568a1c8a51b111a
SHA256

8ced6a44b878e854d3d97a8b4438aadc9cf457a966d4229e3b577dd0724782e2
SHA512

25d4163acfe5535b5310b969734d1e0a51992a9276753209700aaf46a9417f57dff3f897564313fde355d02d8faded1550c5020564f5c1922179f6a1ecb1d998
SSDEEP

49152:wmE7ingepoCkugirqHkrw9YjaEodol7qdChCG3c5mw6QRTFh4RXQD:dFnndrKk89YjD7qQhCmP3QRBh4W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
newmodel.exe

Files

newmodel.exe
.exe .pdf windows:6 windows x86 arch:x86 polyglot

e9e758772160bd1fab8d16089f2bb415

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\olivier.margerit\source\repos\NewModel\Release\NewModel.pdb

Imports

user32

DefWindowProcW
MessageBoxW
FillRect
CreateWindowExW
RegisterClassExW
LoadAcceleratorsW
LoadStringW
ShowWindow
DispatchMessageW
SetTimer
LoadBitmapW
TranslateAcceleratorW
TranslateMessage
LoadIconW
LoadCursorW
GetClientRect
KillTimer
PostQuitMessage
EndPaint
UpdateWindow
InvalidateRect
BeginPaint
GetMessageW

gdi32

DeleteObject
SetBkColor
GetObjectW
SetTextColor
TextOutW
DeleteDC
CreateFontW
CreateCompatibleDC
SelectObject
CreateCompatibleBitmap
BitBlt
CreateSolidBrush

vcruntime140

__current_exception_context
__current_exception
memset
_except_handler4_common

api-ms-win-crt-utility-l1-1-0

rand

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
_register_onexit_function
_cexit
_controlfp_s
terminate
_exit
exit
_initterm_e
_c_exit
_crt_atexit
_get_wide_winmain_command_line
_initialize_wide_environment
_configure_wide_argv
_register_thread_local_exe_atexit_callback
_seh_filter_exe
_initterm
_set_app_type

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-stdio-l1-1-0

__p__commode
_set_fmode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

_set_new_mode

kernel32

IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
GetModuleHandleW
GetStartupInfoW
UnhandledExceptionFilter

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 504B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rodata
Size: 470KB - Virtual size: 472KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Resubmissions

Sharing

General

Malware Config

Signatures

Files

e9e758772160bd1fab8d16089f2bb415

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

user32

gdi32

vcruntime140

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-heap-l1-1-0

kernel32

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 2KB - Virtual size: 3KB

.rsrc Size: 3.0MB - Virtual size: 3.0MB

.reloc Size: 512B - Virtual size: 504B

.rodata Size: 470KB - Virtual size: 472KB

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 3.0MB - Virtual size: 3.0MB

.reloc
Size: 512B - Virtual size: 504B

.rodata
Size: 470KB - Virtual size: 472KB