0f8e95a2c0575292fe6b8151428013f85b645f315e2d67a927a4b0c6d26af3c9[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

0f8e95a2c0575292fe6b8151428013f85b645f315e2d67a927a4b0c6d26af3c9.exe
Size

2.9MB
MD5

2ab36b7875f2b5a876377164b3b609f2
SHA1

0d022cf7d49015fc97c576d89a710e5aeabaeaff
SHA256

0f8e95a2c0575292fe6b8151428013f85b645f315e2d67a927a4b0c6d26af3c9
SHA512

e62f221b3e3a7d2d14e56519ca46e69af3c2570d8d2d9cc382c9778fe37a75567b3af311074ed1709a0385d9bd38e11dd2ed8dbd1b30427b53d56266fe486238
SSDEEP

49152:ueG4DbBlHFAYl0R2fvjnZ1tmr5BOFGdoYNStv4Qr/0O0NAfT6ZI5I7+SPqKSM1x4:ueGUGAfT1e+hKhDPa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f8e95a2c0575292fe6b8151428013f85b645f315e2d67a927a4b0c6d26af3c9.exe

Files

0f8e95a2c0575292fe6b8151428013f85b645f315e2d67a927a4b0c6d26af3c9.exe
.exe windows:6 windows x86 arch:x86

01e6d38c489b0f7592280e79fa04d034

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\work\aceview\bin\Win32\Release\pdb\AceLoader.pdb

Imports

kernel32

GlobalFree
HeapAlloc
LocalFree
GetProcessHeap
GetACP
MultiByteToWideChar
WideCharToMultiByte
GetFileSize
CreateDirectoryW
GetFullPathNameW
RemoveDirectoryW
SetFileAttributesW
GetCurrentDirectoryW
MoveFileExW
GetTempFileNameW
MoveFileW
LockResource
LoadResource
FindResourceW
GlobalAlloc
GetCurrentProcess
FormatMessageW
GetStdHandle
GetEnvironmentVariableW
GetFileType
GetExitCodeProcess
CreateProcessW
GetPrivateProfileStringW
LoadLibraryExW
SystemTimeToFileTime
GetTickCount
LocalAlloc
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
GetFileInformationByHandle
GetCurrentThreadId
HeapFree
GetFileAttributesExW
CreateFileW
FindClose
FindNextFileW
lstrcmpiW
OpenProcess
FindFirstFileW
FreeLibrary
LoadLibraryW
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetVersionExW
GetFileSizeEx
DeleteFileW
SetEndOfFile
SetFilePointer
WriteFile
ReadFile
lstrcatW
lstrlenW
CloseHandle
Sleep
ReleaseMutex
WaitForSingleObject
CreateMutexW
GetDriveTypeW
GetModuleHandleW
GetProcAddress
LoadLibraryA
GetFileAttributesW
GetModuleFileNameW
ExpandEnvironmentStringsW
DeleteCriticalSection
DecodePointer
GetLastError
InitializeCriticalSectionEx
FileTimeToSystemTime
GetSystemDefaultLCID
ConvertFiberToThread
ReadConsoleA
SetConsoleMode
DeleteFiber
WriteConsoleW
GetConsoleOutputCP
FlushFileBuffers
ReadConsoleW
IsBadStringPtrW
GetConsoleMode
SetFilePointerEx
SetStdHandle
FreeEnvironmentStringsW
SetErrorMode
GetLocaleInfoEx
EncodePointer
LCMapStringEx
GetStringTypeW
CompareStringEx
GetCPInfo
GetSystemTimeAsFileTime
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount
SetEnvironmentVariableW
IsDebuggerPresent
OutputDebugStringW
RaiseException
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
InitializeSListHead
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
RtlUnwind
InterlockedPushEntrySList
SetLastError
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
ExitProcess
GetModuleHandleExW
SetConsoleCtrlHandler
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
HeapReAlloc
HeapSize
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW

user32

EnumWindows
GetProcessWindowStation
GetUserObjectInformationW
MessageBoxW
GetActiveWindow
GetClassNameW
SendMessageTimeoutW

Exports

Exports

CheckSigner

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 609KB - Virtual size: 612KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 449KB - Virtual size: 448KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

01e6d38c489b0f7592280e79fa04d034

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 609KB - Virtual size: 612KB

.data Size: 28KB - Virtual size: 48KB

.rsrc Size: 449KB - Virtual size: 448KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 609KB - Virtual size: 612KB

.data
Size: 28KB - Virtual size: 48KB

.rsrc
Size: 449KB - Virtual size: 448KB