848b07b495ca7d36a354f4d2521fe37b093490a3e58000c96e37eaae554363bb

Sharing

Copy URL Twitter E-mail

General

Target

848b07b495ca7d36a354f4d2521fe37b093490a3e58000c96e37eaae554363bb
Size

136KB
MD5

667d66850790b70ff06fa0da0dd566e8
SHA1

b5869c7031171e677e87c1dde12ffb8df1dda295
SHA256

848b07b495ca7d36a354f4d2521fe37b093490a3e58000c96e37eaae554363bb
SHA512

1777fc8e2c72590202bd735e6039f0dcdabda8b828b340fc14dd84371be773568268f50faf514ce8621cd6af4220d43ddfc2c892a6111690dfeffdc4995c348c
SSDEEP

1536:MX/9WwkuCcM6r66SHD385+men98FKI5qq/T5PhRn/+oyVZjUYcjdrwp4ACn5jhrj:cr5sI5+me98FfYa5RnWoyfjaj1Lhele

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
848b07b495ca7d36a354f4d2521fe37b093490a3e58000c96e37eaae554363bb

Files

848b07b495ca7d36a354f4d2521fe37b093490a3e58000c96e37eaae554363bb
.exe windows:4 windows x86 arch:x86

6b23540ad293d5de6344f8d7ab294d27

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Project\tfs\CDチーム\Erbium\3.7.0\ENMM\Release_Unicode\ENMM.pdb

Imports

mpr

WNetOpenEnumW
WNetAddConnection2W
WNetCloseEnum
WNetEnumResourceW

kernel32

SetHandleCount
FlushFileBuffers
CloseHandle
CreateFileA
LocalFree
FindFirstFileW
FindClose
GetCommandLineW
GetDriveTypeW
GetProcAddress
GetModuleHandleA
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetLastError
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
GetFileType
DeleteCriticalSection
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetFilePointer
GetConsoleCP
GetConsoleMode
EnterCriticalSection
LeaveCriticalSection
Sleep
MultiByteToWideChar
VirtualAlloc
HeapReAlloc
RaiseException
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
LoadLibraryA
InitializeCriticalSection
RtlUnwind
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
HeapSize

shell32

CommandLineToArgvW

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6b23540ad293d5de6344f8d7ab294d27

Headers

File Characteristics

PDB Paths

Imports

mpr

kernel32

shell32

Sections

.text Size: 44KB - Virtual size: 43KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 72KB - Virtual size: 72KB

.text
Size: 44KB - Virtual size: 43KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 72KB - Virtual size: 72KB