NbHVTSn8[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NbHVTSn8.exe
Size

24.7MB
MD5

d29d804be0843fc9d05dc5d1d92cec90
SHA1

626fb5220c20da17058b50dc8ced859b4610abb8
SHA256

8b6def47ad5f6624b24386de57fe1cc5ff7fb96698977432609c4be4051a16c5
SHA512

4c9e976bf101c0b3ae02c35279888c1fd4dcb210da9c346b0c619af751db6cce5bfd5298ac17fb4816a05582cdde77ca75f1cf2963f52453db164fdbc78c26e3
SSDEEP

393216:QfCeFC5Nic5ASoo8L8RtXqAvK004aWq8Z86P6/Qyye/J2kRnY0ny3rjN3MsN:QKeFwa/o84JC00uO6sjXnY0ny3rjN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NbHVTSn8.exe

Files

NbHVTSn8.exe
.exe windows:6 windows x64 arch:x64

bf3db5a66a36a40929b205cc6b0bed6b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetProcAddress

user32

SetDlgItemTextA

gdi32

CreateCompatibleBitmap

advapi32

RegSetKeyValueW

shell32

SHGetFolderPathW

ole32

CoInitializeSecurity

oleaut32

VariantInit

shlwapi

PathFileExistsW

gdiplus

GdipDisposeImage

ntdll

RtlInitUnicodeString

ws2_32

closesocket

comctl32

ImageList_Create

uxtheme

SetWindowTheme

Sections

.text
Size: - Virtual size: 603KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: - Virtual size: 16.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 264B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 24.7MB - Virtual size: 24.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 741B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bf3db5a66a36a40929b205cc6b0bed6b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

gdiplus

ntdll

ws2_32

comctl32

uxtheme

Sections

.text Size: - Virtual size: 603KB

.rdata Size: - Virtual size: 157KB

.data Size: - Virtual size: 30KB

.pdata Size: - Virtual size: 23KB

_RDATA Size: - Virtual size: 244B

Size: - Virtual size: 16.8MB

Size: 512B - Virtual size: 264B

Size: 24.7MB - Virtual size: 24.7MB

.rsrc Size: 1024B - Virtual size: 741B

.reloc Size: 512B - Virtual size: 244B

.text
Size: - Virtual size: 603KB

.rdata
Size: - Virtual size: 157KB

.data
Size: - Virtual size: 30KB

.pdata
Size: - Virtual size: 23KB

_RDATA
Size: - Virtual size: 244B

.rsrc
Size: 1024B - Virtual size: 741B

.reloc
Size: 512B - Virtual size: 244B