unbranded[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

unbranded.exe
Size

43.0MB
MD5

292d7599721809df55d794067b069e21
SHA1

218c6e4a91cdd1894b4cb12fdad028a312f84367
SHA256

39f631d14f7eda098f11a8fc8e19e490514fb3d8c76f9541c9406d0427431d67
SHA512

2612fadd960b0b65f9464877fda7f0942bb3b9ec246efcea0bb80f112328d3272d439621a524702ad28818a6b07be9e57c0edce772921b73c5ac639b23201de1
SSDEEP

786432:jJmC/YZQpmme7kkJ1NpwXrJPVZ0GLoUfyp/1cxdzmTmxlJ/KD4:8C/YeQXP6rPeGEUA/1My4lJ/c4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unbranded.exe

Files

unbranded.exe
.exe windows:6 windows x64 arch:x64

af22c1b81aa35b7737c0e83bef981b37

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

setupapi

SetupDiDestroyDeviceInfoList

kernel32

Process32Next

user32

PostMessageA

advapi32

CryptDestroyHash

shell32

SHGetFolderPathA

msvcp140

?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ

normaliz

IdnToAscii

wldap32

ord200

crypt32

CertCreateCertificateChainEngine

ws2_32

gethostbyname

shlwapi

SHDeleteKeyW

rpcrt4

UuidToStringA

ntdll

RtlLookupFunctionEntry

mpr

WNetGetProviderNameA

vcruntime140

__C_specific_handler

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf

api-ms-win-crt-string-l1-1-0

isupper

api-ms-win-crt-runtime-l1-1-0

exit

api-ms-win-crt-heap-l1-1-0

malloc

api-ms-win-crt-convert-l1-1-0

strtoll

api-ms-win-crt-locale-l1-1-0

___lc_codepage_func

api-ms-win-crt-math-l1-1-0

_dclass

api-ms-win-crt-time-l1-1-0

_gmtime64

api-ms-win-crt-filesystem-l1-1-0

_access

api-ms-win-crt-utility-l1-1-0

srand

Sections

.text
Size: - Virtual size: 597KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.G=T
Size: - Virtual size: 31.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.SXt
Size: 512B - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.D0e
Size: 43.0MB - Virtual size: 43.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

af22c1b81aa35b7737c0e83bef981b37

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

kernel32

user32

advapi32

shell32

msvcp140

normaliz

wldap32

crypt32

ws2_32

shlwapi

rpcrt4

ntdll

mpr

vcruntime140

vcruntime140_1

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-utility-l1-1-0

Sections

.text Size: - Virtual size: 597KB

.rdata Size: - Virtual size: 126KB

.data Size: - Virtual size: 34KB

.pdata Size: - Virtual size: 22KB

.G=T Size: - Virtual size: 31.2MB

.SXt Size: 512B - Virtual size: 472B

.D0e Size: 43.0MB - Virtual size: 43.0MB

.rsrc Size: 512B - Virtual size: 480B

.text
Size: - Virtual size: 597KB

.rdata
Size: - Virtual size: 126KB

.data
Size: - Virtual size: 34KB

.pdata
Size: - Virtual size: 22KB

.G=T
Size: - Virtual size: 31.2MB

.SXt
Size: 512B - Virtual size: 472B

.D0e
Size: 43.0MB - Virtual size: 43.0MB

.rsrc
Size: 512B - Virtual size: 480B