hack[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

hack.exe
Size

111KB
MD5

9b24231f3a3cb0a54f380d13a77c8ee4
SHA1

5b2eb040bca5ffb24f8362af5b8b939e3c3386b8
SHA256

41977839d00a8aea016b5bdbca4bba9b3f7dcad79f6b91d9362a1dcd34bfea4a
SHA512

f2f1e2fcbc4374481eb21fdec363ae42a3eb808a310b17ba442b8b6b35dae83769ca8193db87ecfc714f67801761e946f17f64a33afb4f8e98f1df1f30510f33
SSDEEP

1536:mEjFMsfdLzNTTZz7WdHGHGhAUPwgYaIJsu0L+GcoLBc0cu3ssWjcdNLV5OG8W:8qdvNHZO9GmhA2FL+ELC0cujJV5OG8W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
hack.exe

Files

hack.exe
.exe windows:5 windows x86 arch:x86

52535f17746b19032ead71557eb8b21c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

RtlCreateUserThread
NtOpenProcess
RtlAdjustPrivilege
NtClose
NtWaitForSingleObject
NtWriteVirtualMemory
RtlUnwind

kernel32

SetFilePointerEx
CreateFileW
GetStringTypeW
OutputDebugStringW
ReadConsoleW
FlushFileBuffers
WriteConsoleW
CreateFileA
SystemTimeToFileTime
Process32First
SetFileTime
VirtualFreeEx
Sleep
GetFileAttributesA
MultiByteToWideChar
GetProcAddress
VirtualAllocEx
Process32Next
GetExitCodeThread
GetModuleFileNameA
GetModuleHandleA
CreateToolhelp32Snapshot
GetFileTime
CloseHandle
GetSystemTime
SetStdHandle
EncodePointer
DecodePointer
GetSystemTimeAsFileTime
GetCommandLineA
RaiseException
IsDebuggerPresent
IsProcessorFeaturePresent
GetLastError
ExitProcess
GetModuleHandleExW
AreFileApisANSI
WideCharToMultiByte
HeapSize
EnterCriticalSection
LeaveCriticalSection
SetLastError
GetCurrentThreadId
HeapFree
WriteFile
GetConsoleCP
GetConsoleMode
ReadFile
SetEndOfFile
HeapAlloc
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameW
QueryPerformanceCounter
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
LoadLibraryExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
HeapReAlloc
LCMapStringW

Sections

.text
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

52535f17746b19032ead71557eb8b21c

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

kernel32

Sections

.text Size: 73KB - Virtual size: 72KB

.rdata Size: 26KB - Virtual size: 26KB

.data Size: 5KB - Virtual size: 12KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 73KB - Virtual size: 72KB

.rdata
Size: 26KB - Virtual size: 26KB

.data
Size: 5KB - Virtual size: 12KB

.reloc
Size: 5KB - Virtual size: 4KB