Napse[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Napse.exe
Size

68.8MB
MD5

60d3509e448b03a5de760e7c2d8759aa
SHA1

df51bf01fbce94b7c67091f6cac64f420d7a7e18
SHA256

b2c8ea6aa9132983ab95d05cccd5d0750167c91323068d5f1880df4990ce9cc3
SHA512

2c9510cecc15e446750a2f34c80f44fe883f7e535015e0a49d39e545dc81e0f3608191ba1d5925d2738396bfcef1c894c72d9407199fa4f159e8f5d8063d0b31
SSDEEP

1572864:a0JU90mpEfMwgmSPZUZ2eqf7p8zhqVxXQ6+qPkrnkZu:a0iGmWfMbjjdizh4njkrkZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Napse.exe

Files

Napse.exe
.exe windows:6 windows x64 arch:x64

a8369a581a563d51e3a921c67aa46d87

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

shell32

SHFileOperationW

kernel32

SetLastError
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

Sections

.text
Size: - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.^4J
Size: - Virtual size: 20.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vlizer
Size: - Virtual size: 12.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.1u|
Size: - Virtual size: 35.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.;>%
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.WXZ
Size: 68.8MB - Virtual size: 68.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a8369a581a563d51e3a921c67aa46d87

Headers

DLL Characteristics

File Characteristics

Imports

shell32

kernel32

Sections

.text Size: - Virtual size: 122KB

.rdata Size: - Virtual size: 50KB

.data Size: - Virtual size: 75KB

.pdata Size: - Virtual size: 5KB

_RDATA Size: - Virtual size: 348B

.^4J Size: - Virtual size: 20.8MB

.reloc Size: - Virtual size: 1KB

.vlizer Size: - Virtual size: 12.3MB

.1u| Size: - Virtual size: 35.4MB

.;>% Size: 2KB - Virtual size: 2KB

.WXZ Size: 68.8MB - Virtual size: 68.8MB

.rsrc Size: 40KB - Virtual size: 39KB

.text
Size: - Virtual size: 122KB

.rdata
Size: - Virtual size: 50KB

.data
Size: - Virtual size: 75KB

.pdata
Size: - Virtual size: 5KB

_RDATA
Size: - Virtual size: 348B

.^4J
Size: - Virtual size: 20.8MB

.reloc
Size: - Virtual size: 1KB

.vlizer
Size: - Virtual size: 12.3MB

.1u|
Size: - Virtual size: 35.4MB

.;>%
Size: 2KB - Virtual size: 2KB

.WXZ
Size: 68.8MB - Virtual size: 68.8MB

.rsrc
Size: 40KB - Virtual size: 39KB