05ec4eeb8ff0c7ae5bd2f48f946fab20N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

05ec4eeb8ff0c7ae5bd2f48f946fab20N.exe
Size

136KB
MD5

05ec4eeb8ff0c7ae5bd2f48f946fab20
SHA1

e6a2dfc8de53cb0c958ad1df53f596930dc2383e
SHA256

b9dab16a6457b241c8e4db8418501c600c1c08211640867efe60efd8573b6bf9
SHA512

28216c5d3b40d6aa64b6fd510f13bc83b46264e92ddee22087cf41eb397c0408b332d30a234278237434e4e34068618fc72c1c0bdba1b660b7e7bf50a35b8f45
SSDEEP

1536:/HPSy6AaVg897f6qA9BZ1kUsJpat5Kt5POmMFCvJgZP1aMc:3r6Aaegf0l1kUGpatIt9OmEPgMc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05ec4eeb8ff0c7ae5bd2f48f946fab20N.exe

Files

05ec4eeb8ff0c7ae5bd2f48f946fab20N.exe
.exe windows:5 windows x86 arch:x86

0dfce8c1df0dde0e9dca76750b0fd132

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\WLJ\12\Debug\12.pdb

Imports

mfc90d

ord5166
ord1903
ord3243
ord7547
ord6335
ord9296
ord7377
ord2699
ord7492
ord6404
ord2035
ord5950
ord2335
ord2338
ord8715
ord4634
ord2251
ord2252
ord2408
ord2409
ord2861
ord6773
ord7160
ord6986
ord6365
ord7523
ord750
ord2847
ord5458
ord5259
ord420
ord6426
ord6665
ord8956
ord8766
ord5978
ord8686
ord4162
ord4613
ord6378
ord2723
ord6990
ord7119
ord6419
ord8021
ord4133
ord7919
ord1992
ord8132
ord7497
ord2892
ord2857
ord9253
ord3947
ord3938
ord6759
ord761
ord6954
ord6018
ord1779
ord3038
ord5495
ord6655
ord6654
ord5402
ord685
ord6435
ord1970
ord5042
ord7558
ord7491
ord2036
ord8718
ord4636
ord6011
ord7128
ord7131
ord6551
ord6972
ord6553
ord6572
ord6574
ord6558
ord7033
ord6785
ord6331
ord6322
ord7272
ord7047
ord6619
ord924
ord7515
ord1406
ord2885
ord1859
ord3137
ord1405
ord5961
ord775
ord2114
ord9309
ord438
ord270
ord6226
ord7751
ord269
ord4405
ord5461
ord5275
ord909
ord784
ord677
ord666
ord452
ord6427
ord4469
ord8666
ord6440
ord1902
ord3242
ord7549
ord7488
ord5949
ord2259
ord6093
ord3580
ord3581
ord4536
ord7785
ord1236
ord8673
ord4474
ord8671
ord4473
ord7174
ord4482
ord6274
ord6478
ord7304
ord7301
ord3939
ord2705
ord3333
ord7190
ord6747
ord918
ord2841
ord3203
ord3202
ord8588
ord6127
ord6467
ord7506
ord1786
ord3051
ord6445
ord2306
ord8803
ord7598
ord7596
ord1215
ord1220
ord1224
ord1222
ord1226
ord3544
ord3564
ord3548
ord3554
ord3552
ord3550
ord3567
ord3562
ord3546
ord3569
ord3557
ord3539
ord3541
ord3559
ord3254
ord3241
ord2210
ord9300
ord5704
ord9298
ord5043
ord7256
ord8667
ord4470
ord1971
ord7516
ord2780
ord2383
ord2382
ord2305
ord7544
ord4329
ord6669
ord6424
ord3031
ord1772
ord4873
ord406
ord5744
ord1566
ord1559
ord1452
ord8837
ord6117
ord938
ord657
ord1265
ord367
ord7441
ord7581
ord727
ord9042
ord9277
ord948
ord926
ord946
ord931
ord6124
ord6081
ord9299
ord5703
ord9297
ord6495
ord2904
ord2859
ord8123
ord5712
ord1386
ord7419
ord9228
ord7822
ord5746
ord2714
ord4451
ord7580
ord7582
ord3335
ord5954
ord6761
ord7592
ord7557
ord8106
ord3791
ord4105
ord4301
ord6476
ord4082
ord4304
ord3794
ord3981
ord3783
ord5563
ord5564
ord5554
ord3979
ord5957
ord6664
ord6423
ord3138
ord1860
ord8241
ord5026
ord687
ord6649
ord6656
ord6652
ord5496
ord5454
ord6556
ord939
ord1666
ord1502

msvcr90d

_errno
_snprintf_s
_adjust_fdiv
__p__commode
_CxxThrowException
_CrtDbgReport
free
strcpy
wcscpy
memset
_vsnwprintf_s
__CxxFrameHandler3
_snwprintf_s
wcscpy_s
wcsncpy_s
strcpy_s
calloc
_recalloc
memcmp
_wcsicmp
memmove_s
wcslen
_setmbcp
__setusermatherr
_configthreadlocale
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
_CRT_RTC_INITW
strlen
_vsnprintf_s
_invoke_watson
_controlfp_s
_except_handler4_common
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
_initterm_e
_initterm
_CrtDbgReportW
_CrtSetCheckCount
_acmdln
_ismbblead
exit
_cexit
_XcptFilter
_exit
__getmainargs
_amsg_exit
__set_app_type
__p__fmode

kernel32

InterlockedCompareExchange
GetStartupInfoA
IsDebuggerPresent
RaiseException
DebugBreak
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
GetProcAddress
InterlockedDecrement
InterlockedIncrement
OpenFileMappingA
GetCurrentThread
CreateFileMappingA
MapViewOfFile
GetSystemInfo
UnmapViewOfFile
VirtualAlloc
GetLastError
OutputDebugStringW
Sleep
OpenEventA
SetEvent
CloseHandle
MulDiv
LoadLibraryA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapFree
GetProcessHeap
GetModuleFileNameW
InterlockedExchange
VirtualQuery
FreeLibrary
OutputDebugStringA
HeapAlloc

comctl32

InitCommonControlsEx

oleaut32

SysFreeString

user32

CopyRect
IsRectEmpty
PtInRect
SetRect
SetRectEmpty
EqualRect
InflateRect
OffsetRect
IntersectRect
UnionRect
SubtractRect

advapi32

RevertToSelf
SetThreadToken
OpenThreadToken

Sections

.textbss
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0dfce8c1df0dde0e9dca76750b0fd132

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mfc90d

msvcr90d

kernel32

comctl32

oleaut32

user32

advapi32

Sections

.textbss Size: - Virtual size: 64KB

.text Size: 68KB - Virtual size: 68KB

.rdata Size: 18KB - Virtual size: 17KB

.data Size: 1024B - Virtual size: 2KB

.idata Size: 7KB - Virtual size: 6KB

.rsrc Size: 36KB - Virtual size: 35KB

.reloc Size: 4KB - Virtual size: 4KB

.textbss
Size: - Virtual size: 64KB

.text
Size: 68KB - Virtual size: 68KB

.rdata
Size: 18KB - Virtual size: 17KB

.data
Size: 1024B - Virtual size: 2KB

.idata
Size: 7KB - Virtual size: 6KB

.rsrc
Size: 36KB - Virtual size: 35KB

.reloc
Size: 4KB - Virtual size: 4KB