2bb3fc5fa1c391258fe852f76d82e450N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

2bb3fc5fa1c391258fe852f76d82e450N.exe
Size

107KB
MD5

2bb3fc5fa1c391258fe852f76d82e450
SHA1

7cb1c2cc347e03231ba2eb7d26786dbf94a24f38
SHA256

35b135ce8cfef8b83174bd25d1e7ee9ed826ff7fa01d98b7e5c060f76a86fc55
SHA512

ced6d8b90d30130882feab927c3877fb37da92a35d62c0f5eec504c224f6baac363dd42a42cf41bcf7a31263aa559e72119f65893eeb7aab767e764e6b86b3d4
SSDEEP

768:IxSmDmD1742hD7aHNoDcF97EGEe98dKmiGZr6VO3/C0m:kmZ74aD7Ux98k+6VO3q0m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2bb3fc5fa1c391258fe852f76d82e450N.exe

Files

2bb3fc5fa1c391258fe852f76d82e450N.exe
.dll windows:4 windows x64 arch:x64

7d3c6335a48fe85020fa1fbb76c37b03

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

combase

WindowsCreateString
WindowsGetStringRawBuffer

kernel32

DisableThreadLibraryCalls
GetModuleHandleW
GetProcAddress
GetTickCount
HeapAlloc
HeapReAlloc
IsBadStringPtrW
QueryPerformanceCounter
QueryPerformanceFrequency

ntdll

_vsnprintf

ucrtbase

__acrt_iob_func
__stdio_common_vsprintf
__stdio_common_vswprintf
_strdup
free
fwrite
getenv
memcmp
memmove
strchr
strcmp
strcspn
strlen
wcscmp
wcslen

Exports

Exports

DllCanUnloadNow
DllGetActivationFactory
DllGetClassObject

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 624B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 4KB - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 4KB - Virtual size: 552B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 4KB - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 4KB - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7d3c6335a48fe85020fa1fbb76c37b03

Headers

DLL Characteristics

File Characteristics

Imports

combase

kernel32

ntdll

ucrtbase

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 624B

.rodata Size: 4KB - Virtual size: 20B

.rdata Size: 8KB - Virtual size: 6KB

.pdata Size: 4KB - Virtual size: 552B

.xdata Size: 4KB - Virtual size: 572B

.edata Size: 4KB - Virtual size: 160B

.idata Size: 4KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 872B

.reloc Size: 4KB - Virtual size: 72B

.text
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 624B

.rodata
Size: 4KB - Virtual size: 20B

.rdata
Size: 8KB - Virtual size: 6KB

.pdata
Size: 4KB - Virtual size: 552B

.xdata
Size: 4KB - Virtual size: 572B

.edata
Size: 4KB - Virtual size: 160B

.idata
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 872B

.reloc
Size: 4KB - Virtual size: 72B