380ba540fdb978fb60e8f9311db6b810N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

380ba540fdb978fb60e8f9311db6b810N.exe
Size

376KB
MD5

380ba540fdb978fb60e8f9311db6b810
SHA1

6973246a396c23c308c79f9c32f2f529f855e786
SHA256

14a34438c0092a31a0ce6c1ea31ad5c438a0db39d6c4de49987d429a9f7674dd
SHA512

c296d5c4b24704e860ea69d460dba495cda38dc8b64d8e9602ed609eb2b92de5d897a533e5e1c08f7a0b32c7c34d1f279cae4094a7ec0775d34aad81d9be045e
SSDEEP

6144:2AU//tkPJrCo65O1ET78jZKwyCaUqoFjcNBrLWawCxzMJNDWc2XXf07IB81U1:2AUiPJEl78tKwyN64PWIYNDWc2XXc7IP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
380ba540fdb978fb60e8f9311db6b810N.exe

Files

380ba540fdb978fb60e8f9311db6b810N.exe
.exe windows:4 windows x64 arch:x64

2660422b44d949cb4611e81a42ac2ad9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegOpenKeyExA
RegQueryValueExA

kernel32

CloseHandle
CreateFileA
CreateProcessA
DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetExitCodeProcess
GetFullPathNameA
GetLastError
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetSystemTimeAsFileTime
GetTempPathA
GetThreadLocale
GetTickCount
GetTimeZoneInformation
GetVersionExA
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
QueryPerformanceCounter
RtlAddFunctionTable
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetHandleInformation
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WaitForSingleObject

msvcrt

_access
_close
_fdopen
_getcwd
_getpid
_open
_putenv
_read
_strdup
_unlink
__C_specific_handler
__dllonexit
__getmainargs
__initenv
__iob_func
__lconv_init
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_cexit
_close
_dup
_errno
_fmode
_fstat64
_get_osfhandle
_initterm
_lock
_onexit
_open
_pipe
_read
_stat64
_stricmp
_unlock
_vsnprintf
abort
atoi
bsearch
calloc
exit
fclose
feof
ferror
fflush
fgetc
fgets
fopen
fprintf
fputc
fputs
fread
free
freopen
fseek
ftell
fwrite
getenv
isalnum
isalpha
iscntrl
islower
isprint
ispunct
isspace
isupper
isxdigit
malloc
memcpy
memmove
memset
printf
putc
putchar
puts
qsort
raise
realloc
remove
setlocale
signal
sprintf
sscanf
strcat
strchr
strcmp
strcpy
strerror
strlen
strncmp
strncpy
strpbrk
strrchr
strstr
strtoul
tolower
vfprintf
vsprintf

user32

CharLowerBuffA

Sections

.text
Size: 161KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 9KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2660422b44d949cb4611e81a42ac2ad9

Headers

File Characteristics

Imports

advapi32

kernel32

msvcrt

user32

Sections

.text Size: 161KB - Virtual size: 161KB

.data Size: 96KB - Virtual size: 95KB

.rdata Size: 102KB - Virtual size: 102KB

.pdata Size: 4KB - Virtual size: 4KB

.xdata Size: 4KB - Virtual size: 4KB

.bss Size: - Virtual size: 9KB

.idata Size: 5KB - Virtual size: 4KB

.CRT Size: 512B - Virtual size: 104B

.tls Size: 512B - Virtual size: 72B

.text
Size: 161KB - Virtual size: 161KB

.data
Size: 96KB - Virtual size: 95KB

.rdata
Size: 102KB - Virtual size: 102KB

.pdata
Size: 4KB - Virtual size: 4KB

.xdata
Size: 4KB - Virtual size: 4KB

.bss
Size: - Virtual size: 9KB

.idata
Size: 5KB - Virtual size: 4KB

.CRT
Size: 512B - Virtual size: 104B

.tls
Size: 512B - Virtual size: 72B