4484b71e9e492f0be30264a6206f5630N[.]exe

General

Target

4484b71e9e492f0be30264a6206f5630N.exe
Size

15KB
MD5

4484b71e9e492f0be30264a6206f5630
SHA1

b78699dacfd7cac3d98823b7b1338c0534d17775
SHA256

a608177a444fda907aaa36b0d66df33d4f6a1ceb1e947e72c6e72d42b9403423
SHA512

55347ab439c04f206cc0dd79092cd5180dfe72fb0a092721b71c67791520846c19cfaf037ac9951f71cadee8bbf8629261c2f288ca78a2e3951ae42e8665a372
SSDEEP

192:9Knw9YufO3rLlZBly8Z6FXRwwl/5XsNdW/T3XBB1:Mnw6ufO3lZPy8eRJQW/T3X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4484b71e9e492f0be30264a6206f5630N.exe

Files

4484b71e9e492f0be30264a6206f5630N.exe
.dll windows:6 windows x86 arch:x86

a9eb30aa9e137af5ae95c905507a83bc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

S:\wtf\_x86\service.terminal\dev.text.vga.dll:pdb

Imports

system

??1Object@@MAE@XZ
?selfTest@Object@@UAE_NV?$Ref@VStream@Interfaces@@@@@Z
?dump@Object@@UAEXV?$Ref@VStream@Interfaces@@@@@Z
?_selfTest@Object@@UAE_NV?$Ref@VStream@Interfaces@@@@@Z
?_dump@Object@@UAEXV?$Ref@VStream@Interfaces@@@@@Z
?gcproxy@Object@@UAEPAVGcProxy@@XZ
?obj@Object@@UAE?AV?$Ref@VObject@@@@XZ
?counterRef@Object@@UAEIXZ
?unlockRef@Object@@UAEXXZ
?lockRef@Object@@UAEXXZ
?decRef@Object@@UAEXXZ
?incRef@Object@@UAEXXZ
??0Object@@QAE@XZ
?unres@IOPort@@SAXG@Z
?res@IOPort@@SA_NG_N@Z
?out8@IOPort@@SAXGE@Z
?copy@Mem@@SAXPBXPAXI@Z
?map@VMem@@SAPAXII_N@Z
?free@VMem@@SAXPAX@Z
?out16@IOPort@@SAXGG@Z
?free@Heap@@SAXPAXI0I@Z
?alloc@Heap@@SAPAXIIPAX@Z
??_7type_info@@6B@
?lock@InitCode@@SAXXZ
?unlock@InitCode@@SAXXZ

Exports

Exports

?create@VGAText@@SA?AV?$Ref@VTextTerminal@@@@XZ

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a9eb30aa9e137af5ae95c905507a83bc

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

system

Exports

Exports

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 6KB - Virtual size: 6KB

.rsrc Size: 1024B - Virtual size: 920B

.reloc Size: 512B - Virtual size: 488B

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 1024B - Virtual size: 920B

.reloc
Size: 512B - Virtual size: 488B