66d497968ca0bcfda4ad249fe5295560N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

66d497968ca0bcfda4ad249fe5295560N.exe
Size

27KB
MD5

66d497968ca0bcfda4ad249fe5295560
SHA1

5604c22fd028efedc7240943f6a26f9920bbaf78
SHA256

d7b6b03bf30688f8b8795ef29c483670591da6bd143305a5d53fae61a4c5447c
SHA512

acd5c261873de36ae43cea31b2b9763ca23e6420620731cab73d36ad1019cc5b4dff9c659970671a0f047ee836cc0ebd16f4b972349087af127f357c8e2590b8
SSDEEP

384:2Xbeucn0fq35F6yeawT5lZQAT2WGM6heWRzMUPjGv:PNreay5lZQO23jCv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
66d497968ca0bcfda4ad249fe5295560N.exe

Files

66d497968ca0bcfda4ad249fe5295560N.exe
.dll windows:4 windows x86 arch:x86

e0a43a0af0c2b7aca5382bee386c9e94

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetLastError
GetModuleHandleA
GetProcAddress
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
TlsGetValue
VirtualProtect
VirtualQuery

libmingwex-4

__mingw_free

msvcrt

__dllonexit
_errno
_iob
abort
calloc
fflush
fwrite
malloc
vfprintf

agena

agnL_optboolean
agn_createtable
agn_isinteger
agn_poptop
agn_rawsetfield
agn_setinumber
agn_setreadlibbed
agn_setutypestring
agn_tointeger
luaL_checkany
luaL_checkudata
luaL_error
luaL_isudata
luaL_newmetatable
luaL_ref
luaL_register
luaL_unref
lua_call
lua_createtable
lua_equal
lua_getfield
lua_gettop
lua_lessthan
lua_newuserdata
lua_objlen
lua_pushboolean
lua_pushfstring
lua_pushinteger
lua_pushnil
lua_pushnumber
lua_pushstring
lua_pushvalue
lua_rawgeti
lua_rawseti
lua_remove
lua_setmetatabletoobject
lua_settop
lua_topointer
lua_touserdata
lua_type
lua_typename

Exports

Exports

luaopen_heaps

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 100B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 74B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 604B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e0a43a0af0c2b7aca5382bee386c9e94

Headers

File Characteristics

Imports

kernel32

libmingwex-4

msvcrt

agena

Exports

Exports

Sections

.text Size: 13KB - Virtual size: 13KB

.data Size: 512B - Virtual size: 8B

.rdata Size: 2KB - Virtual size: 1KB

/4 Size: 3KB - Virtual size: 2KB

.bss Size: - Virtual size: 100B

.edata Size: 512B - Virtual size: 74B

.idata Size: 2KB - Virtual size: 1KB

.CRT Size: 512B - Virtual size: 24B

.tls Size: 512B - Virtual size: 32B

.reloc Size: 1024B - Virtual size: 604B

.text
Size: 13KB - Virtual size: 13KB

.data
Size: 512B - Virtual size: 8B

.rdata
Size: 2KB - Virtual size: 1KB

/4
Size: 3KB - Virtual size: 2KB

.bss
Size: - Virtual size: 100B

.edata
Size: 512B - Virtual size: 74B

.idata
Size: 2KB - Virtual size: 1KB

.CRT
Size: 512B - Virtual size: 24B

.tls
Size: 512B - Virtual size: 32B

.reloc
Size: 1024B - Virtual size: 604B