2a845312c21ca91e24cbff67a9a06440N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

2a845312c21ca91e24cbff67a9a06440N.exe
Size

7.2MB
MD5

2a845312c21ca91e24cbff67a9a06440
SHA1

16ddebe91f3f7345a9a1ea7184ec441a0fbcfd45
SHA256

fe5df3e06d48a729bf6b1c1d4aac19c5d814b6f6fc661fa66828782d6fad1c93
SHA512

fde33fce29c0e0b9664ee69ea50b58936daf286130d74257e8ea83006d78cf9e4a503d331ee9bc2be325f92a6fe4f71a9dd3f0b5cc86a3c2bd6bb6dedcd95731
SSDEEP

49152:MuhwJXoksnridfem6Y9hvaNdI7+p+LmVB0ELvK4Efc4MtLDBfQwLpbID9OPwgg0C:MeGonfI7+p+Lmr0ELi4E1wLD2x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a845312c21ca91e24cbff67a9a06440N.exe

Files

2a845312c21ca91e24cbff67a9a06440N.exe
.exe windows:4 windows x86 arch:x86

618184ba15a7bfdd3b31c115885e42ef

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

ws2_32

WSAGetOverlappedResult

advapi32

CryptAcquireContextW
CryptGenRandom
CryptReleaseContext

ntdll

NtWaitForSingleObject

kernel32

VirtualAlloc
VirtualFree
CreateIoCompletionPort
GetQueuedCompletionStatus
AddVectoredExceptionHandler
CloseHandle
CreateEventA
CreateThread
CreateWaitableTimerA
DuplicateHandle
ExitProcess
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetProcAddress
GetStdHandle
GetSystemInfo
GetSystemTimeAsFileTime
GetThreadContext
LoadLibraryW
LoadLibraryA
ResumeThread
SetConsoleCtrlHandler
SetEvent
SetProcessPriorityBoost
SetThreadPriority
SetWaitableTimer
SuspendThread
WaitForSingleObject
WriteFile

winmm

timeBeginPeriod

Sections

.text
Size: 4.8MB - Virtual size: 4.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 101KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/4
Size: 512B - Virtual size: 211B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/18
Size: 227KB - Virtual size: 227KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/30
Size: 218KB - Virtual size: 218KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/43
Size: 968KB - Virtual size: 967KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/55
Size: 314KB - Virtual size: 313KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/71
Size: 131KB - Virtual size: 131KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/87
Size: 512B - Virtual size: 28B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/102
Size: 512B - Virtual size: 66B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.symtab
Size: 450KB - Virtual size: 449KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

618184ba15a7bfdd3b31c115885e42ef

Headers

File Characteristics

Imports

ws2_32

advapi32

ntdll

kernel32

winmm

Sections

.text Size: 4.8MB - Virtual size: 4.8MB

.data Size: 101KB - Virtual size: 187KB

/4 Size: 512B - Virtual size: 211B

/18 Size: 227KB - Virtual size: 227KB

/30 Size: 218KB - Virtual size: 218KB

/43 Size: 968KB - Virtual size: 967KB

/55 Size: 314KB - Virtual size: 313KB

/71 Size: 131KB - Virtual size: 131KB

/87 Size: 512B - Virtual size: 28B

/102 Size: 512B - Virtual size: 66B

.idata Size: 1KB - Virtual size: 1KB

.symtab Size: 450KB - Virtual size: 449KB

.text
Size: 4.8MB - Virtual size: 4.8MB

.data
Size: 101KB - Virtual size: 187KB

/4
Size: 512B - Virtual size: 211B

/18
Size: 227KB - Virtual size: 227KB

/30
Size: 218KB - Virtual size: 218KB

/43
Size: 968KB - Virtual size: 967KB

/55
Size: 314KB - Virtual size: 313KB

/71
Size: 131KB - Virtual size: 131KB

/87
Size: 512B - Virtual size: 28B

/102
Size: 512B - Virtual size: 66B

.idata
Size: 1KB - Virtual size: 1KB

.symtab
Size: 450KB - Virtual size: 449KB