377eb9041a975fbf9186e2942a6fa3a0N[.]exe

General

Target

377eb9041a975fbf9186e2942a6fa3a0N.exe
Size

1.3MB
MD5

377eb9041a975fbf9186e2942a6fa3a0
SHA1

c4928abe8dcd095ce3cf2bef95068338d76d6c87
SHA256

7d887061df50179654e51ffd624375ac12502aa645fab16956307a42a800c50d
SHA512

c031f90e73445df09f13b9c6cd488828181bf8896364f91776e588ace5e87e1a6911c72148a5bf06c73d772ccf0a0b4427d45dfbb6a931553df085d8be5ff815
SSDEEP

24576:nDNBioAKJPmLR5neOYXIJa5IUiaowTOOcnLD0C0K:nDNQ1KhMRDYH/pOb0K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
377eb9041a975fbf9186e2942a6fa3a0N.exe

Files

377eb9041a975fbf9186e2942a6fa3a0N.exe
.exe windows:4 windows x86 arch:x86

0208d48d9690d16eb0d601340e3194fb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
FindClose
FindFirstFileA
GetModuleFileNameA
GetModuleHandleA
OutputDebugStringA
GetLastError
FindNextFileA
LeaveCriticalSection
EnterCriticalSection
GetTempPathA
GetVersionExA
GetProcAddress
LockResource
LoadResource
FindResourceA
LoadLibraryExA
SetLastError
VirtualProtect
VirtualFree
VirtualAlloc
MultiByteToWideChar
WideCharToMultiByte
ExitThread
InitializeCriticalSection
FreeLibrary

user32

MessageBoxA

advapi32

GetUserNameA

msvcrt

_controlfp
free
malloc
fprintf
_iob
fclose
strlen
fgets
fopen
sprintf
strcat
strcpy
getenv
memcpy
memcmp
strchr
strstr
localtime
time
_ftol
atol
_pctype
_isctype
__mb_cur_max
atoi
strcmp
fwrite
strncpy
fflush
fputc
fputs
vsprintf
_errno
__p__environ
memset
perror
abort
_setjmp3
_assert
strrchr
wcscmp
_stat
_strdup
_mkdir
_getpid
_chmod
_strnicmp
_putenv
_rmdir
_unlink
_close
_stricmp
__dllonexit
_onexit
_exit
_XcptFilter
exit
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
calloc

Sections

.text
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0208d48d9690d16eb0d601340e3194fb

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

Sections

.text Size: 48KB - Virtual size: 45KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 12KB - Virtual size: 10KB

.rsrc Size: 1.2MB - Virtual size: 1.2MB

.text
Size: 48KB - Virtual size: 45KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 10KB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB