161652951804658a3b1bb8caa8b0f070N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

161652951804658a3b1bb8caa8b0f070N.exe
Size

145KB
MD5

161652951804658a3b1bb8caa8b0f070
SHA1

27cba90cbb38bb61c799eaa889fc758a4783a482
SHA256

d75e789e6062eca3a340ff8971c268be6b5625dd6c2bdccf3eccead6c9ee9414
SHA512

0aae1a23d4bee921f8ec85d396307ec53795cab93e90bdd832402b45511699ea95e109cccde9f55714b2142464f5d79f860d2ee905b7d18504b036da4bd3ab1f
SSDEEP

3072:iQdLAdq8JdnoeMfGRYOcy3rmq2B2luFQJrSyHpZOKEmFzlR/iMezILF4R72nCuF:iSAM8JVz6OcSmqqs4WpZOPAlUdm4Rdw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
161652951804658a3b1bb8caa8b0f070N.exe

Files

161652951804658a3b1bb8caa8b0f070N.exe
.dll windows:4 windows x64 arch:x64

dd1ccf424d97278151a6dd0899cd56ea

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenW
lstrcpyW
Sleep
FreeLibrary
GetProcAddress
GetLastError
LoadLibraryW
lstrcatW
LocalFree
LocalAlloc
GetSystemTimeAsFileTime
MultiByteToWideChar
WideCharToMultiByte
GetCurrentThreadId
FlsSetValue
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
RtlUnwindEx
RaiseException
RtlPcToFileHeader
CloseHandle
EnterCriticalSection
LeaveCriticalSection
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
WriteFile
GetConsoleCP
GetConsoleMode
GetModuleHandleA
ExitProcess
FlsGetValue
TlsFree
FlsFree
SetLastError
TlsSetValue
FlsAlloc
HeapSetInformation
HeapCreate
HeapDestroy
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
SetStdHandle
FlushFileBuffers
InitializeCriticalSection
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LoadLibraryA
HeapReAlloc
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
CreateFileA

Exports

Exports

SendMessageToCustomAsyncUI

Sections

.text
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dd1ccf424d97278151a6dd0899cd56ea

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 77KB - Virtual size: 76KB

.rdata Size: 23KB - Virtual size: 22KB

.data Size: 7KB - Virtual size: 15KB

.pdata Size: 5KB - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 904B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 77KB - Virtual size: 76KB

.rdata
Size: 23KB - Virtual size: 22KB

.data
Size: 7KB - Virtual size: 15KB

.pdata
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 904B

.reloc
Size: 1KB - Virtual size: 1KB