4af66562672f87b7dfb6abb80dc421e0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

4af66562672f87b7dfb6abb80dc421e0N.exe
Size

37KB
MD5

4af66562672f87b7dfb6abb80dc421e0
SHA1

32756129836de020b3f34aa377051a119111bcb6
SHA256

1d6195625ac326f42fed0ef2947b7ebee00f4116c9243b9deb9ef1ed7dac77d1
SHA512

0588913170f32a837123dd938a645907c06aef531a32dda23ab7c2462bd0b61257dc3f5ea35a8e3e4b695d809d8aeee25a832c728db1248e707e1b1d0d60b793
SSDEEP

768:KcgpMOzNz1NTjFCo8b/dtgQ8UWhliQkJAoUc7ZAOhR:kNTjFT8b/dqqQnoXlThR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4af66562672f87b7dfb6abb80dc421e0N.exe

Files

4af66562672f87b7dfb6abb80dc421e0N.exe
.dll windows:4 windows x86 arch:x86

c13ec06efcb766a4bab86523ac8fa33c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCommandLineA
CloseHandle
GetExitCodeThread
ExitThread
HeapFree
HeapAlloc
RtlUnwind
FlushFileBuffers
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
SetStdHandle
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
InterlockedIncrement
InterlockedDecrement
SetFilePointer
HeapReAlloc
VirtualAlloc
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
WriteFile
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
DeleteCriticalSection
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetLastError
TlsGetValue
SetLastError
TlsFree
TlsAlloc
CreateThread
GetVersion
TlsSetValue
GetCurrentProcess
ExitProcess
TerminateProcess
GetCurrentThreadId

aipsys

?HIDRead@HIDDEVICE@@QAEHGGPADG@Z
?HIDGetFeature@HIDDEVICE@@QAEHGGPADG@Z
?HIDClose@HIDDEVICE@@QAEXXZ
?clTrace@DEVICE@@QBEXKKPBEKH@Z
?HIDCreateDevice@HIDDEVICE@@QAEHGGPBD@Z
?Init@PDEV@@UAEHXZ
?ProcessInput@PDEV@@UAEXPBEH@Z
?ProcessError@PDEV@@UAEXPBEH@Z
?ProcessOutput@PDEV@@UAEXJ@Z
?clErrorLog@@YAKKKKPBEPBXG1G@Z
?SendAck@SIODEVICE@@QAEHXZ
?Close@DEVICE@@UAEHAAH@Z
?Lock@DEVICE@@UAEXXZ
?Open@DEVICE@@UAEHXZ
?Unlock@DEVICE@@UAEXXZ
?Confirmed@PDEV@@UBEHE@Z
?FillDeviceInformation@PDEV@@UAEXEEE@Z
?getByte@PDEV@@UAEHQAE@Z
?GetPdevDeviceDescription@PDEV@@UAEPAEXZ
?GetPdevDeviceName@PDEV@@UAEPAEXZ
?GetVdevInfo@PDEV@@UBEHEAAEAAJ@Z
?NowConfirmed@PDEV@@UAEXXZ
?NowNotConfirmed@PDEV@@UAEXXZ
?ProcessInput@SIODEVICE@@UAEXPBEH@Z
?ProcessError@SIODEVICE@@UAEXPBEH@Z
?ProcessOutput@SIODEVICE@@UAEXJ@Z
?TellQueueWhosOnline@PDEV@@UAEXPBUMsgQueueInfo@@@Z
?Acquire@PDEV@@UAEHPAVVDEV@@@Z
?Release@PDEV@@UAEHPAVVDEV@@@Z
?SendMsg@SIODEVICE@@UAEHPBEH@Z
??0ObjectSupport@@QAE@GP6APAVPDEV@@ABUDeviceID@@@ZQAEH@Z

aipnvram

?NvramWait@UNVUSBP@@IAEHHHJ@Z
?TellPhys@UNVUSBP@@MAEHPBVVDEV@@HPAEH@Z
?NvramPost@UNVUSBP@@IAEXXZ
?Init@UNVUSBP@@MAEHPBD@Z
?SendAnyPendingMessage@UNVUSBP@@IAEHXZ
??1UNVUSBP@@UAE@XZ
??0UNVUSBP@@QAE@ABUDeviceID@@PBE@Z
?Term@UNVUSBP@@MAEHXZ
?Close@UNVUSBP@@MAEHPBVVDEV@@AAH@Z
?Open@UNVUSBP@@MAEHQBVVDEV@@@Z
?TellPhys@NVSIOP@@MAEHPBVVDEV@@HPAEH@Z
?NvramWait@NVSIOP@@IAEHHHJ@Z
?NvramPost@NVSIOP@@IAEXXZ
??1NVSIOP@@UAE@XZ
??0NVSIOP@@QAE@ABUDeviceID@@PBE@Z
?Init@NVSIOP@@MAEHXZ
?Term@NVSIOP@@MAEHXZ
?Close@NVSIOP@@MAEHPBVVDEV@@AAH@Z
?Open@NVSIOP@@MAEHQBVVDEV@@@Z
?CommandResetInProgress@NVSIOP@@MAEXXZ
?LastAckLost@NVSIOP@@MAEXPBEH@Z
?LastMsgAcked@NVSIOP@@MAEXXZ
?LastMsgLost@NVSIOP@@MAEXPBEH@Z
?PowerOnResetInProgress@NVSIOP@@MAEXXZ
?ResetComplete@NVSIOP@@MAEXXZ
?SendAnyPendingMessage@NVSIOP@@MAEHXZ
?SequenceResetInProgress@NVSIOP@@MAEXPBEH@Z

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c13ec06efcb766a4bab86523ac8fa33c

Headers

File Characteristics

Imports

kernel32

aipsys

aipnvram

Sections

.text Size: 22KB - Virtual size: 22KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 9KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 22KB - Virtual size: 22KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 9KB

.reloc
Size: 3KB - Virtual size: 3KB