a54e310f4d82b37ddc5bd601c1058d00N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

a54e310f4d82b37ddc5bd601c1058d00N.exe
Size

385KB
MD5

a54e310f4d82b37ddc5bd601c1058d00
SHA1

e64a18cf48c3d30a59a9b289f9a9d3c85032bad9
SHA256

091e034ed887d53852dfe82c19ed21c00ad7ac2f1b36bad53b8612d9653ad0f8
SHA512

e110e5d045cf0b47fdf87d3f35d21e15557c3be5aadf86b086dc59be45f48744b415fd7cda2e74ab08f171d34e058b65d3133f234924fdc78be07f282b931993
SSDEEP

6144:FJ5d8vdFbknkiKI8feBmCK4aGDv1PTBGISL2kAn6TZVlrlYaEoF6HHCLSTf/h2gV:FJ5WFQLKImB54aGxPTFsxE66ncawFK/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a54e310f4d82b37ddc5bd601c1058d00N.exe

Files

a54e310f4d82b37ddc5bd601c1058d00N.exe
.dll windows:6 windows x86 arch:x86

91df4a18992fbc7bf445da61bc5360cd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\jenkins\workspace\8-2-build-windows-i586-cygwin\jdk8u281\880\build\windows-i586\jdk\objs\libsplashscreen\splashscreen.pdb

Imports

kernel32

IsDebuggerPresent
MultiByteToWideChar
GetProcAddress
GetModuleHandleA
GetTickCount
CreateThread
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
ExitProcess
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LoadLibraryExA
GetModuleHandleW
FreeLibrary
VirtualQuery
VirtualProtect
GetSystemInfo
GetLastError
RaiseException

gdi32

CreatePalette
CreateDIBSection
StretchDIBits
SelectPalette
SelectObject
RealizePalette
GetDeviceCaps
ExtCreateRegion
DeleteObject
DeleteDC
CombineRgn
CreateCompatibleDC
CreateRectRgn

vcruntime140

memset
memcmp
_except_handler4_common
__std_type_info_destroy_list
longjmp
_setjmp3
memcpy

api-ms-win-crt-heap-l1-1-0

free
calloc
realloc
malloc

api-ms-win-crt-stdio-l1-1-0

fgetc
fopen
fread
fclose
__stdio_common_vsscanf
__stdio_common_vfprintf
__acrt_iob_func
ungetc

api-ms-win-crt-string-l1-1-0

_stricmp
strlen
strncmp

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
_errno
_execute_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_cexit

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-math-l1-1-0

floor
pow
_except1

Exports

Exports

SplashClose
SplashGetScaledImageName
SplashInit
SplashLoadFile
SplashLoadMemory
SplashSetFileJarName
SplashSetScaleFactor
_JNI_OnLoad@8
_Java_java_awt_SplashScreen__1close@16
_Java_java_awt_SplashScreen__1getBounds@16
_Java_java_awt_SplashScreen__1getImageFileName@16
_Java_java_awt_SplashScreen__1getImageJarName@16
_Java_java_awt_SplashScreen__1getInstance@8
_Java_java_awt_SplashScreen__1getScaleFactor@16
_Java_java_awt_SplashScreen__1isVisible@16
_Java_java_awt_SplashScreen__1setImageData@20
_Java_java_awt_SplashScreen__1update@40

Sections

.text
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 214KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

91df4a18992fbc7bf445da61bc5360cd

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

gdi32

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-math-l1-1-0

Exports

Exports

Sections

.text Size: 130KB - Virtual size: 130KB

.rdata Size: 38KB - Virtual size: 38KB

.data Size: 512B - Virtual size: 12KB

.rsrc Size: 1024B - Virtual size: 952B

.reloc Size: 214KB - Virtual size: 216KB

.text
Size: 130KB - Virtual size: 130KB

.rdata
Size: 38KB - Virtual size: 38KB

.data
Size: 512B - Virtual size: 12KB

.rsrc
Size: 1024B - Virtual size: 952B

.reloc
Size: 214KB - Virtual size: 216KB