a304caad728855f8a865d9ca6ad079b0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

a304caad728855f8a865d9ca6ad079b0N.exe
Size

942KB
MD5

a304caad728855f8a865d9ca6ad079b0
SHA1

91dbfbeaccef2bd2388ded5bc6e777a0f1611df4
SHA256

a79189914a25d79a18b0db3e70af0e5f9fcb5d3767948f2ccf31ea79838c44ab
SHA512

7d042326cada1c9ca82ea960aa947c277c903ad30be8a0a6b98b3398e63b4cf4fbd5804ac69b7e8cd7e3111f3141cd701a5fe1bf3975f3dd0d24ac759caa7421
SSDEEP

24576:Euj4A1gVgMm7/s97tBZbYBL1fCBYceqXB260N:DhMm7/s92t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a304caad728855f8a865d9ca6ad079b0N.exe

Files

a304caad728855f8a865d9ca6ad079b0N.exe
.exe windows:4 windows x86 arch:x86

118b80beeeeebe2ed4d450b21cc60484

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

libhwloc-15

hwloc_bitmap_alloc
hwloc_bitmap_and
hwloc_bitmap_andnot
hwloc_bitmap_asprintf
hwloc_bitmap_copy
hwloc_bitmap_dup
hwloc_bitmap_fill
hwloc_bitmap_free
hwloc_bitmap_isequal
hwloc_bitmap_isincluded
hwloc_bitmap_isset
hwloc_bitmap_iszero
hwloc_bitmap_list_asprintf
hwloc_bitmap_sscanf
hwloc_bitmap_taskset_asprintf
hwloc_bitmap_weight
hwloc_bitmap_zero
hwloc_cpukinds_get_by_cpuset
hwloc_cpukinds_get_info
hwloc_cpukinds_get_nr
hwloc_distances_get
hwloc_distances_get_name
hwloc_distances_release
hwloc_distances_transform
hwloc_export_obj_userdata
hwloc_get_api_version
hwloc_get_cpubind
hwloc_get_depth_type
hwloc_get_membind
hwloc_get_nbobjs_by_depth
hwloc_get_obj_by_depth
hwloc_get_proc_cpubind
hwloc_get_proc_last_cpu_location
hwloc_get_proc_membind
hwloc_get_type_depth
hwloc_memattr_get_flags
hwloc_memattr_get_initiators
hwloc_memattr_get_name
hwloc_memattr_get_targets
hwloc_memattr_get_value
hwloc_obj_attr_snprintf
hwloc_obj_type_is_cache
hwloc_obj_type_is_io
hwloc_obj_type_is_memory
hwloc_obj_type_is_normal
hwloc_obj_type_snprintf
hwloc_obj_type_string
hwloc_pci_class_string
hwloc_topology_alloc_group_object
hwloc_topology_allow
hwloc_topology_destroy
hwloc_topology_export_synthetic
hwloc_topology_export_xml
hwloc_topology_get_allowed_cpuset
hwloc_topology_get_allowed_nodeset
hwloc_topology_get_complete_cpuset
hwloc_topology_get_depth
hwloc_topology_get_support
hwloc_topology_get_topology_cpuset
hwloc_topology_init
hwloc_topology_insert_group_object
hwloc_topology_insert_misc_object
hwloc_topology_is_thissystem
hwloc_topology_load
hwloc_topology_restrict
hwloc_topology_set_all_types_filter
hwloc_topology_set_flags
hwloc_topology_set_io_types_filter
hwloc_topology_set_pid
hwloc_topology_set_synthetic
hwloc_topology_set_type_filter
hwloc_topology_set_userdata_export_callback
hwloc_topology_set_userdata_import_callback
hwloc_topology_set_xml
hwloc_type_sscanf
hwloc_windows_get_nr_processor_groups
hwloc_windows_get_processor_group_cpuset

gdi32

CreateFontA
CreatePen
CreateSolidBrush
DeleteObject
GetStockObject
GetTextExtentPoint32A
LineTo
MoveToEx
Rectangle
SelectObject
SetBkColor
SetBkMode
SetTextColor
TextOutA

kernel32

DeleteCriticalSection
EnterCriticalSection
FormatMessageA
FreeLibrary
GetComputerNameA
GetFileAttributesA
GetLastError
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetStartupInfoA
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
OpenProcess
SetUnhandledExceptionFilter
Sleep
TlsGetValue
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

__getmainargs
__initenv
__lconv_init
__mb_cur_max
__p__acmdln
__p__commode
__p__fmode
__set_app_type
__setusermatherr
_amsg_exit
_assert
_cexit
_close
_errno
_findclose
_findfirst
_findnext
_fullpath
_initterm
_iob
_isatty
_lock
_onexit
_open
_pclose
_popen
_putenv
_read
_stat
_strdup
_stricmp
_strnicmp
_unlock
abort
atof
atoi
calloc
exit
fclose
fflush
fgets
fopen
fprintf
fputc
fputwc
fread
free
fwrite
getc
getenv
islower
isspace
isupper
isxdigit
localtime
localeconv
malloc
memcpy
memset
perror
realloc
setlocale
signal
strchr
strcmp
strcpy
strcspn
strerror
strftime
strlen
strncmp
strncpy
strrchr
strspn
strstr
strtol
strtoul
time
tolower
toupper
ungetc
vfprintf
wcslen

user32

AdjustWindowRect
BeginPaint
CreateWindowExA
DefWindowProcA
DestroyWindow
DispatchMessageA
EndPaint
GetMessageA
GetSystemMetrics
InvalidateRect
LoadCursorA
LoadIconA
PostQuitMessage
RedrawWindow
RegisterClassA
SetWindowPos
ShowWindow
TranslateMessage
UpdateWindow

Sections

.text
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 388B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/14
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/29
Size: 301KB - Virtual size: 300KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/41
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/55
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/67
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/78
Size: 178KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/89
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

118b80beeeeebe2ed4d450b21cc60484

Headers

File Characteristics

Imports

libhwloc-15

gdi32

kernel32

msvcrt

user32

Sections

.text Size: 141KB - Virtual size: 140KB

.data Size: 512B - Virtual size: 388B

.rdata Size: 26KB - Virtual size: 25KB

/4 Size: 16KB - Virtual size: 15KB

.bss Size: - Virtual size: 4KB

.idata Size: 7KB - Virtual size: 6KB

.CRT Size: 512B - Virtual size: 52B

.tls Size: 512B - Virtual size: 8B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 6KB - Virtual size: 5KB

/14 Size: 2KB - Virtual size: 2KB

/29 Size: 301KB - Virtual size: 300KB

/41 Size: 32KB - Virtual size: 32KB

/55 Size: 116KB - Virtual size: 115KB

/67 Size: 8KB - Virtual size: 8KB

/78 Size: 178KB - Virtual size: 177KB

/89 Size: 13KB - Virtual size: 12KB

.text
Size: 141KB - Virtual size: 140KB

.data
Size: 512B - Virtual size: 388B

.rdata
Size: 26KB - Virtual size: 25KB

/4
Size: 16KB - Virtual size: 15KB

.bss
Size: - Virtual size: 4KB

.idata
Size: 7KB - Virtual size: 6KB

.CRT
Size: 512B - Virtual size: 52B

.tls
Size: 512B - Virtual size: 8B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 6KB - Virtual size: 5KB

/14
Size: 2KB - Virtual size: 2KB

/29
Size: 301KB - Virtual size: 300KB

/41
Size: 32KB - Virtual size: 32KB

/55
Size: 116KB - Virtual size: 115KB

/67
Size: 8KB - Virtual size: 8KB

/78
Size: 178KB - Virtual size: 177KB

/89
Size: 13KB - Virtual size: 12KB