e4a8925cbedb0a64b3bd36f7401fd7d0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

e4a8925cbedb0a64b3bd36f7401fd7d0N.exe
Size

104KB
MD5

e4a8925cbedb0a64b3bd36f7401fd7d0
SHA1

7bfa9c7f5175e314f531b8ac518d3c095818a4ce
SHA256

5a3b5dc7b2fa4994402e3261ca1f4d82a33c883f31c001d2daf3f588a9e1c7e5
SHA512

9e67f665d4916a0de8d3da984198c24c35f65d4f46c5a44bd1553c36ff63c7ba024239030b94f4654f5d69a8fce30b9f1a7fd870b285994682ed074e960eedba
SSDEEP

1536:82Y05Y98nYghMCpiKzA9RQ0FJlLJUOWvmCdakZgtseFNxZ:8ShjiEyFzhKaOgtseFNxZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e4a8925cbedb0a64b3bd36f7401fd7d0N.exe

Files

e4a8925cbedb0a64b3bd36f7401fd7d0N.exe
.dll windows:4 windows x86 arch:x86

82ca1e4f2a451297920f7f76ec9cbdd2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\dev\Objdrw\Rel32\Dll\PgTrafNT.pdb

Imports

kernel32

FreeLibrary
GetLastError
GetProcAddress
LoadLibraryA
lstrcatA
GetModuleFileNameA
GetSystemDirectoryA
lstrlenA
GetWindowsDirectoryA
GetVersion
lstrcpyA
lstrcmpA
CloseHandle
SetFilePointer
ReadFile
GetFileSize
CreateFileA
lstrcmpiA
MultiByteToWideChar
OutputDebugStringA
CompareStringW
CompareStringA
GetLocaleInfoW
GetTimeZoneInformation
GetSystemInfo
VirtualProtect
SetConsoleCtrlHandler
GlobalSize
GlobalFlags
GetOEMCP
GetACP
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetCPInfo
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
VirtualQuery
InterlockedExchange
RtlUnwind
InitializeCriticalSection
WriteFile
UnhandledExceptionFilter
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetCurrentProcess
GlobalUnlock
GlobalLock
LCMapStringW
GlobalFree
GlobalReAlloc
GlobalMemoryStatus
GlobalAlloc
LCMapStringA
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
ExitProcess
GetFileAttributesA
GetCurrentThreadId
GetCommandLineA
GetVersionExA
DeleteCriticalSection
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleHandleA
TlsAlloc
SetLastError
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
TerminateProcess
SetEnvironmentVariableA

user32

wvsprintfA
MessageBoxA
LoadIconA
SetClassLongA
InvalidateRect
UpdateWindow
DestroyCursor
SetClipboardData
SetCapture
PeekMessageA
ReleaseCapture
GetCursorPos
PtInRect
WindowFromPoint
GetParent
SwapMouseButton
GetAsyncKeyState
SendMessageA
GetClassNameA
DialogBoxParamA
EndDialog
SendDlgItemMessageA
GetDlgItem
SetFocus
GetWindowRect
SetWindowPos
wsprintfA
LoadCursorA
SetCursor
GetWindow
SetPropA
GetPropA
ShowWindow
RemovePropA
IsWindowVisible
CharUpperA

gdi32

CreateSolidBrush
GetDeviceCaps
DeleteObject

advapi32

RegCloseKey
RegCreateKeyExA
RegQueryValueExA

Exports

Exports

ObjectProgramCheckKey
ObjectProgramCopyright
ObjectProgramCrashLogInfo
ObjectProgramDIFlag
ObjectProgramDoCrash
ObjectProgramDomain
ObjectProgramEMailAccount
ObjectProgramExt
ObjectProgramHelp
ObjectProgramIcon
ObjectProgramLicenseFail
ObjectProgramLicenseFileName
ObjectProgramLicenseFlagLabels
ObjectProgramNeedLicense
ObjectProgramTitle
ObjectProgramUpdate
ObjectProgramVersion
ObjectProgramVersionStrng

Sections

.text
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

82ca1e4f2a451297920f7f76ec9cbdd2

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.text Size: 64KB - Virtual size: 61KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 4KB - Virtual size: 6KB

.rsrc Size: 8KB - Virtual size: 6KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 64KB - Virtual size: 61KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 4KB - Virtual size: 6KB

.rsrc
Size: 8KB - Virtual size: 6KB

.reloc
Size: 8KB - Virtual size: 5KB