a47776c2c14e287b96a8ac4eedc42cc0N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

a47776c2c14e287b96a8ac4eedc42cc0N.exe
Size

92KB
MD5

a47776c2c14e287b96a8ac4eedc42cc0
SHA1

64cf1dc3ce386c6aaa9b7439141d486c716c45ff
SHA256

cbfb6294fc00eece1e2700874d7974090065bc29ad8d295f3a384e6598b5fae7
SHA512

db8e20ad931f7a3d064a90e28a2955d350c03261ec17bf2894fc99cb0e66f262476ca52f1feae635855288b44e61d92b9c15a746308255ffadb484c41f3ec0d3
SSDEEP

768:ZPjgeu80jKzzrotfI3jV6NBVcp8QPXkl2zucDhMa6WvRmAApvoEHQ:N5pTzzsZIrP9oa1vopvof

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a47776c2c14e287b96a8ac4eedc42cc0N.exe

Files

a47776c2c14e287b96a8ac4eedc42cc0N.exe
.exe windows:4 windows x86 arch:x86

1efad166bb2a82b0a3e312f850c51a37

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Source\VC\ExeTest\Debug\ExeTest.pdb

Imports

dlltestd

?MyTest@@YAXPBD@Z

mfc70d

ord654
ord4854
ord6756
ord5670
ord6254
ord6424
ord2105
ord2104
ord1961
ord1960
ord7873
ord2039
ord2036
ord5306
ord1795
ord5708
ord6730
ord2368
ord6627
ord8382
ord5642
ord6776
ord2851
ord1682
ord4585
ord6241
ord5747
ord2013
ord7950
ord1065
ord1070
ord1074
ord1072
ord1076
ord3126
ord3110
ord3129
ord3124
ord3101
ord3103
ord3121
ord2859
ord2849
ord1927
ord2802
ord5093
ord8384
ord4467
ord6516
ord1744
ord6752
ord2438
ord2082
ord2081
ord2012
ord6773
ord3817
ord5965
ord5727
ord2642
ord1553
ord4300
ord5438
ord1314
ord332
ord2492
ord7751
ord6064
ord6268
ord771
ord2583
ord3294
ord7421
ord4458
ord517
ord5309
ord840
ord1458
ord1454
ord6827
ord6825
ord3106
ord3116
ord3114
ord3112
ord3108
ord3131
ord3119
ord1254
ord1478
ord2504
ord827
ord847
ord606
ord4450
ord7444
ord1641
ord2749
ord5726
ord5960
ord5313
ord3505
ord4951
ord4961
ord4960
ord3328
ord3507
ord3336
ord3793
ord3601
ord5776
ord3790
ord3624
ord3333
ord7312
ord6786
ord6821
ord6052
ord5310
ord2937
ord6811
ord6809
ord3929
ord2380
ord5126
ord7049
ord8317
ord6659
ord1233
ord5100
ord7329
ord2502
ord2547
ord5795
ord8383
ord5092
ord8385
ord5418
ord5454
ord4896
ord6023
ord8386
ord832
ord1333

msvcr70d

__CxxFrameHandler
_CrtDbgReport
wcscpy
free
malloc
??_V@YAXPAX@Z
__dllonexit
_onexit
sprintf
_CxxThrowException
_vsnprintf
_snprintf
_vsnwprintf
_snwprintf
memcmp
wcscmp
realloc
memmove
wcslen
wcsncpy
_setmbcp
??1type_info@@UAE@XZ
_controlfp
?terminate@@YAXXZ
__security_error_handler
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_amsg_exit
_acmdln
exit
_cexit
_XcptFilter
_exit
_c_exit

kernel32

QueryPerformanceCounter
ExitProcess
GetStartupInfoA
GetModuleHandleA
lstrlenA
lstrcmpiA
lstrcmpiW
GetStringTypeExA
GetStringTypeExW
WideCharToMultiByte
lstrlenW
CompareStringA
CompareStringW
GetEnvironmentVariableA
MultiByteToWideChar
GetVersion
GetEnvironmentVariableW
GetThreadLocale
GetLocaleInfoA
GetACP
GetTickCount
GetVersionExA
MulDiv
CloseHandle
SetEvent
OpenEventA
lstrcpyA
lstrcpyW
OutputDebugStringA
OutputDebugStringW
VirtualAlloc
UnmapViewOfFile
IsBadReadPtr
GetSystemInfo
MapViewOfFile
GetLastError
CreateFileMappingA
GetCurrentThread
OpenFileMappingA
InterlockedIncrement
InterlockedDecrement
GetModuleFileNameW
GetModuleFileNameA
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
InterlockedExchange

user32

CopyRect
IsRectEmpty
PtInRect
SetRect
SetRectEmpty
EqualRect
InflateRect
OffsetRect
IntersectRect
UnionRect
SubtractRect
GetSystemMetrics
MessageBeep
CharUpperA
CharUpperW
CharLowerA
CharLowerW

oleaut32

SysFreeString

advapi32

SetThreadToken
OpenThreadToken
RevertToSelf

Sections

.textbss
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1efad166bb2a82b0a3e312f850c51a37

Headers

File Characteristics

PDB Paths

Imports

dlltestd

mfc70d

msvcr70d

kernel32

user32

oleaut32

advapi32

Sections

.textbss Size: - Virtual size: 64KB

.text Size: 56KB - Virtual size: 54KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 12KB - Virtual size: 9KB

.idata Size: 8KB - Virtual size: 5KB

.rsrc Size: 4KB - Virtual size: 3KB

.textbss
Size: - Virtual size: 64KB

.text
Size: 56KB - Virtual size: 54KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 12KB - Virtual size: 9KB

.idata
Size: 8KB - Virtual size: 5KB

.rsrc
Size: 4KB - Virtual size: 3KB