54ffb42aec523864859ff9af9117dbe0N[.]exe

General

Target

54ffb42aec523864859ff9af9117dbe0N.exe
Size

28KB
MD5

54ffb42aec523864859ff9af9117dbe0
SHA1

394f96dc795335475859dad5dd9f0eabeab96b52
SHA256

369ff79c622bf5c3c580528850b3d5b480cd5126da6c6b596c57943cad515105
SHA512

8ef9f7a50721caf7bf88f86e2284227c5058d54a1d3c637908eebbd2aa8c091e237662ecf8be3d4d48aecf8ebc086bd33770b4545f72d80c13f6c5c21cd30b75
SSDEEP

384:or7eyDNXzqAqmlE2rGyyyLlI0Ixr0hdoZn:K7eyRXzqXyyslI06ohdo9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
54ffb42aec523864859ff9af9117dbe0N.exe

Files

54ffb42aec523864859ff9af9117dbe0N.exe
.exe windows:4 windows x86 arch:x86

b6f143a9846bd7191ac2eb1eca093aea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAllocEx
OpenProcess
GetCurrentProcess
lstrlenA
CopyFileA
lstrcatA
lstrcpyA
GetSystemDirectoryA
GetLastError
WriteProcessMemory
CloseHandle
Process32Next
lstrcmpA
Process32First
CreateToolhelp32Snapshot
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
GetModuleHandleA
GetProcAddress
GetCurrentDirectoryA
CreateRemoteThread
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
LoadLibraryA
GetStringTypeW

user32

wsprintfA
MessageBoxA
CharUpperBuffA

advapi32

LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b6f143a9846bd7191ac2eb1eca093aea

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 944B

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 944B