4eacd3ca055503a321a0a32065a16a30N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

4eacd3ca055503a321a0a32065a16a30N.exe
Size

68KB
MD5

4eacd3ca055503a321a0a32065a16a30
SHA1

fccf48d9561dd0bef33246e07b0f768c6ebc5ed8
SHA256

838a73b2d26d5518cbd2b60288555703ea8a06e55e2535017e70c7378f8e08b9
SHA512

c5210f9451dd33cc5d77f0084f42baf61cdf3cfaa4f1365dd630dc9c4b9dbffca7b9366d582d392bd691b74e4159e78730d4bffe82cb0a6c4719312d6d4e9a56
SSDEEP

1536:HVJW9AVntVQlplofaXsUmgQ0w8M3vfClZWrMat:7W9UtVQlnEaOD0YfQZWT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4eacd3ca055503a321a0a32065a16a30N.exe

Files

4eacd3ca055503a321a0a32065a16a30N.exe
.dll windows:4 windows x64 arch:x64

fa2b8c20cf493b9d53fc92ddd8270fc8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

Imports

cygwin1

__cxa_atexit
__getreent
__locale_ctype_ptr
__memcpy_chk
__stack_chk_fail
__stack_chk_guard
__stpcpy_chk
__strcpy_chk
_impure_ptr
calloc
cygwin_detach_dll
cygwin_internal
dll_dllcrt0
exit
fclose
fgetc
fopen
fprintf
fputc
fputs
free
fwrite
malloc
memcmp
memcpy
memmove
memset
posix_memalign
qsort
realloc
snprintf
strcat
strchr
strcmp
strcpy
strlen
strncat
strtol
strtoul
strverscmp
ungetc

kernel32

GetModuleHandleA

Exports

Exports

asn1_array2tree
asn1_bit_der
asn1_check_version
asn1_copy_node
asn1_create_element
asn1_decode_simple_ber
asn1_decode_simple_der
asn1_delete_element
asn1_delete_structure
asn1_delete_structure2
asn1_der_coding
asn1_der_decoding
asn1_der_decoding2
asn1_der_decoding_element
asn1_der_decoding_startEnd
asn1_dup_node
asn1_encode_simple_der
asn1_expand_any_defined_by
asn1_expand_octet_string
asn1_find_node
asn1_find_structure_from_oid
asn1_get_bit_der
asn1_get_length_ber
asn1_get_length_der
asn1_get_object_id_der
asn1_get_octet_der
asn1_get_tag_der
asn1_length_der
asn1_number_of_elements
asn1_octet_der
asn1_parser2array
asn1_parser2tree
asn1_perror
asn1_print_structure
asn1_read_node_value
asn1_read_tag
asn1_read_value
asn1_read_value_type
asn1_strerror
asn1_write_value

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.buildid
Size: 512B - Virtual size: 53B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 456B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/4
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fa2b8c20cf493b9d53fc92ddd8270fc8

Headers

File Characteristics

PDB Paths

Imports

cygwin1

kernel32

Exports

Exports

Sections

.text Size: 48KB - Virtual size: 47KB

.data Size: 512B - Virtual size: 96B

.rdata Size: 11KB - Virtual size: 10KB

.buildid Size: 512B - Virtual size: 53B

.pdata Size: 1KB - Virtual size: 1KB

.xdata Size: 1KB - Virtual size: 1KB

.bss Size: - Virtual size: 1KB

.edata Size: 1KB - Virtual size: 1KB

.idata Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 456B

/4 Size: 512B - Virtual size: 24B

.text
Size: 48KB - Virtual size: 47KB

.data
Size: 512B - Virtual size: 96B

.rdata
Size: 11KB - Virtual size: 10KB

.buildid
Size: 512B - Virtual size: 53B

.pdata
Size: 1KB - Virtual size: 1KB

.xdata
Size: 1KB - Virtual size: 1KB

.bss
Size: - Virtual size: 1KB

.edata
Size: 1KB - Virtual size: 1KB

.idata
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 456B

/4
Size: 512B - Virtual size: 24B