682b0a4098ddf46c612c8a94734e2690N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

682b0a4098ddf46c612c8a94734e2690N.exe
Size

19KB
MD5

682b0a4098ddf46c612c8a94734e2690
SHA1

9d0ecd456cc54de447569dea6f3772cb273c0ead
SHA256

70502e72369ab5b72e87fa7ecb14ab6f415700ebb077371ccfc72bfe69f41751
SHA512

23ba88cc77f785167a0855263f29c839dcbd26c16a8851fbdb590f3c3f86461e258b6723a390d44fb8f420e0f725268015cdb2a2dc14180e04c7b00bbf2e35ba
SSDEEP

192:UXW2RWcdg+ybcB0XSDp61JeegIM07hltCYLBexGSzxzh5qWCsCyVxY7Wyc:aRDg+ybw0XSlIL/nP7MFNvCyVWC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
682b0a4098ddf46c612c8a94734e2690N.exe

Files

682b0a4098ddf46c612c8a94734e2690N.exe
.dll windows:6 windows x64 arch:x64

e73e850d28a8b9137f599e9eeee15b8c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\user\Desktop\test\x64\Release\CReflectiveLoader.pdb

Imports

user32

MessageBoxA

vcruntime140

memset
__std_type_info_destroy_list
__C_specific_handler
memcpy

api-ms-win-crt-runtime-l1-1-0

_cexit
_execute_onexit_table
_initialize_onexit_table
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_initialize_narrow_environment

kernel32

GetSystemTimeAsFileTime
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
InitializeSListHead
UnhandledExceptionFilter
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter

Exports

Exports

?sfYFlzXB@@YA_KXZ

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 456B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e73e850d28a8b9137f599e9eeee15b8c

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

user32

vcruntime140

api-ms-win-crt-runtime-l1-1-0

kernel32

Exports

Exports

Sections

.text Size: 11KB - Virtual size: 10KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 512B - Virtual size: 456B

.rsrc Size: 512B - Virtual size: 248B

.reloc Size: 512B - Virtual size: 44B

.text
Size: 11KB - Virtual size: 10KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 512B - Virtual size: 456B

.rsrc
Size: 512B - Virtual size: 248B

.reloc
Size: 512B - Virtual size: 44B