b69d3ee78c5f25f017240b719c65a9e0N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

b69d3ee78c5f25f017240b719c65a9e0N.exe
Size

384KB
MD5

b69d3ee78c5f25f017240b719c65a9e0
SHA1

a5d8559ed21d4de6fd2298df138466be524eae3f
SHA256

ebf9320f77e8f154cf6f26b6784cd1d880346da852bedf96cd2f605b562d5ddb
SHA512

b2558adf8a913c57f7c65e7ec856e1eb9dcc74adfb871db39cab24ca26a65849ed02d37c94148e45d0be13b94b5f718ae8874587f9d064e41635f2e13834b0fc
SSDEEP

6144:UlWJCCL9SNeyaVPqGhmb7SeJyMyqmbAe7MJ5RsYtnil0YBdlAOcl7lbS6pihpqgF:5xcNMVyGh8+eAMyqOfMJftirdly7lbSN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b69d3ee78c5f25f017240b719c65a9e0N.exe

Files

b69d3ee78c5f25f017240b719c65a9e0N.exe
.dll windows:6 windows x86 arch:x86

b7c8993f10dec27599332ce85a1de38a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

gnsdk_fp.pdb

Imports

kernel32

Sleep
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetCurrentProcess
GetProcAddress
LoadLibraryA
CloseHandle
RaiseException
GetLastError
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetEvent
ResetEvent
ReleaseSemaphore
WaitForSingleObject
CreateEventW
CreateSemaphoreW
GetCurrentThreadId
SetThreadPriority
FileTimeToLocalFileTime
QueryPerformanceCounter
QueryPerformanceFrequency
GetSystemTimeAsFileTime
GetLocalTime
FileTimeToSystemTime
GetTimeZoneInformation
GetDateFormatW
GetTimeFormatW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
GetCurrentProcessId
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
InterlockedFlushSList
RtlUnwind
SetLastError
InitializeCriticalSectionAndSpinCount
FreeLibrary
LoadLibraryExW
GetModuleHandleExW
ExitProcess
GetModuleFileNameW
HeapAlloc
HeapFree
LCMapStringW
GetStdHandle
GetFileType
HeapReAlloc
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
SetStdHandle
GetFileSizeEx
SetFilePointerEx
GetStringTypeW
HeapSize
CreateFileW
WriteConsoleW
DecodePointer
DeleteFileW
GetFileAttributesW
GetFileSize
MoveFileW

Exports

Exports

g_gcsl_log_callback
g_gcsl_log_enabled_pkgs
g_gcsl_signal_callback
g_gcsl_thread_registrants
g_gcsl_thread_store_key
gcsl_fs_marker_end
gcsl_fs_marker_initialize
gcsl_fs_marker_start
gcsl_memory_alloc
gcsl_memory_alloc2
gcsl_memory_alloc_count
gcsl_memory_alloc_max
gcsl_memory_alloc_trace
gcsl_memory_alloc_trace_set
gcsl_memory_calloc
gcsl_memory_calloc2
gcsl_memory_checkpoint_report
gcsl_memory_checkpoint_set
gcsl_memory_dup
gcsl_memory_dup2
gcsl_memory_free
gcsl_memory_heap_dump
gcsl_memory_heap_max
gcsl_memory_heap_now
gcsl_memory_heap_warn
gcsl_memory_initialize
gcsl_memory_marker_end
gcsl_memory_marker_initialize
gcsl_memory_marker_start
gcsl_memory_memcmp
gcsl_memory_memcpy
gcsl_memory_memmove
gcsl_memory_memset
gcsl_memory_name_set
gcsl_memory_realloc
gcsl_memory_realloc2
gcsl_memory_register_provider_interface
gcsl_memory_shutdown
gcsl_memory_sizeof
gcsl_time_marker_end
gcsl_time_marker_initialize
gcsl_time_marker_start
gnsdk_fp_data_addref
gnsdk_fp_data_get_info
gnsdk_fp_data_release
gnsdk_fp_data_render
gnsdk_fp_fingerprinter_audio_create
gnsdk_fp_fingerprinter_audio_done
gnsdk_fp_fingerprinter_audio_write
gnsdk_fp_fingerprinter_audio_write_ex
gnsdk_fp_fingerprinter_release
gnsdk_fp_fingerprinter_video_create
gnsdk_fp_fingerprinter_video_done
gnsdk_fp_fingerprinter_video_write
gnsdk_fp_get_build_date
gnsdk_fp_get_version
gnsdk_fp_initialize
gnsdk_fp_shutdown
gnsdk_fp_string_free

Sections

.text
Size: 157KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 149KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b7c8993f10dec27599332ce85a1de38a

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

Exports

Exports

Sections

.text Size: 157KB - Virtual size: 156KB

.rdata Size: 58KB - Virtual size: 58KB

.data Size: 17KB - Virtual size: 30KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 149KB - Virtual size: 148KB

.text
Size: 157KB - Virtual size: 156KB

.rdata
Size: 58KB - Virtual size: 58KB

.data
Size: 17KB - Virtual size: 30KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 149KB - Virtual size: 148KB