ec1fa07390e79e9a393ae55ee69de520N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

ec1fa07390e79e9a393ae55ee69de520N.exe
Size

399KB
MD5

ec1fa07390e79e9a393ae55ee69de520
SHA1

f3c2f73f0ae4f75f954a2e56650e19b8030bb3c0
SHA256

f364869b8e6f92574b9d439988a77b0bbbcc35b87e017fef3efe6cef951b3ce0
SHA512

5e76499c1e4801b05b7aa989c58e9e8d00da87d7557dc4c13f7a4885e982013aa7527d118c59678ece4b7cb79118177b01319758c09c36366db7d825a5bd4eb1
SSDEEP

12288:jzekhQqKIMCO4RGxPTM3t0gHrbFtubHzw79oqAul37FR:jzTQqKI3O4kPTMd04X/ubHzwbAuh7v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ec1fa07390e79e9a393ae55ee69de520N.exe

Files

ec1fa07390e79e9a393ae55ee69de520N.exe
.dll windows:6 windows x86 arch:x86

91df4a18992fbc7bf445da61bc5360cd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\jenkins\workspace\8-2-build-windows-i586-cygwin\jdk8u281\880\build\windows-i586\jdk\objs\libsplashscreen\splashscreen.pdb

Imports

kernel32

IsDebuggerPresent
MultiByteToWideChar
GetProcAddress
GetModuleHandleA
GetTickCount
CreateThread
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
ExitProcess
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LoadLibraryExA
GetModuleHandleW
FreeLibrary
VirtualQuery
VirtualProtect
GetSystemInfo
GetLastError
RaiseException

gdi32

CreatePalette
CreateDIBSection
StretchDIBits
SelectPalette
SelectObject
RealizePalette
GetDeviceCaps
ExtCreateRegion
DeleteObject
DeleteDC
CombineRgn
CreateCompatibleDC
CreateRectRgn

vcruntime140

memset
memcmp
_except_handler4_common
__std_type_info_destroy_list
longjmp
_setjmp3
memcpy

api-ms-win-crt-heap-l1-1-0

free
calloc
realloc
malloc

api-ms-win-crt-stdio-l1-1-0

fgetc
fopen
fread
fclose
__stdio_common_vsscanf
__stdio_common_vfprintf
__acrt_iob_func
ungetc

api-ms-win-crt-string-l1-1-0

_stricmp
strlen
strncmp

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
_errno
_execute_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_cexit

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-math-l1-1-0

floor
pow
_except1

Exports

Exports

SplashClose
SplashGetScaledImageName
SplashInit
SplashLoadFile
SplashLoadMemory
SplashSetFileJarName
SplashSetScaleFactor
_JNI_OnLoad@8
_Java_java_awt_SplashScreen__1close@16
_Java_java_awt_SplashScreen__1getBounds@16
_Java_java_awt_SplashScreen__1getImageFileName@16
_Java_java_awt_SplashScreen__1getImageJarName@16
_Java_java_awt_SplashScreen__1getInstance@8
_Java_java_awt_SplashScreen__1getScaleFactor@16
_Java_java_awt_SplashScreen__1isVisible@16
_Java_java_awt_SplashScreen__1setImageData@20
_Java_java_awt_SplashScreen__1update@40

Sections

.text
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 228KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

91df4a18992fbc7bf445da61bc5360cd

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

gdi32

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-math-l1-1-0

Exports

Exports

Sections

.text Size: 130KB - Virtual size: 130KB

.rdata Size: 38KB - Virtual size: 38KB

.data Size: 512B - Virtual size: 12KB

.rsrc Size: 1024B - Virtual size: 952B

.reloc Size: 228KB - Virtual size: 228KB

.text
Size: 130KB - Virtual size: 130KB

.rdata
Size: 38KB - Virtual size: 38KB

.data
Size: 512B - Virtual size: 12KB

.rsrc
Size: 1024B - Virtual size: 952B

.reloc
Size: 228KB - Virtual size: 228KB