13baf95cd99e373f570ba210ff5dc369ba9e01f1c19d68793f835e2d3facf5f0[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

13baf95cd99e373f570ba210ff5dc369ba9e01f1c19d68793f835e2d3facf5f0.exe
Size

51KB
MD5

16488dfa545ffd7eb18ab64f2308194c
SHA1

2bf35356a3032f3a0bfba10ad7af71310e5cfedd
SHA256

13baf95cd99e373f570ba210ff5dc369ba9e01f1c19d68793f835e2d3facf5f0
SHA512

24d385153698b7fc7023b9530526f5bc9dd6c6eae57b1cebbeebebab6b5850043416dcd46eefe4d1d624692c63931458eb3d234df74cffe47c3cc29c6fb34d87
SSDEEP

768:sim8I+PBvE5atoKjCL3lrWuD9Oj0Og3nyXgwGAzMWIfigLfMgfiz:sl8I+ZMPtD9Oj0Og3yXgPkyTLfyz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
13baf95cd99e373f570ba210ff5dc369ba9e01f1c19d68793f835e2d3facf5f0.exe

Files

13baf95cd99e373f570ba210ff5dc369ba9e01f1c19d68793f835e2d3facf5f0.exe
.exe windows:4 windows x64 arch:x64

3fdd38a484313488a04c49a2605a1eb8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

c:\users\mac\documents\visual studio 2005\projects\test12\x64\release\test12.pdb

Imports

kernel32

HeapCreate
GetProcAddress
HeapAlloc
FreeConsole
LoadLibraryA
GetCommandLineA
HeapFree
GetVersionExA
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
RaiseException
RtlPcToFileHeader
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
RtlUnwindEx
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
FlsGetValue
FlsSetValue
TlsFree
FlsFree
SetLastError
GetCurrentThreadId
FlsAlloc
HeapSetInformation
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
Sleep
HeapSize
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetCPInfo
GetACP
GetOEMCP
HeapReAlloc
MultiByteToWideChar
GetLocaleInfoA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

user32

GetDC

gdi32

EnumObjects

Sections

.text
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3fdd38a484313488a04c49a2605a1eb8

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

Sections

.text Size: 30KB - Virtual size: 29KB

.rdata Size: 13KB - Virtual size: 12KB

.data Size: 4KB - Virtual size: 8KB

.pdata Size: 2KB - Virtual size: 2KB

.rsrc Size: 512B - Virtual size: 176B

.text
Size: 30KB - Virtual size: 29KB

.rdata
Size: 13KB - Virtual size: 12KB

.data
Size: 4KB - Virtual size: 8KB

.pdata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 512B - Virtual size: 176B