3f9e7b607e863d31f836431360937670N[.]exe

General

Target

3f9e7b607e863d31f836431360937670N.exe
Size

273KB
MD5

3f9e7b607e863d31f836431360937670
SHA1

514c9d2c688a52c28567295279d48c9d6db4a7f4
SHA256

39233c94708d05cf1c457a0d3fdfd07f20b98eecc492aabbc5f15d97a37b45aa
SHA512

edd4b36b5522ee0a480718d0cd16f9ef45130a878810be6b17d7d7d9c7ee458d55084dfae0b37f94d55bf277180de9c77e8bc2cbfee742a64fd3d5dae914da80
SSDEEP

6144:wOpNB/RWd0wDqnmegPjVgvBaAwgM21JNXOA3Fq0:wwo0wDqn1gWEkmoP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f9e7b607e863d31f836431360937670N.exe

Files

3f9e7b607e863d31f836431360937670N.exe
.exe windows:4 windows x86 arch:x86

e2b29a35179232abbc0297089aeb6a0b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsValidCodePage
SetEnvironmentVariableA
SetLastError
GetEnvironmentStringsW
GetProcAddress
SetUnhandledExceptionFilter
HeapReAlloc
TlsAlloc
GetFileType
InterlockedIncrement
GetCurrentProcessId
HeapAlloc
GetCPInfo
GetTimeFormatA
VirtualFree
GetModuleHandleA
Sleep
RemoveDirectoryA
EnumSystemLocalesA
UnhandledExceptionFilter
GetVersionExA
LeaveCriticalSection
GetLocaleInfoA
LCMapStringW
TlsFree
GetACP
InitializeCriticalSection
FreeEnvironmentStringsW
GetShortPathNameW
ExitProcess
GetTickCount
FreeEnvironmentStringsA
MultiByteToWideChar
HeapFree
GetStartupInfoA
GetModuleFileNameA
IsValidLocale
LoadLibraryA
QueryPerformanceCounter
GetProcessHeap
VirtualAlloc
CompareStringW
GetLastError
VirtualQuery
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
GetStdHandle
GetTimeZoneInformation
HeapDestroy
WideCharToMultiByte
EnterCriticalSection
SetHandleCount
GetLocaleInfoW
GetSystemTimeAsFileTime
GetStringTypeA
GetDateFormatA
CompareStringA
GetStringTypeW
GetUserDefaultLCID
GetCurrentThread
TlsSetValue
TlsGetValue
LCMapStringA
GetCommandLineA
HeapCreate
WriteFile
FreeLibrary
SetConsoleCtrlHandler
GetEnvironmentStrings
HeapSize
DeleteCriticalSection
InterlockedExchange
IsDebuggerPresent
InterlockedDecrement
GetOEMCP

wininet

RunOnceUrlCache
FindFirstUrlCacheContainerA
HttpQueryInfoA
FindNextUrlCacheGroup
InternetQueryFortezzaStatus
SetUrlCacheEntryGroupA
GetUrlCacheEntryInfoExA
FtpCommandW
InternetAlgIdToStringW
FtpSetCurrentDirectoryA

Sections

.text
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e2b29a35179232abbc0297089aeb6a0b

Headers

File Characteristics

Imports

kernel32

wininet

Sections

.text Size: 129KB - Virtual size: 129KB

.data Size: 139KB - Virtual size: 138KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 129KB - Virtual size: 129KB

.data
Size: 139KB - Virtual size: 138KB

.rsrc
Size: 3KB - Virtual size: 3KB