3afb595d3ca432019a7e49fa91457fa0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

3afb595d3ca432019a7e49fa91457fa0N.exe
Size

447KB
MD5

3afb595d3ca432019a7e49fa91457fa0
SHA1

b4c92917923e0ff2876b8f6bb466609170c7c1a5
SHA256

a9fe79c01f9d947b72ce9699a9bd52877ebc96536c3bbb528118b59b67c5bfa7
SHA512

5f8c8eb09c242c7a2c712b3c070b0901a411b6b41b5c6c235c15dd78693092dcd083a3672a6e70d4010a7eecd1df9b69757bc2d76102a0adf4d93e04a52b60d0
SSDEEP

6144:Y2z3QLSYmv5VkAq4Ntlm1li7M/yr0xnFG3ljnfYopUOXD8QYtgfFWObIjW8DUadu:NeY2a0tnQ31dGwg83IjDDU4daa1xZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3afb595d3ca432019a7e49fa91457fa0N.exe

Files

3afb595d3ca432019a7e49fa91457fa0N.exe
.exe windows:4 windows x86 arch:x86

42c1a59a71e5b06e7fa2af3257445433

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineW
GetFileTime
FindFirstFileExW
lstrcmpA
RtlUnwind
LeaveCriticalSection
WriteConsoleOutputW
GetCurrentProcess
GetVersion
VirtualAlloc
TlsSetValue
WriteFile
HeapReAlloc
GetModuleFileNameW
DeleteAtom
GetLastError
FreeEnvironmentStringsA
InterlockedExchange
GetModuleFileNameA
GetCommandLineA
IsBadWritePtr
ExitProcess
GetEnvironmentStrings
InitializeCriticalSection
SetLastError
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
HeapCreate
DeleteCriticalSection
TlsGetValue
QueryPerformanceCounter
LocalReAlloc
UnhandledExceptionFilter
OpenEventW
VirtualQuery
GetCurrentThreadId
GetPrivateProfileSectionW
HeapAlloc
GetStartupInfoW
HeapFree
WriteProfileStringA
TerminateProcess
GetCurrentProcessId
CloseHandle
MultiByteToWideChar
HeapDestroy
GetCPInfo
TlsFree
GlobalGetAtomNameW
GetEnvironmentStringsW
SetHandleCount
FreeEnvironmentStringsW
VirtualFree
GetStartupInfoA
EnterCriticalSection
FindResourceExA
GetModuleHandleA
OpenFileMappingA
GetCurrentThread
GetPrivateProfileStringA
GetLongPathNameA
GetStdHandle
SetConsoleTextAttribute
GetConsoleMode
TerminateThread
TlsAlloc
GetProcAddress
GetFileType

advapi32

CryptImportKey
AbortSystemShutdownA
LookupPrivilegeDisplayNameA
CryptAcquireContextA
ReportEventW
CryptGetHashParam
CryptSignHashA
CryptExportKey
CryptEnumProviderTypesW
LookupPrivilegeValueW
RegCreateKeyW
CryptDeriveKey
RegEnumKeyW

user32

GetMenuDefaultItem
GetUserObjectSecurity
SetMenuContextHelpId
MapVirtualKeyExA
RegisterDeviceNotificationA
ReleaseDC
SetWindowPos
GetWindowTextLengthW
CreateCursor
IsDialogMessage
CloseDesktop
HideCaret
GetWindowTextA
GetTabbedTextExtentW
EnumDisplayDevicesW
PostMessageW
GetWindowDC

Sections

.text
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 303KB - Virtual size: 302KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

42c1a59a71e5b06e7fa2af3257445433

Headers

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.text Size: 130KB - Virtual size: 129KB

.data Size: 303KB - Virtual size: 302KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 130KB - Virtual size: 129KB

.data
Size: 303KB - Virtual size: 302KB

.rsrc
Size: 13KB - Virtual size: 12KB