48e557481b8c4d27d4fb13dfc043a3a0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

48e557481b8c4d27d4fb13dfc043a3a0N.exe
Size

423KB
MD5

48e557481b8c4d27d4fb13dfc043a3a0
SHA1

83d15b27ceed7ac00a54fb219a8320838c2b311b
SHA256

4fab2f2e81214540746086bf34f0b1c90f66f3571217203d4338c708d54e3c06
SHA512

feb800abe035928e7e01f9b990b7f3056c75a97bf26ba2c3051efae2b477697d99839320f4e41b0ea7c319291600d2a6f65898b33260ecb5b19e3fa6f8262a15
SSDEEP

12288:CYA7xXPC4j9PnL5v2fqYWQfYHStvzgERaFbwi4Z+:NyZCm9PL5eC5RybRaFH4Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
48e557481b8c4d27d4fb13dfc043a3a0N.exe

Files

48e557481b8c4d27d4fb13dfc043a3a0N.exe
.exe windows:4 windows x86 arch:x86

ae194479164194a99bf67252e0de195d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileType
GetACP
SetLastError
EnumSystemLocalesA
RtlUnwind
GetVersionExA
EnterCriticalSection
GetCurrentProcess
GetStringTypeW
VirtualAlloc
TlsGetValue
MultiByteToWideChar
HeapReAlloc
GetStartupInfoA
GetConsoleTitleW
GetOEMCP
GetDateFormatA
TlsFree
GetModuleFileNameA
GetEnvironmentStringsW
GetUserDefaultLCID
ExitProcess
GetLocaleInfoA
GetTimeZoneInformation
HeapSize
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
GetSystemInfo
GetCurrentThread
IsValidLocale
QueryPerformanceCounter
SetHandleCount
VirtualProtect
CompareStringA
VirtualFree
GetCurrentThreadId
GetCommandLineW
HeapAlloc
GetStdHandle
HeapFree
SetCurrentDirectoryW
TlsSetValue
GetCurrentProcessId
DeleteCriticalSection
HeapCreate
GetTimeFormatA
WriteFile
IsValidCodePage
GetCommandLineA
GetLocaleInfoW
HeapDestroy
GetEnvironmentStrings
LeaveCriticalSection
WideCharToMultiByte
GlobalSize
FreeEnvironmentStringsA
GetModuleHandleA
ReadConsoleOutputW
GetLastError
CompareStringW
WritePrivateProfileStringW
UnhandledExceptionFilter
OpenEventW
IsBadWritePtr
GetCPInfo
InitializeCriticalSection
GetProcAddress
GetModuleFileNameW
GetStartupInfoW
FreeEnvironmentStringsW
SetEnvironmentVariableA
InterlockedExchange
LCMapStringA
TerminateProcess
GetStringTypeA
VirtualQuery
LCMapStringW
TlsAlloc
VirtualUnlock

user32

DdeGetLastError
CharLowerA
GetDlgItemInt
SendIMEMessageExA
FillRect
MonitorFromRect
OpenDesktopW
IsCharUpperA
IsRectEmpty
IsCharAlphaNumericA
BeginDeferWindowPos
InSendMessage
IsCharAlphaW
SetUserObjectInformationA
AttachThreadInput
LookupIconIdFromDirectoryEx
SetMenuItemInfoA
DestroyIcon

comdlg32

ChooseColorA
FindTextA
PageSetupDlgA
GetSaveFileNameA
PrintDlgW
ChooseFontW
FindTextW
PageSetupDlgW
GetSaveFileNameW
ChooseColorW
LoadAlterBitmap
GetOpenFileNameW
ReplaceTextW
ChooseFontA
GetOpenFileNameA

Sections

.text
Size: 143KB - Virtual size: 143KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 273KB - Virtual size: 273KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ae194479164194a99bf67252e0de195d

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

Sections

.text Size: 143KB - Virtual size: 143KB

.data Size: 273KB - Virtual size: 273KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 143KB - Virtual size: 143KB

.data
Size: 273KB - Virtual size: 273KB

.rsrc
Size: 5KB - Virtual size: 4KB