4a7251b888476db7e104e6d0f0a7cb70N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

4a7251b888476db7e104e6d0f0a7cb70N.exe
Size

269KB
MD5

4a7251b888476db7e104e6d0f0a7cb70
SHA1

c138ac93780f3cf3919f43ca42d23013852308db
SHA256

0be2ee688610b8298cc1cf1d8674995af8b1eba6c7740c720e3a2084e3ada936
SHA512

e14f481aadfc5697c78c952d4bf67d31f846a6d4f3b44cdaf638d36e1a31f32300d4e40ebe762c90c87573a81de6a8802d4e197310362c247e92edc9bd2bd442
SSDEEP

6144:O9h8gi6xPbE4yKRb0TrodItUTfPBAPWl:Ei6hXdwKxwG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a7251b888476db7e104e6d0f0a7cb70N.exe

Files

4a7251b888476db7e104e6d0f0a7cb70N.exe
.exe windows:4 windows x86 arch:x86

f52ee05fb2866eab3d17040567ca8501

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringA
GetVolumeInformationW
GetVersionExA
LockFile
RtlUnwind
GetLastError
GetComputerNameW
GetCurrentProcess
GetCurrentThread
VirtualAlloc
HeapSize
GetTimeZoneInformation
HeapReAlloc
FreeEnvironmentStringsW
GetDiskFreeSpaceExW
FreeEnvironmentStringsA
SetLastError
HeapDestroy
GetModuleFileNameA
EnumDateFormatsExA
GetFileType
ExitProcess
DeleteCriticalSection
GetEnvironmentStringsW
GetOEMCP
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
GetDateFormatA
OpenProcess
GetStringTypeA
QueryPerformanceCounter
SetHandleCount
IsValidLocale
lstrcat
IsValidCodePage
MultiByteToWideChar
Sleep
HeapAlloc
GetCPInfo
HeapFree
WaitForMultipleObjectsEx
WideCharToMultiByte
GetCurrentProcessId
VirtualFree
GetLocaleInfoA
WriteFile
LCMapStringW
GetStdHandle
VirtualLock
EnterCriticalSection
GetLocaleInfoW
HeapValidate
TlsGetValue
LCMapStringA
DeleteFileW
GetThreadPriority
VirtualProtect
TlsSetValue
TlsFree
EnumDateFormatsW
UnhandledExceptionFilter
IsBadWritePtr
GetCurrencyFormatW
GlobalUnfix
FormatMessageW
GetStartupInfoA
GetProcAddress
EnumSystemLocalesA
GetACP
SetConsoleMode
GetUserDefaultLCID
InterlockedExchange
GetStringTypeW
TlsAlloc
GetCommandLineA
VirtualQuery
SetEnvironmentVariableA
LeaveCriticalSection
FoldStringW
HeapCreate
GetCurrentThreadId
GetSystemInfo
GlobalFindAtomA
TerminateProcess
CompareStringW
GetTimeFormatA
CreateSemaphoreW
GetModuleHandleA
InitializeCriticalSection
GetEnvironmentStrings

advapi32

InitiateSystemShutdownA
CryptEnumProvidersW
CryptDuplicateKey
RegLoadKeyW
CreateServiceA

gdi32

GetICMProfileA
TranslateCharsetInfo
SetBrushOrgEx
Polyline
OffsetViewportOrgEx
MoveToEx
CreateEnhMetaFileA
GetCharWidth32A
GetEnhMetaFileA
SetPixel
StretchDIBits
InvertRgn

Sections

.text
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f52ee05fb2866eab3d17040567ca8501

Headers

File Characteristics

Imports

kernel32

advapi32

gdi32

Sections

.text Size: 120KB - Virtual size: 120KB

.data Size: 136KB - Virtual size: 135KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 120KB - Virtual size: 120KB

.data
Size: 136KB - Virtual size: 135KB

.rsrc
Size: 11KB - Virtual size: 11KB