4be0255a458657c50e9e86720c7c02f0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

4be0255a458657c50e9e86720c7c02f0N.exe
Size

836KB
MD5

4be0255a458657c50e9e86720c7c02f0
SHA1

245e9d4b1c651797b3c7b1f9a39a252e60cf9058
SHA256

0a8d35848b20608709bc5f11c296587badfc10917267751bee8fc9ecb68a447e
SHA512

27e6061664a24693ae347d5ed45d6991747f74dcd07992112d127f343fa9fad1df76ebe790be394cf44978bd4969cb31069c202d3163e6e5fcd5ad932a859ebd
SSDEEP

12288:TvqT62UAkY+67Qi2UKnJ5FygQhM5p7eDuUl+eDuUlFPNQjD6X:TiT6pzY+67YJb/Q+p7vwPNumX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4be0255a458657c50e9e86720c7c02f0N.exe

Files

4be0255a458657c50e9e86720c7c02f0N.exe
.exe windows:4 windows x86 arch:x86

6a48c9ec0c3183dd34bd33a4c6b8b855

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
EnterCriticalSection
GetProcAddress
LoadLibraryA
GetLastError
GetModuleHandleA
QueryDosDeviceA
GetDriveTypeA
MultiByteToWideChar
lstrlenA
GetFileAttributesA
GetFullPathNameA
GetModuleFileNameA
SetCurrentDirectoryA
GetCurrentDirectoryA
GlobalAddAtomA
GlobalDeleteAtom
GetTickCount
GetCurrentThreadId
FindClose
FindNextFileA
FindFirstFileA
GetWindowsDirectoryA
FreeLibrary
GetCurrentProcess
SetLastError
LockResource
LoadResource
FindResourceExA
FindResourceA
GetCommandLineA
CloseHandle
lstrcmpiA
GetVersionExA
GetSystemInfo
GetSystemDirectoryA
GlobalMemoryStatus
GetDiskFreeSpaceA
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetStartupInfoA
TerminateProcess
OpenProcess
HeapAlloc
GetProcessHeap
HeapFree
GlobalFree
GlobalAlloc
DeleteFileA
lstrcmpA
FlushFileBuffers
CreateFileA
lstrcatA
GetFileSize
InitializeCriticalSection
DeleteCriticalSection
QueryPerformanceFrequency
QueryPerformanceCounter
GetTempPathA
OutputDebugStringA
WriteFile
LocalFree
FormatMessageA
GetSystemDefaultLangID
ResumeThread
SetThreadAffinityMask
CreateThread
GetProcessAffinityMask
GetUserDefaultLangID
WideCharToMultiByte
MoveFileA
Sleep
CompareFileTime
GetFileTime
OpenFile
GetPrivateProfileStringA
WritePrivateProfileStringA
GetEnvironmentVariableA
GetShortPathNameA
GetLocaleInfoA
CreateMutexA
OpenMutexA
LocalAlloc
InterlockedExchange
RaiseException
GlobalUnlock
GlobalLock
lstrcpyA
GlobalFindAtomA
GlobalGetAtomNameA
GetVersion
InterlockedDecrement
lstrlenW
MulDiv
InterlockedIncrement
lstrcpynA
TlsAlloc
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GetThreadLocale
FileTimeToSystemTime
FileTimeToLocalFileTime
GetCurrentThread
DuplicateHandle
ReadFile
SetFilePointer
LockFile
UnlockFile
SetEndOfFile
GetVolumeInformationA
GlobalFlags
GetProcessVersion
GetCPInfo
GetOEMCP
SetErrorMode
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
ExitProcess
HeapReAlloc
HeapSize
GetACP
SetStdHandle
GetFileType
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA

oledlg

ord8

ole32

OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
CoRegisterMessageFilter
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject

olepro32

ord253

oleaut32

SysStringLen
VariantChangeType
SysAllocStringByteLen
VariantCopy
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
VariantTimeToSystemTime
SysFreeString
SysAllocStringLen
VariantClear
SysAllocString

Sections

.text
Size: 376KB - Virtual size: 374KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 48KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 336KB - Virtual size: 336KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6a48c9ec0c3183dd34bd33a4c6b8b855

Headers

File Characteristics

Imports

kernel32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 376KB - Virtual size: 374KB

.rdata Size: 72KB - Virtual size: 69KB

.data Size: 48KB - Virtual size: 130KB

.rsrc Size: 336KB - Virtual size: 336KB

.text
Size: 376KB - Virtual size: 374KB

.rdata
Size: 72KB - Virtual size: 69KB

.data
Size: 48KB - Virtual size: 130KB

.rsrc
Size: 336KB - Virtual size: 336KB