1a58f09c58aa21cf4ffc9f7acf3a8c60N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

1a58f09c58aa21cf4ffc9f7acf3a8c60N.exe
Size

14KB
MD5

1a58f09c58aa21cf4ffc9f7acf3a8c60
SHA1

63620d695ebf4169258e88a2008d9bd66133f293
SHA256

5a8118f100f81522e86954b7d93cb33802e7a5d6c2d30b8ee22a5d353c2d6b3c
SHA512

ed8f0da68dec1cee46289a2848d72d1f39849e3cfb05737f57441905f3ddfb98d9120b4f9965472c894e4df44231cd32a77cd9c0775268822bfee97e12238725
SSDEEP

384:G2CX2s64vujHx81uKJx8KA4nPVLjLyRjtH:G2CGVj2j0KbndLj+P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a58f09c58aa21cf4ffc9f7acf3a8c60N.exe

Files

1a58f09c58aa21cf4ffc9f7acf3a8c60N.exe
.dll windows:5 windows x86 arch:x86

743e1f3c1c38ede732b42691222c659d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\lib64ocx\lame-3.100\lame-3.100\output\Release\lame_enc_dll.pdb

Imports

libmp3lame

ord25
ord126
ord139
ord59
ord83
ord81
ord55
ord51
ord49
ord47
ord103
ord14
ord42
ord5
ord77
ord6
ord75
ord18
ord4
ord1
ord165
ord105
ord107
ord111
ord72
ord15
ord41
ord23
ord89
ord91
ord93
ord95
ord119
ord121
ord125
ord56
ord48
ord50
ord52
ord27
ord60
ord123
ord117
ord58
ord9
ord76
ord78
ord80
ord82
ord84
ord86
ord97
ord99
ord79
ord101
ord66
ord68
ord70
ord150
ord7
ord148
ord149
ord145
ord19
ord164
ord154
ord155
ord22
ord24
ord57
ord45

kernel32

GetSystemTimeAsFileTime
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
DecodePointer
EncodePointer
GetPrivateProfileIntA
GetModuleFileNameA
OutputDebugStringA
GetCurrentProcessId

user32

MessageBoxA

msvcr100

_except_handler4_common
_lock
__dllonexit
_unlock
__clean_type_info_names_internal
_crt_debugger_hook
__CppXcptFilter
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
malloc
fwrite
free
memcpy
fseek
strncmp
fread
strncpy
atoi
memset
_vsnprintf
fopen
fputs
fclose
_onexit

Exports

Exports

beCloseStream
beDeinitStream
beEncodeChunk
beEncodeChunkFloatS16NI
beFlushNoGap
beInitStream
beVersion
beWriteInfoTag
beWriteVBRHeader

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 892B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 834B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

743e1f3c1c38ede732b42691222c659d

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

libmp3lame

kernel32

user32

msvcr100

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 892B

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 1024B - Virtual size: 834B

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 892B

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 1024B - Virtual size: 834B