90d26ff8593edd5d9c92562154b08510N[.]exe

General

Target

90d26ff8593edd5d9c92562154b08510N.exe
Size

489KB
MD5

90d26ff8593edd5d9c92562154b08510
SHA1

21d8605b0a045692b38f85b3c4d5b17bcb38aa10
SHA256

d1e7bc718ebc1ac6bf1821d8d62e022921d650b2a4c9fafcc55263350fa9a1dd
SHA512

10c42657b6d810a039149db5774f11253af34cbe664f68dc3f4129611e3733f9b429214b04cbcef1c67f081bb11d0e86168d9876bb9dfbe218132caf38c905d8
SSDEEP

12288:pvn62AKmspwfJwEdQqaemippctIrAOa4ag:B62AKmspanBanipitV4r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
90d26ff8593edd5d9c92562154b08510N.exe

Files

90d26ff8593edd5d9c92562154b08510N.exe
.exe windows:4 windows x86 arch:x86

bebd0f3473bf10f44989cfccc5ca3aa4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsValidLocale
SetHandleCount
SetUnhandledExceptionFilter
GetEnvironmentStringsW
GetProcAddress
Sleep
HeapReAlloc
TlsFree
GetFileType
IsDebuggerPresent
GetCurrentProcessId
HeapAlloc
GetCPInfo
GetTimeFormatA
WideCharToMultiByte
GetModuleHandleA
TlsAlloc
GetDiskFreeSpaceW
EnumSystemLocalesA
VirtualFree
HeapCreate
MultiByteToWideChar
GetLocaleInfoA
LeaveCriticalSection
TlsGetValue
GetACP
InterlockedDecrement
FreeEnvironmentStringsW
OpenSemaphoreW
ExitProcess
GetTickCount
FreeEnvironmentStringsA
SetConsoleCtrlHandler
HeapFree
GetStartupInfoA
GetModuleFileNameA
LCMapStringA
LoadLibraryA
QueryPerformanceCounter
GetOEMCP
VirtualAlloc
CompareStringW
GetLastError
VirtualQuery
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
GetStdHandle
GetTimeZoneInformation
HeapSize
WriteFile
EnterCriticalSection
SetLastError
GetLocaleInfoW
GetSystemTimeAsFileTime
GetStringTypeA
GetDateFormatA
CompareStringA
GetStringTypeW
GetUserDefaultLCID
GetCurrentThread
UnhandledExceptionFilter
TlsSetValue
LCMapStringW
GetCommandLineA
HeapDestroy
GetModuleHandleW
FreeLibrary
SetEnvironmentVariableA
GetEnvironmentStrings
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
InterlockedExchange
IsValidCodePage
InterlockedIncrement

shell32

DragAcceptFiles
SHGetPathFromIDListW
SHFreeNameMappings

Sections

.text
Size: 166KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 312KB - Virtual size: 311KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bebd0f3473bf10f44989cfccc5ca3aa4

Headers

File Characteristics

Imports

kernel32

shell32

Sections

.text Size: 166KB - Virtual size: 165KB

.data Size: 312KB - Virtual size: 311KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 166KB - Virtual size: 165KB

.data
Size: 312KB - Virtual size: 311KB

.rsrc
Size: 10KB - Virtual size: 10KB