b780a1dd23cd0483bf23bc3cf57974d0N[.]exe

General

Target

b780a1dd23cd0483bf23bc3cf57974d0N.exe
Size

474KB
MD5

b780a1dd23cd0483bf23bc3cf57974d0
SHA1

95ff661ecbf92921dd4cff4c29d1757b09639cd7
SHA256

957289067d4b1f251e0a3010edc113360c7518dd8cd0f433f35f90300f330d8f
SHA512

e769a61da5cf969ce4bde1aeb7e38d6b7b791d333d26af9002faa9964da0d752b5d3472f5f2267171de811614d229ba0f9222f38d3ce99ce8f191522c6ea3044
SSDEEP

12288:UiINbNQLtg0nWgd3vDjtNytKJt6orak32GlsvPMZH+m:6PRDorV31lsvPMZem

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b780a1dd23cd0483bf23bc3cf57974d0N.exe

Files

b780a1dd23cd0483bf23bc3cf57974d0N.exe
.exe windows:4 windows x86 arch:x86

7509df3c1d8637c721842d732dc328a5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapDestroy
LCMapStringW
MultiByteToWideChar
WriteFile
GetProcAddress
SetEnvironmentVariableA
HeapReAlloc
SetLastError
GetCPInfo
GetVersionExA
GetCurrentProcessId
HeapAlloc
DeleteCriticalSection
GetOEMCP
UnhandledExceptionFilter
GetModuleHandleA
SetHandleCount
SetStdHandle
ExitThread
TlsSetValue
GetStringTypeA
IsValidCodePage
GetCurrentThread
IsBadWritePtr
TlsAlloc
CompareStringW
GetTimeZoneInformation
CreateFileMappingA
InterlockedDecrement
ExitProcess
GetTickCount
ReadConsoleA
IsValidLocale
HeapFree
GetFileType
GetModuleFileNameA
HeapSize
LoadLibraryA
QueryPerformanceCounter
GetEnvironmentStringsW
VirtualAlloc
GetSystemTime
GetCommandLineA
VirtualQuery
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
GetLastError
GetStartupInfoA
GetSystemInfo
VirtualFree
GetTimeFormatW
LeaveCriticalSection
GetDateFormatA
GetSystemTimeAsFileTime
GetLocaleInfoA
FreeEnvironmentStringsA
CreateSemaphoreW
GetLocaleInfoW
GetStdHandle
EnumSystemLocalesA
WideCharToMultiByte
TlsFree
InitializeCriticalSection
EnterCriticalSection
GetStringTypeW
VirtualProtect
CompareStringA
LCMapStringA
FreeEnvironmentStringsW
GetTimeFormatA
FlushFileBuffers
InterlockedExchange
HeapCreate
GetUserDefaultLCID
GetEnvironmentStrings
TlsGetValue
GetACP

wininet

FtpOpenFileW
InternetQueryOptionW
InternetDial
FindFirstUrlCacheContainerA
GetUrlCacheConfigInfoA
InternetReadFile
InternetInitializeAutoProxyDll

Sections

.text
Size: 150KB - Virtual size: 150KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 309KB - Virtual size: 308KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7509df3c1d8637c721842d732dc328a5

Headers

File Characteristics

Imports

kernel32

wininet

Sections

.text Size: 150KB - Virtual size: 150KB

.data Size: 309KB - Virtual size: 308KB

.rsrc Size: 14KB - Virtual size: 13KB

.text
Size: 150KB - Virtual size: 150KB

.data
Size: 309KB - Virtual size: 308KB

.rsrc
Size: 14KB - Virtual size: 13KB