bdb8306cab7ae2ffc504fe7d31b38440N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

bdb8306cab7ae2ffc504fe7d31b38440N.exe
Size

442KB
MD5

bdb8306cab7ae2ffc504fe7d31b38440
SHA1

a35a409910f3c8cbf623bb43ad9d785815392bb7
SHA256

538ccd8bedb505f960235867ff9030d2f8e05eb10727dcbe962bab1281adf68e
SHA512

c5f222f7f875399713f39aaa0e9a764beafc5bea83919db7164e29cd9a2a50cb9b17327e92b5199f07bd6c3847b83b9c5e3939b80a793edf77815707d7603ee5
SSDEEP

12288:+WowdeAw1D3T9c4Tq/LnIwKh2IZKl0ruf0/V2:+WM6HrIwKfvuH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bdb8306cab7ae2ffc504fe7d31b38440N.exe

Files

bdb8306cab7ae2ffc504fe7d31b38440N.exe
.exe windows:4 windows x86 arch:x86

1c1e26b48f59bb7b36d3a8177666cc66

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoW
GetUserDefaultLCID
HeapDestroy
SetEnvironmentVariableA
GetProcAddress
HeapSize
HeapReAlloc
SetLastError
MultiByteToWideChar
GetLastError
GetCurrentProcessId
Sleep
SleepEx
FreeEnvironmentStringsA
TlsAlloc
VirtualFree
InitializeCriticalSectionAndSpinCount
GetProfileIntA
TlsFree
WideCharToMultiByte
GetACP
TlsSetValue
FormatMessageA
GetStdHandle
InterlockedIncrement
SetEvent
GetDateFormatA
WaitForSingleObjectEx
GetSystemTime
ExitProcess
GetTickCount
SetConsoleOutputCP
SetUnhandledExceptionFilter
HeapFree
CompareStringW
GetModuleFileNameA
GetModuleHandleW
LoadLibraryA
QueryPerformanceCounter
CompareStringA
VirtualAlloc
GetUserDefaultLangID
DebugActiveProcess
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
DeleteCriticalSection
FreeEnvironmentStringsW
GetCommandLineA
LCMapStringW
TlsGetValue
HeapCreate
GetEnvironmentStrings
GetSystemTimeAsFileTime
EnterCriticalSection
GetCompressedFileSizeW
GetOEMCP
EnumSystemLocalesA
FreeLibrary
OpenFileMappingW
SetConsoleCtrlHandler
IsDebuggerPresent
GetStartupInfoA
GetFileType
GetCPInfo
LeaveCriticalSection
CreateMutexW
GetTimeFormatA
SetHandleCount
GetCurrentThread
ConvertDefaultLocale
InterlockedExchange
GetLocaleInfoA
WriteFile
UnlockFile
IsValidCodePage
GetNumberFormatA
GetTimeZoneInformation
InterlockedDecrement
GetStringTypeW
HeapAlloc
LCMapStringA
GetVolumeInformationW
lstrcatA
GetStringTypeA
VirtualQuery
GetModuleHandleA
IsValidLocale
GetEnvironmentStringsW

shell32

SHLoadInProc
ExtractAssociatedIconExW
ShellHookProc
DragQueryFileA
SHGetSettings
SHGetDataFromIDListA
SHFileOperationA
RealShellExecuteA
InternalExtractIconListA
SHGetDesktopFolder
FindExecutableA
SHGetDiskFreeSpaceA
SHGetFileInfoA

Sections

.text
Size: 157KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 276KB - Virtual size: 304KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1c1e26b48f59bb7b36d3a8177666cc66

Headers

File Characteristics

Imports

kernel32

shell32

Sections

.text Size: 157KB - Virtual size: 156KB

.data Size: 276KB - Virtual size: 304KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 157KB - Virtual size: 156KB

.data
Size: 276KB - Virtual size: 304KB

.rsrc
Size: 8KB - Virtual size: 7KB