362f92320c86b049cd89e9e942f1de00N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

362f92320c86b049cd89e9e942f1de00N.exe
Size

148KB
MD5

362f92320c86b049cd89e9e942f1de00
SHA1

91d5bcbb28de296e89b1a4edc80b7f6b26efb168
SHA256

02827cb3daa0e5d8edad118ff6b46509289bb2d567d9c0a7fb8de47fc4d4dfcf
SHA512

05c577e8dab0820b1a6308bbf2b539416d408286ad10167fdf3135383ccb8a61a5532985fe29218c36b343b3af2a688cbe9c8465da2e3913ae4b417fb8b1b3ae
SSDEEP

3072:50Jrs+ZEFwkNJnedvv90lG2lQBV+UdE+rECWp7hKzk:50Jve+oJnel7BV+UdvrEFp7hKzk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
362f92320c86b049cd89e9e942f1de00N.exe

Files

362f92320c86b049cd89e9e942f1de00N.exe
.exe windows:4 windows x86 arch:x86

bafa290248aca5d293143e971ecf0806

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Documents and Settings\Pc\바탕 화면\game\1000원\두루미\h_setting\Release\h_setting.pdb

Imports

kernel32

GetSystemInfo
VirtualProtect
HeapSize
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
SetEndOfFile
LCMapStringW
MultiByteToWideChar
LCMapStringA
GetCPInfo
GetOEMCP
GetACP
QueryPerformanceFrequency
QueryPerformanceCounter
GetModuleHandleA
GetFileAttributesA
CreateFileA
SetFileTime
CloseHandle
InitializeCriticalSection
FlushFileBuffers
ExitProcess
GetSystemTimeAsFileTime
GetStartupInfoA
GetCommandLineA
GetVersionExA
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetModuleFileNameA
GetProcAddress
HeapFree
GetLastError
EnterCriticalSection
LeaveCriticalSection
ReadFile
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
HeapDestroy
HeapCreate
VirtualFree
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
SetFilePointer
HeapAlloc
VirtualAlloc
HeapReAlloc
SetStdHandle

user32

FillRect
ShowWindow
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA
LoadCursorA
RegisterClassExA
AdjustWindowRect
GetDesktopWindow
PostQuitMessage
InvalidateRect
GetDlgItemInt
wsprintfA
MessageBoxA
BeginPaint
EndPaint
DefWindowProcA
CreateWindowExA
SetDlgItemInt
CheckRadioButton
GetDC
SetRect

gdi32

CreatePen
DeleteObject
TextOutA
SetTextColor
MoveToEx
LineTo
GetStockObject

winmm

timeGetTime

Sections

.text
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bafa290248aca5d293143e971ecf0806

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

winmm

Sections

.text Size: 48KB - Virtual size: 45KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 51KB

.rsrc Size: 4KB - Virtual size: 16B

.text
Size: 48KB - Virtual size: 45KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 51KB

.rsrc
Size: 4KB - Virtual size: 16B