2a14cdc9c4bef72295b9b8e58739b630N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

2a14cdc9c4bef72295b9b8e58739b630N.exe
Size

51KB
MD5

2a14cdc9c4bef72295b9b8e58739b630
SHA1

f466e8b497bde481058d072dd535d600eec0fb56
SHA256

93322e6b2c614bc2616acfa0961011325af2f36d33a2682fd3b90514abb33f56
SHA512

28e4239737a397fbdcb4b4442bf20c57e6992b7c989bac2bb394cb3aa8dbe454a76d5b95c8c3621deb1678ace4222ba24e9a34bdd94c6033db76c6724b52bee9
SSDEEP

768:12lSdU8Ww8ivBSK0kIMA4HT39+51FlOukUI/IX1g73P2V19Ip7:124dU8WwLv4K0/ps9+51E9iIp7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a14cdc9c4bef72295b9b8e58739b630N.exe

Files

2a14cdc9c4bef72295b9b8e58739b630N.exe
.exe windows:5 windows x64 arch:x64

2c846b069d5d52230b926c4b47e04b14

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

j:\test\apprutil\objfre_wnet_AMD64\amd64\HPprutil.pdb

Imports

msvcrt

printf
??1type_info@@UEAA@XZ
?terminate@@YAXXZ
_onexit
__dllonexit
__set_app_type
_fmode
_commode
__setusermatherr
_initterm
__getmainargs
__initenv
_cexit
_exit
_c_exit
_XcptFilter
__C_specific_handler
_fgetchar
_iob
fflush
atoi
_strlwr
_CxxThrowException
??0exception@@QEAA@AEBV0@@Z
_strnicmp
atol
_wcsdup
wcstok
_strdup
strstr
strtok
??2@YAPEAX_K@Z
__CxxFrameHandler
??3@YAXPEAX@Z
strncpy
memcpy
exit
memset
sprintf
free
malloc
_itoa
_callnewh

msvcp60

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QEAA@PEBDAEBV?$allocator@D@1@@Z
??0out_of_range@std@@QEAA@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QEAA@XZ
??1out_of_range@std@@UEAA@XZ
??0out_of_range@std@@QEAA@AEBV01@@Z
?nothrow@std@@3Unothrow_t@1@B
??0Init@ios_base@std@@QEAA@XZ
??0_Winit@std@@QEAA@XZ
??1Init@ios_base@std@@QEAA@XZ
??1_Winit@std@@QEAA@XZ
??0logic_error@std@@QEAA@AEBV01@@Z

kernel32

GetCurrentProcess
SetLastError
DeviceIoControl
CreateFileA
Sleep
GetLastError
WideCharToMultiByte
QueryDosDeviceA
CreateThread
CreateSemaphoreA
GetVersionExA
QueryPerformanceCounter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CloseHandle
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount

setupapi

SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiDestroyDeviceInfoList

oleaut32

SysAllocString
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetElement
VariantInit
SysFreeString

ole32

OleInitialize
OleUninitialize
CoCreateInstance
CoSetProxyBlanket

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2c846b069d5d52230b926c4b47e04b14

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

msvcp60

kernel32

setupapi

oleaut32

ole32

Sections

.text Size: 46KB - Virtual size: 45KB

.data Size: 1024B - Virtual size: 2KB

.pdata Size: 2KB - Virtual size: 2KB

.rsrc Size: 1024B - Virtual size: 1008B

.text
Size: 46KB - Virtual size: 45KB

.data
Size: 1024B - Virtual size: 2KB

.pdata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1024B - Virtual size: 1008B