bc7b34c13e4c50abb177f46e53d073a0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

bc7b34c13e4c50abb177f46e53d073a0N.exe
Size

474KB
MD5

bc7b34c13e4c50abb177f46e53d073a0
SHA1

4abfe122e05c17ad9500b3bb516be33a8091ff07
SHA256

e993f6cdfc0701c46de7efa46cd33e6a82da752befb84a8143501fbd6493c572
SHA512

d242dfcd54b719624d529d49185a36fad2d4ef56d5731854bf5ef2c9c9a559df9e918cc931c9cb7c6faeaceff06debdd4174a3106a577212dca0ae754a27658b
SSDEEP

12288:sW7oaIVpP9QYHhFgalGKP0hYHGEBKd/190O:D7ojpyYHbgaYK6YHGE4d99

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc7b34c13e4c50abb177f46e53d073a0N.exe

Files

bc7b34c13e4c50abb177f46e53d073a0N.exe
.exe windows:4 windows x86 arch:x86

28183f3c708420e5dbb54489dce3e5f8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

n:\ekkwse

Imports

kernel32

TlsSetValue
EnumSystemLocalesA
CreateMutexA
GetCurrentProcessId
MultiByteToWideChar
SetStdHandle
IsValidLocale
HeapReAlloc
SetLastError
DeleteCriticalSection
TlsGetValue
GetLocaleInfoA
GetStartupInfoA
GetEnvironmentStringsW
InterlockedCompareExchange
GetCurrentThreadId
SetWaitableTimer
TerminateProcess
FreeEnvironmentStringsA
GetUserDefaultLCID
GetProcAddress
GetTickCount
GetOEMCP
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetModuleFileNameA
VirtualQuery
ContinueDebugEvent
LCMapStringA
HeapDestroy
GetTimeFormatA
EnumResourceTypesA
GetLastError
HeapAlloc
GetStringTypeW
GetCurrentThread
VirtualAlloc
SetHandleCount
FindNextChangeNotification
InitializeCriticalSection
UnhandledExceptionFilter
ReadFile
GetCPInfo
GetTimeZoneInformation
GetPrivateProfileStringA
GetStdHandle
FreeEnvironmentStringsW
GetSystemInfo
ReadFileEx
GetCommandLineA
RtlUnwind
TlsFree
WriteFile
HeapSize
SetEnvironmentVariableA
GetFileType
CompareStringA
LCMapStringW
TlsAlloc
GetLocaleInfoW
IsValidCodePage
CompareStringW
HeapCreate
FlushFileBuffers
SetFilePointer
VirtualFree
GetCurrentProcess
GetModuleHandleA
GetStringTypeA
OpenMutexA
IsBadWritePtr
SystemTimeToFileTime
SetLocalTime
GetDateFormatA
HeapFree
VirtualProtect
VirtualFreeEx
ExitProcess
GetEnvironmentStrings
LeaveCriticalSection
GetVersionExA
EnterCriticalSection
CloseHandle
WideCharToMultiByte
GetACP
GetNamedPipeHandleStateA
InterlockedExchange
LoadLibraryA
lstrcpyn

comctl32

InitCommonControlsEx

user32

CloseClipboard
LoadCursorA
DdeGetData
EnumPropsExW
RegisterClassA
GetTabbedTextExtentW
GetWindowDC
CallNextHookEx
ActivateKeyboardLayout
GetWindowRect
GetProcessWindowStation
RegisterClassExA
GetMenuItemInfoA
LookupIconIdFromDirectory
GetWindowLongW
IsZoomed
PtInRect

Sections

.text
Size: 297KB - Virtual size: 296KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 65KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

28183f3c708420e5dbb54489dce3e5f8

Headers

File Characteristics

PDB Paths

Imports

kernel32

comctl32

user32

Sections

.text Size: 297KB - Virtual size: 296KB

.rdata Size: 65KB - Virtual size: 81KB

.data Size: 104KB - Virtual size: 103KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 297KB - Virtual size: 296KB

.rdata
Size: 65KB - Virtual size: 81KB

.data
Size: 104KB - Virtual size: 103KB

.rsrc
Size: 7KB - Virtual size: 6KB