000ba1f419d46916ed9a41e087ac6e70N[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

000ba1f419d46916ed9a41e087ac6e70N.exe
Size

76KB
MD5

000ba1f419d46916ed9a41e087ac6e70
SHA1

5bd3df9d41576c89b27e17dfdefffb67bd7688e6
SHA256

a972a90d5422b4ade6da9e31bb392f2eb59dca09eec194c96d093d15254ad3ba
SHA512

7c0853e3530130418abb77e3f35d160a2e96f59c52aa0dd1e77274a8d183320c3e67bb41d059cc2abe7861627a8aabc95417b0af58e294bb866cba81e8ab569f
SSDEEP

1536:dpuglTFvN8OW3csgYTV2bA6tyeieFqZ7XJnlOen2FELUT/ssH1j:d9lTQOW3csLkAsoeFCXJl/OQsH1j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
000ba1f419d46916ed9a41e087ac6e70N.exe

Files

000ba1f419d46916ed9a41e087ac6e70N.exe
.exe windows:4 windows x86 arch:x86

ee19367115eed432b51489f92ac1c55a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
RemoveDirectoryA
DeviceIoControl
SetConsoleOutputCP
PurgeComm
VirtualAlloc
HeapSetInformation
GetComPlusPackageInstallStatus
FindResourceExA
UnlockFile
RtlMoveMemory
GetVersionExA
GetCommandLineA
GetFileAttributesExA
DeleteTimerQueueEx
MoveFileWithProgressA
EndUpdateResourceA
SearchPathA
CreateNamedPipeA
GetCalendarInfoA
GetProfileIntA
SetPriorityClass
GetPriorityClass

advapi32

CredUnmarshalCredentialA
CredMarshalCredentialW

dpmodemx

SPInit

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 46KB - Virtual size: 291KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 1004B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ