0026ae60a75c98a4a3bf5e4ad00f3020N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

0026ae60a75c98a4a3bf5e4ad00f3020N.exe
Size

56KB
MD5

0026ae60a75c98a4a3bf5e4ad00f3020
SHA1

3d739b6807d568c17b9c20cec75595563529b4a6
SHA256

22b85c553ed168344afea6b04d7398d3e4257a8cf3cf7de47bf580184b788fb5
SHA512

6e0fe0e9e3d9b590eeb741fd364e333e09a0e22405175aca21a2247440e310836fdab2d461fcab2090519a62ab4593e7f494c45d764830af16940c8eedaa50cd
SSDEEP

1536:iq6V+I6XoKI6jlD7u1M1vq4TtRBWkD0eqLKD:O+IHJ6jlD7RjtREuD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0026ae60a75c98a4a3bf5e4ad00f3020N.exe

Files

0026ae60a75c98a4a3bf5e4ad00f3020N.exe
.exe windows:5 windows x86 arch:x86

1dec01bdbe41d542220a02c6dc61da62

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
DeleteCriticalSection
UnmapViewOfFile
GetCurrentProcessId
MapViewOfFile
SetEvent
InitializeCriticalSection
CreateMutexA
CreateFileMappingA
CreateEventA
GetLastError
GetCurrentProcess
SetCurrentDirectoryA
GetSystemDirectoryA
HeapReAlloc
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
TerminateProcess
GetProcessHeap
HeapAlloc
LoadLibraryA
GetProcAddress
FreeLibrary
CreateThread
OpenProcess
WaitForSingleObject
EnterCriticalSection
ExitThread
LeaveCriticalSection
CloseHandle
GetVersionExA
VirtualProtect
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
VirtualQuery
InterlockedExchange
GetCommandLineA
GetStartupInfoA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
GetACP
GetOEMCP
GetCPInfo
Sleep
VirtualAlloc
RtlUnwind
GetSystemInfo

advapi32

RegOpenKeyExA
FreeSid
RegEnumKeyExA
RegQueryValueExA
RegCloseKey
InitializeSecurityDescriptor
AllocateAndInitializeSid
GetLengthSid
InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl

gdi32

GetStockObject

user32

DefWindowProcA
RegisterClassA
CreateWindowExA
GetMessageA
TranslateMessage
DispatchMessageA

winmm

timeGetTime

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1dec01bdbe41d542220a02c6dc61da62

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

gdi32

user32

winmm

Sections

.text Size: 26KB - Virtual size: 26KB

.data Size: 1024B - Virtual size: 3KB

.rsrc Size: 28KB - Virtual size: 29KB

.text
Size: 26KB - Virtual size: 26KB

.data
Size: 1024B - Virtual size: 3KB

.rsrc
Size: 28KB - Virtual size: 29KB