b1d738793d9f9e14706117861c68edb0N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

b1d738793d9f9e14706117861c68edb0N.exe
Size

384KB
MD5

b1d738793d9f9e14706117861c68edb0
SHA1

2b54475e48bc80a38a7aaf3c49ca2a5d6fd7aa52
SHA256

e3a151632660f991c4f5ca4140ff9fcfc6a026e6fbb78e1ae85e1f33015ca5b0
SHA512

1d8b307ae5277580c57f284e097c7b2d489b9580db55fbe0fce48ae7f89b667774d1ac7798a6b1aecb90686818c808c740f45ee3bbcddc4ee5616242b13cc869
SSDEEP

6144:E3WJCAa9FAeyah7q6hmb7SeEBMdqmoAe6MJ5RsYtnil0Y6dlAOcl7e2t0uiMihpf:bfeAMhu6h8+eeMdqFGMJftigdly76u0r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b1d738793d9f9e14706117861c68edb0N.exe

Files

b1d738793d9f9e14706117861c68edb0N.exe
.dll windows:6 windows x86 arch:x86

b7c8993f10dec27599332ce85a1de38a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

gnsdk_fp.pdb

Imports

kernel32

Sleep
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetCurrentProcess
GetProcAddress
LoadLibraryA
CloseHandle
RaiseException
GetLastError
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetEvent
ResetEvent
ReleaseSemaphore
WaitForSingleObject
CreateEventW
CreateSemaphoreW
GetCurrentThreadId
SetThreadPriority
FileTimeToLocalFileTime
QueryPerformanceCounter
QueryPerformanceFrequency
GetSystemTimeAsFileTime
GetLocalTime
FileTimeToSystemTime
GetTimeZoneInformation
GetDateFormatW
GetTimeFormatW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
GetCurrentProcessId
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
InterlockedFlushSList
RtlUnwind
SetLastError
InitializeCriticalSectionAndSpinCount
FreeLibrary
LoadLibraryExW
GetModuleHandleExW
ExitProcess
GetModuleFileNameW
HeapAlloc
HeapFree
LCMapStringW
GetStdHandle
GetFileType
HeapReAlloc
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
SetStdHandle
GetFileSizeEx
SetFilePointerEx
GetStringTypeW
HeapSize
CreateFileW
WriteConsoleW
DecodePointer
DeleteFileW
GetFileAttributesW
GetFileSize
MoveFileW

Exports

Exports

g_gcsl_log_callback
g_gcsl_log_enabled_pkgs
g_gcsl_signal_callback
g_gcsl_thread_registrants
g_gcsl_thread_store_key
gcsl_fs_marker_end
gcsl_fs_marker_initialize
gcsl_fs_marker_start
gcsl_memory_alloc
gcsl_memory_alloc2
gcsl_memory_alloc_count
gcsl_memory_alloc_max
gcsl_memory_alloc_trace
gcsl_memory_alloc_trace_set
gcsl_memory_calloc
gcsl_memory_calloc2
gcsl_memory_checkpoint_report
gcsl_memory_checkpoint_set
gcsl_memory_dup
gcsl_memory_dup2
gcsl_memory_free
gcsl_memory_heap_dump
gcsl_memory_heap_max
gcsl_memory_heap_now
gcsl_memory_heap_warn
gcsl_memory_initialize
gcsl_memory_marker_end
gcsl_memory_marker_initialize
gcsl_memory_marker_start
gcsl_memory_memcmp
gcsl_memory_memcpy
gcsl_memory_memmove
gcsl_memory_memset
gcsl_memory_name_set
gcsl_memory_realloc
gcsl_memory_realloc2
gcsl_memory_register_provider_interface
gcsl_memory_shutdown
gcsl_memory_sizeof
gcsl_time_marker_end
gcsl_time_marker_initialize
gcsl_time_marker_start
gnsdk_fp_data_addref
gnsdk_fp_data_get_info
gnsdk_fp_data_release
gnsdk_fp_data_render
gnsdk_fp_fingerprinter_audio_create
gnsdk_fp_fingerprinter_audio_done
gnsdk_fp_fingerprinter_audio_write
gnsdk_fp_fingerprinter_audio_write_ex
gnsdk_fp_fingerprinter_release
gnsdk_fp_fingerprinter_video_create
gnsdk_fp_fingerprinter_video_done
gnsdk_fp_fingerprinter_video_write
gnsdk_fp_get_build_date
gnsdk_fp_get_version
gnsdk_fp_initialize
gnsdk_fp_shutdown
gnsdk_fp_string_free

Sections

.text
Size: 157KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 149KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b7c8993f10dec27599332ce85a1de38a

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

Exports

Exports

Sections

.text Size: 157KB - Virtual size: 156KB

.rdata Size: 58KB - Virtual size: 58KB

.data Size: 17KB - Virtual size: 30KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 149KB - Virtual size: 148KB

.text
Size: 157KB - Virtual size: 156KB

.rdata
Size: 58KB - Virtual size: 58KB

.data
Size: 17KB - Virtual size: 30KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 149KB - Virtual size: 148KB