324de1dab0a5fdd6e5d5f8ab449b1ad0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

324de1dab0a5fdd6e5d5f8ab449b1ad0N.exe
Size

5.2MB
MD5

324de1dab0a5fdd6e5d5f8ab449b1ad0
SHA1

c5f6559e533970c49f82a25e2cee7ca8c416a052
SHA256

e83ea0c2cda4bdb1cf1b8c7b1d0cce683daf1b36e212de02e3c4f04aa0145dc3
SHA512

36a928842eed1bef304b1cec4782c1408f8106a54c2e1c19e503c78b4a889cb40839d5dce8ee50a5eb2d26582050320c84c3015d47c5a5d3d44ce101dfc2b4b4
SSDEEP

49152:hVuaWF7MGAJff3uLD4TVOW/GpGN+YRdtg2N4bmxWnn/oJ1nLGNDOVRiMj3uxAKve:OaWU/vQoJIG3wR9PNJURtxM1uie

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
324de1dab0a5fdd6e5d5f8ab449b1ad0N.exe

Files

324de1dab0a5fdd6e5d5f8ab449b1ad0N.exe
.dll windows:4 windows x64 arch:x64

40d043bb77e1146eb20c45d65b924855

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

d:\jk_9\workspace\CBB_DH3.RDA000419_NetSDK_Windows_windows\code_path\NetSdk__b27070\Bin\Release(PDB)_x64\dhconfigsdk.pdb

Imports

ws2_32

ntohs

kernel32

TlsFree
CreateDirectoryA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
WideCharToMultiByte
GetLocalTime
GetCurrentThreadId
GetCurrentProcessId
GetModuleFileNameA
GetLastError
CopyFileA
Sleep
CloseHandle
CreateEventA
SetEvent
ResetEvent
WaitForSingleObject
TerminateThread
GetTickCount
LoadLibraryExA
GetProcAddress
FreeLibrary
OutputDebugStringA
LoadLibraryA
RtlLookupFunctionEntry
RtlUnwindEx
RaiseException
RtlPcToFileHeader
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlCaptureContext
FlsSetValue
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetTimeZoneInformation
GetSystemTimeAsFileTime
ExitThread
CreateThread
WriteConsoleW
GetFileType
GetStdHandle
DebugBreak
GetModuleFileNameW
GetModuleHandleA
FlsGetValue
TlsAlloc
GetFileAttributesA
FlsFree
SetLastError
TlsSetValue
GetCurrentThread
FlsAlloc
RtlVirtualUnwind
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
ExitProcess
HeapSetInformation
HeapCreate
HeapDestroy
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
WriteFile
GetConsoleCP
GetConsoleMode
FlushFileBuffers
FatalAppExitA
SetFilePointer
SetConsoleCtrlHandler
LoadLibraryW
LCMapStringA
LCMapStringW
ReadFile
GetStringTypeA
GetStringTypeW
GetDateFormatA
GetTimeFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
HeapReAlloc
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
SetStdHandle
CreateFileA
SetEndOfFile
CompareStringA
CompareStringW
SetEnvironmentVariableA

Exports

Exports

CLIENT_PacketData
CLIENT_ParseAnalyzerEventData
CLIENT_ParseData
CLIENT_ParseDataByCallback
CLIENT_ParseVideoInAnalyse

Sections

.text
Size: 3.9MB - Virtual size: 3.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 906KB - Virtual size: 906KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 117KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 256KB - Virtual size: 255KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

40d043bb77e1146eb20c45d65b924855

Headers

File Characteristics

PDB Paths

Imports

ws2_32

kernel32

Exports

Exports

Sections

.text Size: 3.9MB - Virtual size: 3.9MB

.rdata Size: 906KB - Virtual size: 906KB

.data Size: 117KB - Virtual size: 125KB

.pdata Size: 256KB - Virtual size: 255KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 42KB - Virtual size: 42KB

.text
Size: 3.9MB - Virtual size: 3.9MB

.rdata
Size: 906KB - Virtual size: 906KB

.data
Size: 117KB - Virtual size: 125KB

.pdata
Size: 256KB - Virtual size: 255KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 42KB - Virtual size: 42KB