3a5733bed14421b37f2665f895814ec0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

3a5733bed14421b37f2665f895814ec0N.exe
Size

106KB
MD5

3a5733bed14421b37f2665f895814ec0
SHA1

cf38692bd22e3816ab71d14a4ca2cc0499dec26a
SHA256

684075a10d65440b1d7049b2261c96d1ed93f1cec28204161e780dbaa1eb733d
SHA512

faaa006fd7a28f0835049c7919406d742a5df899735ebea0474e33a3e0fa8d1c0a3001b877f47f6d124db7c28502219dd47ffd4d6ea2328529d58ec2d03e65ed
SSDEEP

3072:XLCL6H1c8R7fEJBoPf8MzXOoc6H9oROGenAhK:XOL6b71Pf8MzXONy9o1enAhK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a5733bed14421b37f2665f895814ec0N.exe

Files

3a5733bed14421b37f2665f895814ec0N.exe
.dll windows:6 windows x64 arch:x64

7c8774d6e97459c59dcd15e47d2754cc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

CreateFileW
ReadFile
CloseHandle
WideCharToMultiByte
GetLastError
FormatMessageA
LocalFree
GetSystemInfo
CreateFileMappingW
GetFileSizeEx
MapViewOfFile
UnmapViewOfFile
SetFilePointerEx
WriteFile
MultiByteToWideChar
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
RtlCaptureContext
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead

msvcp140

?_Xlength_error@std@@YAXPEBD@Z

vcruntime140_1

__CxxFrameHandler4

vcruntime140

_CxxThrowException
__C_specific_handler
wcsrchr
memcmp
__std_exception_destroy
memmove
__std_exception_copy
strrchr
__std_terminate
memcpy
memset
strchr
__std_type_info_destroy_list
_purecall

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vswprintf
__stdio_common_vsprintf

api-ms-win-crt-string-l1-1-0

isspace
_wcsnicmp
wcscpy_s
strtok
strncpy
_stricmp

api-ms-win-crt-runtime-l1-1-0

_initterm
_cexit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_invalid_parameter_noinfo_noreturn
_initialize_onexit_table
_initterm_e
_configure_narrow_argv
_seh_filter_dll
_initialize_narrow_environment

api-ms-win-crt-time-l1-1-0

strftime
_localtime64

api-ms-win-crt-heap-l1-1-0

_callnewh
free
malloc

Exports

Exports

LoadSubModule
UnloadSubModule

Sections

.text
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7c8774d6e97459c59dcd15e47d2754cc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcp140

vcruntime140_1

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-heap-l1-1-0

Exports

Exports

Sections

.text Size: 71KB - Virtual size: 70KB

.rdata Size: 24KB - Virtual size: 24KB

.data Size: 3KB - Virtual size: 20KB

.pdata Size: 4KB - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 71KB - Virtual size: 70KB

.rdata
Size: 24KB - Virtual size: 24KB

.data
Size: 3KB - Virtual size: 20KB

.pdata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 1KB - Virtual size: 1KB