166fbea05b8dfd66ef36b8286a941d10N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

166fbea05b8dfd66ef36b8286a941d10N.exe
Size

1.7MB
MD5

166fbea05b8dfd66ef36b8286a941d10
SHA1

624e8045c4a27e2385bde9b78ca916f89651a4c6
SHA256

4d18f7c9322a4c4077491a213884dc53f5afafd3c13314cf57d52411857bcf4b
SHA512

ef997228e40b7878def8053149dc3754a0bedbfd865209ad89c1b43299fe9091ea80efdf0cf3555909c4ae533609bf5556f94108ba2e21d2fc9112f36e8df8ec
SSDEEP

49152:k70U0U0UvgNuvGNEIr2gZQYHnJuXy/GEaYRvbpBVdewAoJ7t97IalQTFUy:k70U0U0UO2guEnJuXyudYtooJLkaty

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
166fbea05b8dfd66ef36b8286a941d10N.exe

Files

166fbea05b8dfd66ef36b8286a941d10N.exe
.exe windows:5 windows x86 arch:x86

b19eb21d7ab581e8f76633c2a4602a1d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

libpcmpi32

ord787
ord1241
ord593
ord785
ord1213
ord791
ord794
ord2354
ord2395
ord327
ord2291
ord2333
ord2278
ord514

kernel32

GetTempPathA
HeapCreate
GetTimeZoneInformation
VirtualQuery
CreateFileW
GetStringTypeW
SetEnvironmentVariableA
CompareStringW
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetProcessHeap
LCMapStringW
IsValidCodePage
GetOEMCP
GetCPInfo
HeapSize
MultiByteToWideChar
GetCurrentThread
InterlockedDecrement
InterlockedIncrement
HeapSetInformation
LoadLibraryW
GetCurrentDirectoryW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
CloseHandle
Sleep
SetCurrentDirectoryA
DeleteFileA
InterlockedExchange
TlsGetValue
TlsSetValue
TlsFree
TlsAlloc
SetLastError
WaitForSingleObject
SetFilePointer
GetLastError
WriteFile
GetFileType
SetEndOfFile
GetFileAttributesExA
GetFileSize
GetFileAttributesA
ReadFile
GetLocalTime
ReleaseMutex
GetCurrentThreadId
CreateMutexA
GetStdHandle
GetThreadLocale
LoadLibraryA
FormatMessageA
IsDebuggerPresent
GetModuleHandleA
GetProcAddress
CreateFileA
FreeLibrary
InitializeCriticalSection
SetEvent
CreateEventA
ExitThread
TerminateThread
CreateProcessA
SetThreadPriority
GetVersionExA
GetFileInformationByHandle
GetFullPathNameA
GetTempFileNameA
IsProcessorFeaturePresent
SetConsoleCtrlHandler
GetACP
GetCommandLineA
SetErrorMode
FlushFileBuffers
GetSystemInfo
GetCurrentProcess
GetProcessTimes
GetSystemDirectoryA
GetExitCodeProcess
GetSystemTimeAsFileTime
HeapAlloc
HeapReAlloc
HeapFree
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileExA
WriteConsoleW
GetModuleFileNameW
GetModuleHandleW
ExitProcess
DecodePointer
EncodePointer
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
SetStdHandle
GetCurrentProcessId
MoveFileA
GetDriveTypeW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetHandleCount
GetStartupInfoW
RtlUnwind
PeekNamedPipe

imagehlp

SymCleanup
StackWalk64
SymInitialize

Exports

Exports

FASTSOLVE2
LONGNAME

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text1
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 173KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 32KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.trace
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 169KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b19eb21d7ab581e8f76633c2a4602a1d

Headers

DLL Characteristics

File Characteristics

Imports

libpcmpi32

kernel32

imagehlp

Exports

Exports

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.text1 Size: 512B - Virtual size: 176B

.rdata Size: 173KB - Virtual size: 173KB

.data Size: 32KB - Virtual size: 1.8MB

.trace Size: 6KB - Virtual size: 5KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 169KB - Virtual size: 172KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.text1
Size: 512B - Virtual size: 176B

.rdata
Size: 173KB - Virtual size: 173KB

.data
Size: 32KB - Virtual size: 1.8MB

.trace
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 169KB - Virtual size: 172KB