dbbb1cc70f43a6d601409774a7383d90N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

dbbb1cc70f43a6d601409774a7383d90N.exe
Size

9.8MB
MD5

dbbb1cc70f43a6d601409774a7383d90
SHA1

9cbef3bd6d932a7d5e782cbaadfdc2f1554e48dc
SHA256

a949bd1f0ee05e829fafbff9e4e3af1ef78b1d840945f21e20c1b75bed9bafeb
SHA512

529148c12a022e2ad12fa5662c2e904c1b903d2656c5b74cd0b7295d16b8d3644b75bf47702bb953a78c77e65623907e5789f83493f4d04eb1ed86be253f4126
SSDEEP

98304:aYU5m3/tPXvNqOu7L9vMiWqNS8pkH7UpdDPZz8:a/S/tPkFt93pdV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dbbb1cc70f43a6d601409774a7383d90N.exe

Files

dbbb1cc70f43a6d601409774a7383d90N.exe
.exe windows:6 windows x64 arch:x64

be9e2276b5d75cd86c685d41bcec5762

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

libifcoremd

for_allocate
for_alloc_allocatable
d_int_val
for_read_seq_fmt
for_write_dir_xmit
for_write_dir
for_ran_
for_dealloc_allocatable
for_read_dir_xmit
for_read_dir
for_alloc_and_init
for_check_mult_overflow64
for_stop_core_quiet
for_close
for_write_seq_lis_xmit
for_write_seq_lis
for_random_number
for_read_int_fmt_xmit
for_read_seq_xmit
for_adjustr
for_inquire
for_set_reentrancy
for_read_int_fmt
for_rewind
for_random_number_single
for_open
for_read_seq_fmt_xmit
for_getenv_err
for_backspace
for_write_seq
for_concat
for_iargc
for_adjustl
for_write_seq_xmit
for_getcmd_arg_err
for_read_seq_lis
for_read_seq_lis_xmit
for_write_seq_fmt_xmit
for_exit
for_f90_index
for_emit_diagnostic
for_f90_scan
for_read_seq
for_random_seed_put
for_len_trim
for_cpystr
for_cpusec_t
for_write_int_fmt
for_rtl_init_
for_rtl_finish_
for__nt_signal_handler
for_write_seq_fmt
for_write_int_fmt_xmit
for_cpstr
for_date_and_time
for_trim

libmmd

sin
cos
atan2
atan
acos
fmod
tan
__powr8i4
log
exp
asin
pow
log10
tgamma
fmax
hypot
cbrt
asinh
remquo
atanh
copysign
remainder
fmin
cosh
sinh
sqrt
tanh

msvcp140

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@H@Z
?wcout@std@@3V?$basic_ostream@_WU?$char_traits@_W@std@@@1@A
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@XZ
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
?fill@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBA_WXZ
?rdbuf@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBAPEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@2@XZ
?tie@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBAPEAV?$basic_ostream@_WU?$char_traits@_W@std@@@2@XZ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAA_JPEB_W_J@Z
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAG_W@Z
?width@ios_base@std@@QEBA_JXZ
?flags@ios_base@std@@QEBAHXZ
?good@ios_base@std@@QEBA_NXZ
?_Winerror_map@std@@YAHH@Z
?_Syserror_map@std@@YAPEBDH@Z
?_Xout_of_range@std@@YAXPEBD@Z
?uncaught_exceptions@std@@YAHXZ
?_Xlength_error@std@@YAXPEBD@Z
?width@ios_base@std@@QEAA_J_J@Z

kernel32

CreateEventA
GetFileSize
GetLocalTime
GetSystemDirectoryA
HeapReAlloc
TlsSetValue
GetFileInformationByHandle
SetErrorMode
ConvertThreadToFiber
GetProcessHeap
GetTickCount
WriteFile
ReleaseMutex
GetSystemInfo
SetFilePointerEx
MultiByteToWideChar
RemoveDirectoryW
QueryPerformanceFrequency
DeleteFiber
SetEndOfFile
OpenSemaphoreA
HeapAlloc
FreeLibrary
SetLastError
DeleteCriticalSection
GetSystemTime
UnmapViewOfFile
LocalAlloc
GetExitCodeThread
GetVolumeInformationA
InitializeCriticalSection
CreateDirectoryW
GetLastError
GetTimeZoneInformation
FindNextFileW
GetFileInformationByHandleEx
AreFileApisANSI
GetFileAttributesExW
FindClose
GetLocaleInfoEx
FormatMessageA
GetThreadLocale
GetModuleHandleW
IsDebuggerPresent
InitializeSListHead
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
SwitchToThread
GetSystemTimeAsFileTime
SystemTimeToFileTime
DeviceIoControl
MoveFileExW
CreateMutexA
GetDriveTypeA
GetEnvironmentVariableA
LeaveCriticalSection
LocalFree
GetEnvironmentVariableW
DuplicateHandle
GetCurrentThreadId
GetVersion
TlsAlloc
LoadLibraryExA
FlushFileBuffers
CreateThread
ResumeThread
ReadFile
SetFileAttributesW
OutputDebugStringA
QueryDosDeviceA
WaitForSingleObject
MapViewOfFile
CreateFileMappingA
OpenMutexA
EnterCriticalSection
OpenProcess
CreateFileW
QueryPerformanceCounter
GetModuleHandleA
CreateFileA
GetComputerNameW
GetModuleFileNameW
WideCharToMultiByte
TlsGetValue
ReleaseSemaphore
TerminateThread
CloseHandle
GetCurrentProcess
GetCurrentProcessId
FindFirstFileW
GetModuleFileNameA
HeapFree
CreateSemaphoreA
GetComputerNameExW
SwitchToFiber
GetProcessTimes
FindNextFileA
SetThreadPriority
DefineDosDeviceA
SearchPathA
FindFirstFileA
CreateProcessW
GetVersionExA
Sleep
SetEvent
GetProcAddress
TerminateProcess
GetLogicalDrives
DeleteFileW

vcruntime140

_CxxThrowException
__std_exception_destroy
__std_exception_copy
__std_terminate
memmove
memcpy
__current_exception_context
memset
strstr
__C_specific_handler
__current_exception

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-runtime-l1-1-0

signal
_register_thread_local_exe_atexit_callback
_c_exit
_cexit
__p___argv
__p___argc
_set_app_type
_invalid_parameter_noinfo_noreturn
_exit
exit
_initterm_e
_initterm
abort
_configure_narrow_argv
_get_initial_narrow_environment
_seh_filter_exe
_initialize_onexit_table
_register_onexit_function
_crt_atexit
_initialize_narrow_environment
terminate

api-ms-win-crt-math-l1-1-0

_dsign
__setusermatherr

api-ms-win-crt-string-l1-1-0

strncpy
strncat
strlen
strncpy_s
strcpy_s

api-ms-win-crt-utility-l1-1-0

srand
rand

api-ms-win-crt-time-l1-1-0

_time64

api-ms-win-crt-heap-l1-1-0

free
malloc
_set_new_mode
_callnewh

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf
_wfopen_s
__acrt_iob_func
__p__commode
_set_fmode
__stdio_common_vfprintf
fclose
fread
fwrite

api-ms-win-crt-environment-l1-1-0

_wdupenv_s
getenv

api-ms-win-crt-convert-l1-1-0

atol

api-ms-win-crt-locale-l1-1-0

___lc_codepage_func
_configthreadlocale

Sections

.text
Size: 7.2MB - Virtual size: 7.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 671KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.trace
Size: 260KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.debug_o
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

be9e2276b5d75cd86c685d41bcec5762

Headers

DLL Characteristics

File Characteristics

Imports

libifcoremd

libmmd

msvcp140

kernel32

vcruntime140

vcruntime140_1

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 7.2MB - Virtual size: 7.2MB

.rdata Size: 1.6MB - Virtual size: 1.6MB

.data Size: 671KB - Virtual size: 1.3MB

.pdata Size: 67KB - Virtual size: 66KB

.trace Size: 260KB - Virtual size: 260KB

_RDATA Size: 4KB - Virtual size: 4KB

.debug_o Size: 111KB - Virtual size: 111KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 17KB - Virtual size: 16KB

.text
Size: 7.2MB - Virtual size: 7.2MB

.rdata
Size: 1.6MB - Virtual size: 1.6MB

.data
Size: 671KB - Virtual size: 1.3MB

.pdata
Size: 67KB - Virtual size: 66KB

.trace
Size: 260KB - Virtual size: 260KB

_RDATA
Size: 4KB - Virtual size: 4KB

.debug_o
Size: 111KB - Virtual size: 111KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 17KB - Virtual size: 16KB