a5eb86f284e32cf90d171d5d6ca4f0a0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

a5eb86f284e32cf90d171d5d6ca4f0a0N.exe
Size

15KB
MD5

a5eb86f284e32cf90d171d5d6ca4f0a0
SHA1

8e0e08f7c009ec3231f5ffb6640c30403feaf511
SHA256

52895fa99119a37c1a57ddb4dd12d89006de737cfaf7b51b1eec9fe5b1d3dfe5
SHA512

408bccec011ebd1c761ba7385ffd83bc878e9640c8ac94eb52624db0004bbec3ec14ac075859965d3d87241e87dd753555d3a4d1753fd3575cf9fedb9ea41f93
SSDEEP

192:I0yA9J2QgUwRdqazQEHY7cosDP3WLRdrya9muLCgm:9yaJ2QgUlazQEO4/CRf9mi6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a5eb86f284e32cf90d171d5d6ca4f0a0N.exe

Files

a5eb86f284e32cf90d171d5d6ca4f0a0N.exe
.dll windows:4 windows x86 arch:x86

6d3965f9da091c6b01b2f9613635ba82

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetLastError
GetModuleHandleA
GetProcAddress
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
TlsGetValue
VirtualProtect
VirtualQuery

libmingwex-4

__mingw_free

msvcrt

__dllonexit
_errno
_iob
abort
calloc
fflush
fwrite
malloc
vfprintf

agena

agn_checklstring
agn_checknumber
agn_createtable
agn_poptop
agn_reggeti
agn_regsize
agn_seqsize
agn_tointeger
luaL_argerror
luaL_checkstack
luaL_error
luaL_register
lua_gettable
lua_next
lua_pushinteger
lua_pushlstring
lua_pushnil
lua_pushnumber
lua_pushstring
lua_pushvalue
lua_seqrawgeti
lua_settable
lua_tolstring
lua_type
lua_typename
str_charreplace
sun_ceil
sun_log10
tools_branch
tools_isnumericstring
tools_strndup

Exports

Exports

luaopen_skycrane

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 100B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 392B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6d3965f9da091c6b01b2f9613635ba82

Headers

File Characteristics

Imports

kernel32

libmingwex-4

msvcrt

agena

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 8B

.rdata Size: 1KB - Virtual size: 1KB

/4 Size: 1KB - Virtual size: 1KB

.bss Size: - Virtual size: 100B

.edata Size: 512B - Virtual size: 80B

.idata Size: 2KB - Virtual size: 1KB

.CRT Size: 512B - Virtual size: 24B

.tls Size: 512B - Virtual size: 32B

.reloc Size: 512B - Virtual size: 392B

.text
Size: 4KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 8B

.rdata
Size: 1KB - Virtual size: 1KB

/4
Size: 1KB - Virtual size: 1KB

.bss
Size: - Virtual size: 100B

.edata
Size: 512B - Virtual size: 80B

.idata
Size: 2KB - Virtual size: 1KB

.CRT
Size: 512B - Virtual size: 24B

.tls
Size: 512B - Virtual size: 32B

.reloc
Size: 512B - Virtual size: 392B