bc18a9318b6084d05c11f76f37cdf880N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

bc18a9318b6084d05c11f76f37cdf880N.exe
Size

23KB
MD5

bc18a9318b6084d05c11f76f37cdf880
SHA1

f1d36b77250fb5a72186e2f3c077c35614455191
SHA256

9a95e54ec707c9094a4f7a3d145ef1d315ea90b94a1cfd11b8c41d42e305cde1
SHA512

862536d5e444dcfcdffe32c21bca88f59bd9701d6d472a44e3edac2a3c2d44dc81d40eac1b502f5475d418705af7c2447db9f198ff336f061f937dd99cd8f119
SSDEEP

384:V5yxzB6kh2fGwWC8uWwX/2GlgHKiIDxcbMt:V5m4khWUC8Pwe9vbM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc18a9318b6084d05c11f76f37cdf880N.exe

Files

bc18a9318b6084d05c11f76f37cdf880N.exe
.exe windows:6 windows x64 arch:x64

ad74772f4f03c1e9dc3e7d6c433adae6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcp140

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?_Xlength_error@std@@YAXPEBD@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADXZ
?flags@ios_base@std@@QEBAHXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?good@ios_base@std@@QEBA_NXZ
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?uncaught_exceptions@std@@YAHXZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?width@ios_base@std@@QEAA_J_J@Z
?width@ios_base@std@@QEBA_JXZ

kernel32

ExitProcess
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetModuleHandleExW
GetModuleHandleW
GetProcAddress
GetStartupInfoW
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
IsProcessorFeaturePresent
QueryPerformanceCounter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetUnhandledExceptionFilter
Sleep
TerminateProcess
UnhandledExceptionFilter
VirtualQuery

msvcrt

?_set_new_mode@@YAHH@Z
?terminate@@YAXXZ
_CxxThrowException
_XcptFilter
__C_specific_handler
__CxxFrameHandler3
__getmainargs
__set_app_type
_acmdln
_amsg_exit
_callnewh
_commode
_errno
_initterm
_initterm_e
_ismbblead
_msize
_set_fmode
free
malloc
memcpy
memmove
memset
realloc
strcpy_s
strlen

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.retplne
Size: 512B - Virtual size: 140B

.tls
Size: 512B - Virtual size: 17B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ad74772f4f03c1e9dc3e7d6c433adae6

Headers

DLL Characteristics

File Characteristics

Imports

msvcp140

kernel32

msvcrt

Sections

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 1KB - Virtual size: 1KB

.retplne Size: 512B - Virtual size: 140B

.tls Size: 512B - Virtual size: 17B

.reloc Size: 512B - Virtual size: 112B

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 1KB - Virtual size: 1KB

.retplne
Size: 512B - Virtual size: 140B

.tls
Size: 512B - Virtual size: 17B

.reloc
Size: 512B - Virtual size: 112B