1d4616324c066a58bbbb5c86c2c924e0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

1d4616324c066a58bbbb5c86c2c924e0N.exe
Size

481KB
MD5

1d4616324c066a58bbbb5c86c2c924e0
SHA1

5aa8b09b0972e5511928488faf2c4ca6bf005b8a
SHA256

ba50594f92b18a3f604e17370a6d403c92a8acbe066447c6667da108e3c08d02
SHA512

a370fec7e379c12870e6edfe1aa8ad625b37a9cc0d5567801c02da90613cd7c92c0e7ed2e9555ab2e00f3a401d789f454dcc6cb8bcbe10fb1ac1c956a48c961c
SSDEEP

6144:qsEsr///fbTXmeKHCYp+Xu7brabiz2BJWIyeoTDKj5JejBdv:qst/XkCYp+6br52/WIyB6af

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1d4616324c066a58bbbb5c86c2c924e0N.exe

Files

1d4616324c066a58bbbb5c86c2c924e0N.exe
.exe windows:5 windows x86 arch:x86

87e7e4eefdf5514bea443f5ce4f8e760

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\owner\Desktop\card_source\BCAS\Debug\CardTool.pdb

Imports

winscard

SCardEstablishContext
SCardListReadersA
SCardReleaseContext
SCardFreeMemory
SCardGetStatusChangeA
SCardTransmit
g_rgSCardT1Pci
SCardConnectA
SCardDisconnect

kernel32

SetLastError
SetStdHandle
FlushFileBuffers
GetUserDefaultLCID
EnumSystemLocalesA
GetSystemTime
CloseHandle
ReadFile
SetFilePointer
GetFileSize
CreateFileA
WriteFile
GetLocalTime
GetLastError
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
PeekConsoleInputA
GetNumberOfConsoleInputEvents
RtlUnwind
WideCharToMultiByte
IsDebuggerPresent
MultiByteToWideChar
RaiseException
lstrlenA
GetProcAddress
LoadLibraryW
DecodePointer
EncodePointer
GetCommandLineA
HeapSetInformation
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
FatalAppExitA
HeapValidate
IsBadReadPtr
GetModuleFileNameW
CreateFileW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TlsAlloc
TlsGetValue
TlsSetValue
GetCurrentThreadId
TlsFree
GetModuleHandleW
InterlockedIncrement
IsValidLocale
InterlockedDecrement
GetCurrentThread
HeapFree
HeapAlloc
GetProcessHeap
VirtualQuery
FreeLibrary
GetStdHandle
GetLocaleInfoW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
ExitProcess
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoW
HeapCreate
HeapDestroy
IsProcessorFeaturePresent
HeapReAlloc
HeapSize
HeapQueryInformation
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
OutputDebugStringA
WriteConsoleW
OutputDebugStringW
SetConsoleCtrlHandler
InterlockedExchange
GetConsoleCP
LCMapStringW
GetStringTypeW
GetLocaleInfoA

Sections

.textbss
Size: - Virtual size: 177KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 377KB - Virtual size: 376KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

87e7e4eefdf5514bea443f5ce4f8e760

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

winscard

kernel32

Sections

.textbss Size: - Virtual size: 177KB

.text Size: 377KB - Virtual size: 376KB

.rdata Size: 69KB - Virtual size: 68KB

.data Size: 13KB - Virtual size: 22KB

.idata Size: 3KB - Virtual size: 3KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 16KB - Virtual size: 15KB

.textbss
Size: - Virtual size: 177KB

.text
Size: 377KB - Virtual size: 376KB

.rdata
Size: 69KB - Virtual size: 68KB

.data
Size: 13KB - Virtual size: 22KB

.idata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 16KB - Virtual size: 15KB