266ce02f6f2ea131ae5ad7db2c546950N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

266ce02f6f2ea131ae5ad7db2c546950N.exe
Size

18KB
MD5

266ce02f6f2ea131ae5ad7db2c546950
SHA1

a8859b2228600eafded546f6e75378ac6ce1a48c
SHA256

9054fa462ea63ba4be1feab794fb3f7890cd7493f92e9d82c3c47b5c1355f61a
SHA512

e2440be7efa9684e52158089fa1ddfc8ed07b06a2a2263a9b778a2b10314e19d0e170f993ea3f25966f4ee243fb72b85798a2fa4a1f35b86cce89140c4be2a3a
SSDEEP

192:otGHPdeIjEOoZ8vKUgwS9OUFe5e/ZOn8rkL6wcF61THLJIXyH4wHVW5IgnvH+Bct:+0d3cKAw778XwRdHLJkwHq1mBcMxsM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
266ce02f6f2ea131ae5ad7db2c546950N.exe

Files

266ce02f6f2ea131ae5ad7db2c546950N.exe
.dll windows:5 windows x86 arch:x86

5bde3a6e417455faed77c0b121b090be

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\nzx3r\Desktop\тут все\ᛋᛋ 2\client_vs2022\Release\client.pdb

Imports

kernel32

GetModuleHandleW
FreeLibrary
CreateThread
IsDebuggerPresent
InitializeSListHead
LoadLibraryA
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
DisableThreadLibraryCalls
MoveFileExA
VirtualAlloc
GetModuleFileNameA
GetLastError
MultiByteToWideChar
GetSystemTimeAsFileTime
UnhandledExceptionFilter

ws2_32

htons
setsockopt
WSAGetLastError
recv
closesocket
gethostbyname
connect
socket
send
WSAStartup

crypt32

CertGetCertificateChain
CertFreeCertificateChain
CertCloseStore
CertFreeCertificateContext
CertNameToStrA
CertGetIssuerCertificateFromStore
CertOpenSystemStoreA
CertFindChainInStore
CertVerifyCertificateChainPolicy

secur32

ApplyControlToken
QueryContextAttributesA
EncryptMessage
AcquireCredentialsHandleA
DeleteSecurityContext
InitializeSecurityContextA
FreeCredentialsHandle
DecryptMessage
FreeContextBuffer

vcruntime140

strrchr
strstr
__std_exception_copy
__std_exception_destroy
_CxxThrowException
__std_type_info_destroy_list
memset
_except_handler4_common
memcpy

api-ms-win-crt-stdio-l1-1-0

fopen
fwrite
__stdio_common_vfprintf
fflush
__acrt_iob_func
__stdio_common_vsprintf
fclose

api-ms-win-crt-heap-l1-1-0

_callnewh
free
malloc
realloc

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
_configure_narrow_argv
_cexit
_seh_filter_dll
_initialize_narrow_environment
_beginthread
_initterm
_execute_onexit_table
_initterm_e

api-ms-win-crt-convert-l1-1-0

strtoul

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5bde3a6e417455faed77c0b121b090be

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

ws2_32

crypt32

secur32

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-convert-l1-1-0

Sections

.text Size: 10KB - Virtual size: 9KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 936B

.text
Size: 10KB - Virtual size: 9KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 936B