3bac6877ce53561b1d55c58027b5ec60N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

3bac6877ce53561b1d55c58027b5ec60N.exe
Size

230KB
MD5

3bac6877ce53561b1d55c58027b5ec60
SHA1

1e5661bd9069ebc44b08ed441ef34f848c69a8cd
SHA256

522d3d51f77f2e789c2b0d545544768e33d374e3f5957bc37520b4003c356850
SHA512

5d2c04bca05cf5d1f04cdc9b569d36f9b13129405f99d5264d1e8844445e18bf7bae46510d22aecfdb0a9e20d76d8d89f3b09eba39a4f5c927f3991f0f17d83a
SSDEEP

3072:ChN0AeVu4ky9gfrbtq3VlMDHwpguLHWlOAZ2mz6bJ5oF7bxCrpAKGUtU29dp2Co:CjeVuTbtcPMDUUP+bJ5K7bqpyQfY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3bac6877ce53561b1d55c58027b5ec60N.exe

Files

3bac6877ce53561b1d55c58027b5ec60N.exe
.exe windows:4 windows x86 arch:x86

e0c46ed5873ba43601c272193e012543

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
GetVersionExA
SizeofResource
LockResource
LoadResource
FreeLibrary
LoadLibraryA
CloseHandle
Sleep
SetEvent
SetEndOfFile
WriteFile
GetLastError
WaitForSingleObject
FreeResource
GetUserDefaultLangID
ExitProcess
CompareStringA
GetModuleHandleA
GetModuleFileNameA
GetWindowsDirectoryA
GetSystemDirectoryA
InterlockedExchange
SetLastError
GetTickCount
CreateFileA
GetConsoleOutputCP
WriteConsoleA
ReadFile
FlushFileBuffers
SetStdHandle
InitializeCriticalSection
GetLocaleInfoA
GetStringTypeA
LCMapStringA
HeapSize
GetConsoleMode
GetConsoleCP
SetFilePointer
GetSystemTimeAsFileTime
QueryPerformanceCounter
HeapFree
HeapAlloc
RtlUnwind
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
GetStdHandle
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
GetCommandLineA
GetCommandLineW

advapi32

RegCloseKey

user32

GetDlgItem
MessageBoxA
EnumThreadWindows
WaitForInputIdle
EndDialog
SendMessageA
GetDesktopWindow

shell32

SHGetSpecialFolderPathW

mapi32

ord21
ord19
ord140

Sections

.text
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e0c46ed5873ba43601c272193e012543

Headers

File Characteristics

Imports

kernel32

advapi32

user32

shell32

mapi32

Sections

.text Size: 82KB - Virtual size: 82KB

.rdata Size: 17KB - Virtual size: 17KB

.data Size: 5KB - Virtual size: 18KB

.rsrc Size: 124KB - Virtual size: 124KB

.text
Size: 82KB - Virtual size: 82KB

.rdata
Size: 17KB - Virtual size: 17KB

.data
Size: 5KB - Virtual size: 18KB

.rsrc
Size: 124KB - Virtual size: 124KB