51ead6032a4de23d992b1f44c547bab0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

51ead6032a4de23d992b1f44c547bab0N.exe
Size

17KB
MD5

51ead6032a4de23d992b1f44c547bab0
SHA1

dad8d6b981516ed78fda1f3a97786b626f2c9f40
SHA256

7c31f0e480a313c0033f5dc368955583e0dbacb6c2eb4df8852d641fb24ca08c
SHA512

bba30ecccf7a1041a755af23830e9b7516ba6bac1e47263614844ba8de2569454039e9caa0acfccc9c650f408253b7e3c7a20a37843af7427bf4b185af0d10b5
SSDEEP

192:wleaixa3r7DZfSH/pU0dcBvuOLBKvSOe1VRqft7lFnIsO1Ad3Q5tfqcgixTlnP:wleVxwHVw/pQTNPOeWf1lzOI3hsln

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
51ead6032a4de23d992b1f44c547bab0N.exe

Files

51ead6032a4de23d992b1f44c547bab0N.exe
.exe windows:6 windows x64 arch:x64

176d2ebfdb5cee848e6e8e8201b04f18

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\win11vm\source\repos\build\x64\Release\build.pdb

Imports

kernel32

GetCurrentProcess
WideCharToMultiByte
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetModuleHandleW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
UnhandledExceptionFilter

user32

CharLowerA

msvcp140

?_Xlength_error@std@@YAXPEBD@Z

ntdll

RtlLookupFunctionEntry
RtlCaptureContext
RtlVirtualUnwind

vcruntime140_1

__CxxFrameHandler4

vcruntime140

_CxxThrowException
memset
__C_specific_handler
strstr
__std_exception_destroy
__current_exception
__current_exception_context
__std_exception_copy
memcpy

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
_set_fmode
__p__commode
__stdio_common_vfprintf

api-ms-win-crt-runtime-l1-1-0

__p___argv
_cexit
_c_exit
_register_thread_local_exe_atexit_callback
_initterm_e
_get_initial_narrow_environment
_initialize_narrow_environment
__p___argc
_initialize_onexit_table
_register_onexit_function
_crt_atexit
terminate
_configure_narrow_argv
_invalid_parameter_noinfo_noreturn
exit
_exit
_set_app_type
_seh_filter_exe
_initterm

api-ms-win-crt-heap-l1-1-0

malloc
_set_new_mode
_callnewh
free

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 684B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

176d2ebfdb5cee848e6e8e8201b04f18

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

msvcp140

ntdll

vcruntime140_1

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 1024B - Virtual size: 684B

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 512B - Virtual size: 88B

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 1024B - Virtual size: 684B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 512B - Virtual size: 88B