cb89ebb18afa49b47b7bc22c9c745910N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

cb89ebb18afa49b47b7bc22c9c745910N.exe
Size

252KB
MD5

cb89ebb18afa49b47b7bc22c9c745910
SHA1

8cbc61f2e0c625b7b2f90d043187cd1dd05ff369
SHA256

7234963cd9f32384913b2017b79f5202d3b4ed381efef0480d012c2b88a0cdb6
SHA512

d0522d4952e80d2599e82e569859e0597613148eecdbe534c3d23ae2ad8be6b32ab0906da48dbc6c61835458bccefbffa59ffae049d4835b1d082d5772d31c55
SSDEEP

6144:ecamLyMa/Z6a8kejwlhMVYjFeZDI/N5V12fsk:ece9Zg5jwlhzFeZDek

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cb89ebb18afa49b47b7bc22c9c745910N.exe

Files

cb89ebb18afa49b47b7bc22c9c745910N.exe
.exe windows:4 windows x86 arch:x86

37838fe6a8bb1fe034dd95a9b83c4d8e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
GetLocalTime
GetModuleFileNameA
CopyFileA
DeleteFileA
CloseHandle
WaitForSingleObject
TlsFree
GetFileType
GetStdHandle
SetFilePointer
GetPrivateProfileStringA
GetFileSize
CreateFileA
GetLastError
CreateMutexA
HeapFree
HeapAlloc
RtlUnwind
RaiseException
GetCommandLineA
GetVersion
ExitProcess
GetCurrentProcessId
GetTimeZoneInformation
GetSystemTimeAsFileTime
MoveFileA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileA
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
FatalAppExitA
GetCurrentThreadId
TlsSetValue
TlsAlloc
WideCharToMultiByte
SetLastError
TlsGetValue
GetCurrentThread
SetEnvironmentVariableA
SetHandleCount
InterlockedExchange
GetLocaleInfoW
GetStartupInfoA
SetUnhandledExceptionFilter
TerminateProcess
GetCurrentProcess
HeapSize
GetProcAddress
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
Sleep
InterlockedDecrement
InterlockedIncrement
GetFullPathNameA
GetCurrentDirectoryA
SetCurrentDirectoryA
IsBadReadPtr
IsBadCodePtr
SetStdHandle
FlushFileBuffers
ReadFile
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
GetStringTypeA
GetStringTypeW
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
LCMapStringA
LCMapStringW
SetConsoleCtrlHandler
SetEndOfFile
CompareStringA
CompareStringW

user32

wsprintfA

shell32

ShellExecuteExA

shlwapi

PathRemoveFileSpecA
PathIsRelativeA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

Sections

.text
Size: 196KB - Virtual size: 193KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

37838fe6a8bb1fe034dd95a9b83c4d8e

Headers

File Characteristics

Imports

kernel32

user32

shell32

shlwapi

advapi32

Sections

.text Size: 196KB - Virtual size: 193KB

.rdata Size: 28KB - Virtual size: 26KB

.data Size: 24KB - Virtual size: 29KB

.text
Size: 196KB - Virtual size: 193KB

.rdata
Size: 28KB - Virtual size: 26KB

.data
Size: 24KB - Virtual size: 29KB