46f074e9c3c07f85070ead40334396b0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

46f074e9c3c07f85070ead40334396b0N.exe
Size

375KB
MD5

46f074e9c3c07f85070ead40334396b0
SHA1

436d5192de18871db77a93feb4b0eebd7af91257
SHA256

2adbcbf6c1abd89856db982c916f31d1e38d6949128498591417450145c96640
SHA512

ff89f25498db6260041d352c6042a94e8030e4dc567ad79163cde44684a4076fac34765e303b58047dcf9f63fa4fe7d7d0a461231aebcbee81c5a36df928d750
SSDEEP

6144:YQJnRX22huNjDEI2AWbi1VRv9C7R/Sw9X888888888888W88888888888:YiLhuN3KgR1gX888888888888W88888P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
46f074e9c3c07f85070ead40334396b0N.exe

Files

46f074e9c3c07f85070ead40334396b0N.exe
.dll windows:5 windows x86 arch:x86

d56298fa901eeae43286acf7d023b3aa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

oleaut32

SysFreeString
SysReAllocStringLen
SysAllocStringLen
SafeArrayPtrOfIndex
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayCreate
VariantChangeType
VariantCopy
VariantClear
VariantInit

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey

user32

LoadStringW
MessageBoxA
CharNextW
SystemParametersInfoW
PtInRect
OffsetRect
MessageBoxW
LoadStringW
IsIconic
IntersectRect
GetWindowRect
GetWindowPlacement
GetSystemMetrics
CharUpperBuffW

kernel32

lstrcmpiA
LoadLibraryA
LocalFree
LocalAlloc
GetACP
Sleep
VirtualFree
VirtualAlloc
GetSystemInfo
GetVersion
GetCurrentThreadId
VirtualQuery
WideCharToMultiByte
MultiByteToWideChar
lstrlenW
lstrcpynW
LoadLibraryExW
IsValidLocale
GetSystemDefaultUILanguage
GetStartupInfoA
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetUserDefaultUILanguage
GetLocaleInfoW
GetLastError
GetCommandLineW
FreeLibrary
FindFirstFileW
FindClose
ExitProcess
WriteFile
UnhandledExceptionFilter
RtlUnwind
RaiseException
GetStdHandle
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
CloseHandle
TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
LocalFree
LocalAlloc
lstrcpyW
WriteFile
WideCharToMultiByte
WaitForSingleObject
VirtualQuery
VirtualFree
VirtualAlloc
Sleep
SignalObjectAndWait
SetLastError
SetEvent
ResetEvent
MultiByteToWideChar
LeaveCriticalSection
InitializeCriticalSection
GetVersionExW
GetThreadLocale
GetStdHandle
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetLocaleInfoW
GetLocalTime
GetLastError
GetDiskFreeSpaceW
GetDateFormatW
GetCPInfo
InterlockedExchange
InterlockedCompareExchange
FreeLibrary
FormatMessageW
EnumCalendarInfoW
EnterCriticalSection
DeleteCriticalSection
CreateEventW
CompareStringW
CloseHandle

gdi32

GetDCOrgEx
GetClipBox

ole32

IsEqualGUID
IsEqualGUID

mos.core

Mos_Bitmaps_CreateBitmap
Mos_Core_GetApp
Mos_Balloons_CreateTextBalloonBitmap
Mos_Txt_CreateTxt
Mos_Txt_Measure
Mos_Utils_CalculateSpacing
Mos_Utils_CreateFastRectList

api.a

RApiFloats_ToStringFixed
RApiFloats_ToString
RApiFloats_Dvd
RApiFloats_IsZero
RApiFloats_SetNAN
RApiFloats_IsValid
RApiFloats_IsEqual
RApiComplexes_FromMA
RApiComplexes_Ang
RApiComplexes_Mag
RApiComplexes_Mul_CC
RApiComplexes_IsEqual
RApiComplexes_IsValid
RApiMemory_Allocate
RApiElectric_Format
RApiElectric_MeasureStdPrefixRange
RApiElectric_MeasureAsText

api.d

Firestarter_FourierTransform_DFT_Fast
Firestarter_FourierTransform_GetFreqStep
Firestarter_FourierTransform_GetOutSampCount
Firestarter_FourierTransform_ExtractHarmonic_Point
Firestarter_SignalProcessing_NaNs

Exports

Exports

Mos_Maxwell_InitControlFactory

Sections

.text
Size: 293KB - Virtual size: 292KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 28KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 97B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d56298fa901eeae43286acf7d023b3aa

Headers

File Characteristics

Imports

oleaut32

advapi32

user32

kernel32

gdi32

ole32

mos.core

api.a

api.d

Exports

Exports

Sections

.text Size: 293KB - Virtual size: 292KB

.itext Size: 1024B - Virtual size: 688B

.data Size: 6KB - Virtual size: 5KB

.bss Size: - Virtual size: 28KB

.idata Size: 5KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 97B

.reloc Size: 28KB - Virtual size: 27KB

.rsrc Size: 40KB - Virtual size: 40KB

.text
Size: 293KB - Virtual size: 292KB

.itext
Size: 1024B - Virtual size: 688B

.data
Size: 6KB - Virtual size: 5KB

.bss
Size: - Virtual size: 28KB

.idata
Size: 5KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 97B

.reloc
Size: 28KB - Virtual size: 27KB

.rsrc
Size: 40KB - Virtual size: 40KB