1a21e586b326d4de144db2856b7052c0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

1a21e586b326d4de144db2856b7052c0N.exe
Size

89KB
MD5

1a21e586b326d4de144db2856b7052c0
SHA1

f0a1703688657a6838eb89946e1dcb8a232812ca
SHA256

21d7614d2aed76d06ba02d000a85517cf71fb7fe38a195070468e60e77c55815
SHA512

422dfd22f2577a1793c79374ddfa1ede4b1fb51ce5cdc501b381b0197e4b60fc45c6b99c37c05e6a0414725629402fc1c29f8a3ef0f9c7eabe7012150bd01a8f
SSDEEP

1536:kIUJrQ1FPEmh9r+P5zXP1w1rSfyD2M1CXi2iTL2Hsu0BApWlecbwtJihEQZ5S3hB:kIoQ1qmh9YHsrSs2M1CXi2iTL2Axecbs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a21e586b326d4de144db2856b7052c0N.exe

Files

1a21e586b326d4de144db2856b7052c0N.exe
.dll windows:6 windows x86 arch:x86

bce6cb8176b668cdcb2d40cc40633f64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

vcruntime140.i386.pdb

Imports

api-ms-win-crt-runtime-l1-1-0

abort
terminate

api-ms-win-crt-heap-l1-1-0

_free_base
malloc
free
_calloc_base
_malloc_base

api-ms-win-crt-string-l1-1-0

strcpy_s

api-ms-win-crt-convert-l1-1-0

atol

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf_s

advapi32

SystemFunction036

kernel32

GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
TerminateProcess
IsProcessorFeaturePresent
GetModuleHandleW
GetModuleFileNameW
TlsFree
TlsSetValue
LoadLibraryExW
QueryPerformanceCounter
DeleteCriticalSection
RtlUnwind
VirtualQuery
EncodePointer
InterlockedPushEntrySList
InterlockedFlushSList
RaiseException
EnterCriticalSection
LeaveCriticalSection
SetLastError
GetLastError
InitializeCriticalSectionAndSpinCount
GetProcAddress
TlsAlloc
TlsGetValue
FreeLibrary

Exports

Exports

_CreateFrameInfo
_CxxThrowException
_EH_prolog
_FindAndUnlinkFrame
_IsExceptionObjectToBeDestroyed
_NLG_Dispatch2
_NLG_Return
_NLG_Return2
_SetWinRTOutOfMemoryExceptionCallback
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxLongjmpUnwind
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__GetPlatformExceptionInfo
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__TypeMatch
__current_exception
__current_exception_context
__intrinsic_setjmp
__processing_throw
__report_gsfailure
__std_exception_copy
__std_exception_destroy
__std_terminate
__std_type_info_compare
__std_type_info_destroy_list
__std_type_info_hash
__std_type_info_name
__telemetry_main_invoke_trigger
__telemetry_main_return_trigger
__unDName
__unDNameEx
__uncaught_exception
__uncaught_exceptions
__vcrt_GetModuleFileNameW
__vcrt_GetModuleHandleW
__vcrt_InitializeCriticalSectionEx
__vcrt_LoadLibraryExW
_chkesp
_except_handler2
_except_handler3
_except_handler4_common
_get_purecall_handler
_get_unexpected
_global_unwind2
_is_exception_typeof
_local_unwind2
_local_unwind4
_longjmpex
_purecall
_seh_longjmp_unwind
_seh_longjmp_unwind4
_set_purecall_handler
_set_se_translator
_setjmp3
longjmp
memchr
memcmp
memcpy
memmove
memset
set_unexpected
strchr
strrchr
strstr
unexpected
wcschr
wcsrchr
wcsstr

Sections

.text
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bce6cb8176b668cdcb2d40cc40633f64

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-stdio-l1-1-0

advapi32

kernel32

Exports

Exports

Sections

.text Size: 59KB - Virtual size: 59KB

.data Size: 512B - Virtual size: 1KB

.idata Size: 1KB - Virtual size: 1KB

_RDATA Size: 512B - Virtual size: 4B

.rsrc Size: 1024B - Virtual size: 1024B

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 59KB - Virtual size: 59KB

.data
Size: 512B - Virtual size: 1KB

.idata
Size: 1KB - Virtual size: 1KB

_RDATA
Size: 512B - Virtual size: 4B

.rsrc
Size: 1024B - Virtual size: 1024B

.reloc
Size: 3KB - Virtual size: 2KB