298b615f97b36d6b46a664b2df69c730N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

298b615f97b36d6b46a664b2df69c730N.exe
Size

494KB
MD5

298b615f97b36d6b46a664b2df69c730
SHA1

5588d15c5d6b4b4b34d6a2fdd3010c9401559b53
SHA256

2ea8cea35b0ea91fabe87a7969b57c824e972b4734b167af69843c284248b4ad
SHA512

e42222f9898c40c12e8c14cff688a7cf111abcf9528cc3ef86dfa100a574bcdd7b98c13e8076f88216f66bc0663287e26c95970cb4e895105abbbf113073a4e4
SSDEEP

12288:PXyzmAnZNMql8BxUPJBAmGnd52ZWDj/wEP4vA3/AJZ:AnZNzl8qFGd5WW/pf/Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
298b615f97b36d6b46a664b2df69c730N.exe

Files

298b615f97b36d6b46a664b2df69c730N.exe
.exe windows:5 windows x86 arch:x86

1bb35130bb9ab92ddb1392513d1c27c4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\xebavukeboca gikalacilufeyufetudi83 mano.pdb

Imports

kernel32

ExitProcess
GetCommandLineW
FileTimeToDosDateTime
GetTempFileNameW
GetPrivateProfileSectionNamesW
GlobalFix
SetProcessAffinityMask
CreateMutexW
SearchPathW
lstrlenA
CopyFileExW
SetLocalTime
GetDriveTypeW
DebugActiveProcessStop
SetEndOfFile
BuildCommDCBAndTimeoutsA
CallNamedPipeA
LoadResource
DeleteVolumeMountPointA
SetUnhandledExceptionFilter
ScrollConsoleScreenBufferW
SetConsoleActiveScreenBuffer
GetProfileStringW
GetProfileSectionA
WaitForSingleObject
AddConsoleAliasW
FlushConsoleInputBuffer
OpenSemaphoreA
SetTapeParameters
GetProcessPriorityBoost
GetModuleHandleW
CreateNamedPipeW
IsBadReadPtr
EnumTimeFormatsW
SetProcessPriorityBoost
TlsSetValue
LoadLibraryW
Sleep
SizeofResource
SetSystemTimeAdjustment
HeapDestroy
GlobalFlags
SetConsoleMode
GetFileAttributesW
GetBinaryTypeA
SetSystemPowerState
FileTimeToSystemTime
GetConsoleFontSize
GetOverlappedResult
DisconnectNamedPipe
DeactivateActCtx
CreateJobObjectA
InterlockedExchange
SetCurrentDirectoryA
GetStdHandle
FreeLibraryAndExitThread
OpenMutexW
GetHandleInformation
GetLastError
GetCurrentDirectoryW
SetLastError
GetProcAddress
VirtualAlloc
SetVolumeLabelW
LocalLock
MoveFileW
CopyFileA
GetConsoleDisplayMode
SetComputerNameA
OpenWaitableTimerA
OpenThread
WriteConsoleA
LocalAlloc
IsSystemResumeAutomatic
SetConsoleOutputCP
SetFileApisToANSI
GetCommMask
GetPrivateProfileStructA
SetSystemTime
GetOEMCP
GetDefaultCommConfigA
WriteProfileStringA
SetConsoleCursorInfo
GetVolumeInformationW
lstrcpyA
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
WideCharToMultiByte
DeleteFileA
GetCommandLineA
GetStartupInfoA
HeapValidate
RaiseException
UnhandledExceptionFilter
RtlUnwind
GetModuleFileNameW
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
GetACP
GetCPInfo
IsValidCodePage
TlsGetValue
TlsAlloc
GetCurrentThreadId
TlsFree
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapFree
VirtualFree
WriteFile
HeapAlloc
HeapSize
HeapReAlloc
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
FlushFileBuffers
GetConsoleCP
GetConsoleMode
DebugBreak
OutputDebugStringA
WriteConsoleW
OutputDebugStringW
LCMapStringA
LCMapStringW
InitializeCriticalSectionAndSpinCount
SetFilePointer
GetModuleHandleA
LoadLibraryA
SetStdHandle
GetConsoleOutputCP
ReadFile
CloseHandle
CreateFileA

user32

GetComboBoxInfo
GetCursorInfo

Exports

Exports

_getArchiveInfo@8
_go@4

Sections

.text
Size: 179KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 195KB - Virtual size: 4.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 193B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1bb35130bb9ab92ddb1392513d1c27c4

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 179KB - Virtual size: 179KB

.rdata Size: 48KB - Virtual size: 47KB

.data Size: 195KB - Virtual size: 4.1MB

.tls Size: 512B - Virtual size: 193B

.rsrc Size: 70KB - Virtual size: 70KB

.text
Size: 179KB - Virtual size: 179KB

.rdata
Size: 48KB - Virtual size: 47KB

.data
Size: 195KB - Virtual size: 4.1MB

.tls
Size: 512B - Virtual size: 193B

.rsrc
Size: 70KB - Virtual size: 70KB