a6e9ff0ac5802746d0033499a2ea05c0N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

a6e9ff0ac5802746d0033499a2ea05c0N.exe
Size

536KB
MD5

a6e9ff0ac5802746d0033499a2ea05c0
SHA1

8f5549e1830bcfffcd0c48f92ab42a4842165305
SHA256

e28f4be9b30b89b1ecdb67ffaa7f8e5bef97721d3987dc15d0c50b12492d8441
SHA512

28526dae0f04bade085b7a454847adef7f4188c6a1f3e0121153f46eafeb1d10c1174dad43f3244685e94ab447083941212563126ce0ab8cdd8ef89f0710424d
SSDEEP

12288:DuONeZuOSMY3ob+Pxe8SgUEREOJt1c4tyV:KOyk3xe8Sj+EafO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a6e9ff0ac5802746d0033499a2ea05c0N.exe

Files

a6e9ff0ac5802746d0033499a2ea05c0N.exe
.exe windows:5 windows x86 arch:x86

a8e039f6ffeb05815a04e81d73607108

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\mipu\dowi gudavidafi\riy\hex\miwe\dewaceg\puzic bah.pdb

Imports

kernel32

GetFileSize
GlobalDeleteAtom
SetFilePointer
lstrlenA
TlsGetValue
GetConsoleAliasExesA
SetLocalTime
CommConfigDialogA
FreeLibrary
InterlockedDecrement
SetFirmwareEnvironmentVariableA
CreateDirectoryW
GetComputerNameW
SetTapeParameters
GetProcessPriorityBoost
GetTickCount
CreateNamedPipeW
GetConsoleAliasesLengthA
GetPrivateProfileStringW
WriteFile
FindActCtxSectionStringA
EnumTimeFormatsW
CreateDirectoryExW
ActivateActCtx
GlobalAlloc
GetSystemDirectoryW
LoadLibraryW
GetConsoleMode
SetCommConfig
_hread
GetSystemWow64DirectoryW
SetSystemTimeAdjustment
GetSystemWindowsDirectoryA
GetVersionExW
GlobalFlags
ReadFile
GetBinaryTypeW
GetOverlappedResult
CompareStringW
ExitThread
SetConsoleTitleA
GlobalUnlock
DeactivateActCtx
GetNamedPipeHandleStateW
VerifyVersionInfoW
ReleaseActCtx
GetStartupInfoA
GetCurrentDirectoryW
ReadConsoleOutputCharacterA
GetProcessHeaps
GetComputerNameExW
SetStdHandle
FreeUserPhysicalPages
SetComputerNameA
VerLanguageNameW
GetAtomNameA
LoadLibraryA
Process32FirstW
CreateSemaphoreW
SetCalendarInfoW
SetConsoleCtrlHandler
SetCurrentDirectoryW
WriteProfileSectionW
VirtualLock
SetConsoleWindowInfo
FindAtomA
WriteProfileStringA
QueryMemoryResourceNotification
FreeEnvironmentStringsW
VirtualProtect
GetFileAttributesExW
GetCPInfoExA
SetProcessShutdownParameters
_lopen
TlsAlloc
GetWindowsDirectoryW
GetVersion
GetVolumeNameForVolumeMountPointW
GetCurrentProcessId
GetProfileSectionW
LCMapStringW
CopyFileExA
DeleteFileA
FlushFileBuffers
GetLastError
WideCharToMultiByte
GetStartupInfoW
HeapValidate
IsBadReadPtr
RaiseException
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleFileNameW
InterlockedIncrement
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
GetProcAddress
GetModuleHandleW
TlsSetValue
GetCurrentThreadId
TlsFree
SetLastError
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
GetSystemTimeAsFileTime
Sleep
ExitProcess
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
HeapFree
VirtualFree
GetModuleFileNameA
HeapAlloc
HeapSize
HeapReAlloc
VirtualAlloc
DebugBreak
OutputDebugStringA
WriteConsoleW
OutputDebugStringW
RtlUnwind
MultiByteToWideChar
LCMapStringA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
GetConsoleCP
WriteConsoleA
GetConsoleOutputCP
CreateFileA
CloseHandle

user32

GetMenuInfo
GetListBoxInfo

Sections

.text
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 322KB - Virtual size: 345KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a8e039f6ffeb05815a04e81d73607108

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

Sections

.text Size: 110KB - Virtual size: 110KB

.rdata Size: 35KB - Virtual size: 35KB

.data Size: 322KB - Virtual size: 345KB

.rsrc Size: 52KB - Virtual size: 64KB

.reloc Size: 14KB - Virtual size: 14KB

.text
Size: 110KB - Virtual size: 110KB

.rdata
Size: 35KB - Virtual size: 35KB

.data
Size: 322KB - Virtual size: 345KB

.rsrc
Size: 52KB - Virtual size: 64KB

.reloc
Size: 14KB - Virtual size: 14KB