a760cd45ef05a925129f4c9d9a267710N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

a760cd45ef05a925129f4c9d9a267710N.exe
Size

23KB
MD5

a760cd45ef05a925129f4c9d9a267710
SHA1

fa648b30d8fc07c828bc77b8e8eaa00eee283b65
SHA256

9c4d873fff4498c73da02fb309c745c7326b91794a633ece3977e3ce1ad1d360
SHA512

47168cd502c41ea2c4fb8565e16d3ce4702d382fc9e7ee329f5ad3c9b6207273f83b8b2e2d3f5e2bcc47ea56d866766c6b33a3773aae7b078868c7fec33e3e02
SSDEEP

384:kSm0ks2EGgZYMq2rBqp0duj8rS+RecWLON3Y/UuVPbJokLtD/9V:Lm0H2EHYMPrBndujYrRecWLON3Y/UuV/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a760cd45ef05a925129f4c9d9a267710N.exe

Files

a760cd45ef05a925129f4c9d9a267710N.exe
.dll windows:4 windows x86 arch:x86

756eb220aeb9ec4ee12b8a5199960ac4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetTempPathA
GetLastError
CloseHandle
CreateThread
WritePrivateProfileStringA
WriteFile
CreateFileA
GetLocalTime
Sleep
GetTickCount
GetPrivateProfileStringA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

ws2_32

ntohs
ntohl

msvcp60

??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??0_Lockit@std@@QAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHABV12@@Z
??1_Lockit@std@@QAE@XZ

msvcrt

strstr
??2@YAPAXI@Z
_access
sprintf
memset
strcpy
memcpy
sscanf
strncpy
strlen
__CxxFrameHandler
rand
srand
time
_mkdir
rename
_stricmp
strcat
memcmp
fread
ftell
fseek
fopen
fclose
atol
strchr
free
_initterm
malloc
_adjust_fdiv

Exports

Exports

GetDLLVer
partInit

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 884B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

756eb220aeb9ec4ee12b8a5199960ac4

Headers

File Characteristics

Imports

kernel32

advapi32

ws2_32

msvcp60

msvcrt

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 16KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 1024B - Virtual size: 884B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 16KB - Virtual size: 16KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 1024B - Virtual size: 884B

.reloc
Size: 1KB - Virtual size: 1KB