f83506d6903053d7cb3a3cf18fad72a0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

f83506d6903053d7cb3a3cf18fad72a0N.exe
Size

410KB
MD5

f83506d6903053d7cb3a3cf18fad72a0
SHA1

af0b8a751245d26bc9ad61062dd0366027eff3c1
SHA256

106f4196199e0bef0816cf89fa0f2b489cf633bd37a6524ad4d61015f2dc66b4
SHA512

262bcd4c0878694696b0df25e3749223c476b0b5239a1a0573cf803bb268500dfca58907d9d716690e3bdd7056c6e311cbea292bdf99399b44339e56a75a1510
SSDEEP

6144:L6dHwUpEuVLHBlvl949fsYeQogFuVBcRR8XIYLdsp2w4b+HGTWcPnkuG:L0wUpEAjbv749foQogFaX35w6+nknkV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f83506d6903053d7cb3a3cf18fad72a0N.exe

Files

f83506d6903053d7cb3a3cf18fad72a0N.exe
.exe windows:5 windows x86 arch:x86

6242645906667d4defa0737e0edeb226

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\yukeno\wet xakazivaxosibugori\heforel.pdb

Imports

kernel32

ExitProcess
GetCommandLineW
GetTempFileNameW
GetPrivateProfileSectionNamesW
GlobalFix
SearchPathW
CopyFileExW
GetDriveTypeW
DebugActiveProcessStop
SetEndOfFile
BuildCommDCBAndTimeoutsA
CallNamedPipeA
SystemTimeToTzSpecificLocalTime
DeleteVolumeMountPointA
ScrollConsoleScreenBufferW
SetConsoleActiveScreenBuffer
SetHandleInformation
GetProfileStringW
GetProfileSectionA
WaitForSingleObject
SetComputerNameW
FlushConsoleInputBuffer
OpenSemaphoreA
SetTapeParameters
GetProcessPriorityBoost
GetModuleHandleW
CreateNamedPipeW
IsBadReadPtr
EnumTimeFormatsW
TlsSetValue
GlobalAlloc
LoadLibraryW
GetConsoleMode
GetSystemPowerStatus
SizeofResource
GlobalFlags
HeapCreate
GetFileAttributesW
GetBinaryTypeA
GetTimeZoneInformation
GetConsoleFontSize
GetOverlappedResult
lstrlenW
DisconnectNamedPipe
RaiseException
DeactivateActCtx
CreateJobObjectA
FreeLibraryAndExitThread
OpenMutexW
GetLastError
GetCurrentDirectoryW
SetLastError
GetProcAddress
VirtualAlloc
SetVolumeLabelW
LocalLock
MoveFileW
CopyFileA
GetConsoleDisplayMode
SetComputerNameA
EnterCriticalSection
OpenWaitableTimerA
GetLocalTime
OpenThread
WriteConsoleA
SetConsoleOutputCP
SetFileApisToANSI
SetCommMask
GetPrivateProfileStructA
GetTapeParameters
WaitForMultipleObjects
SetSystemTime
GetOEMCP
WriteProfileStringA
RequestWakeupLatency
GetConsoleCursorInfo
AddConsoleAliasA
GetVolumeInformationW
lstrcpyA
InterlockedIncrement
InterlockedDecrement
Sleep
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
WideCharToMultiByte
MoveFileA
GetStartupInfoW
HeapValidate
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlUnwind
GetModuleFileNameW
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
GetACP
GetCPInfo
IsValidCodePage
TlsGetValue
TlsAlloc
GetCurrentThreadId
TlsFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapDestroy
HeapFree
VirtualFree
GetModuleFileNameA
WriteFile
HeapAlloc
HeapSize
HeapReAlloc
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
FlushFileBuffers
GetConsoleCP
DebugBreak
OutputDebugStringA
WriteConsoleW
OutputDebugStringW
LCMapStringA
LCMapStringW
SetFilePointer
InitializeCriticalSectionAndSpinCount
LoadLibraryA
SetStdHandle
GetConsoleOutputCP
CloseHandle
CreateFileA

user32

GetCursorInfo

Sections

.text
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 193KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 193B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6242645906667d4defa0737e0edeb226

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

Sections

.text Size: 130KB - Virtual size: 129KB

.rdata Size: 36KB - Virtual size: 35KB

.data Size: 193KB - Virtual size: 249KB

.tls Size: 512B - Virtual size: 193B

.rsrc Size: 49KB - Virtual size: 49KB

.text
Size: 130KB - Virtual size: 129KB

.rdata
Size: 36KB - Virtual size: 35KB

.data
Size: 193KB - Virtual size: 249KB

.tls
Size: 512B - Virtual size: 193B

.rsrc
Size: 49KB - Virtual size: 49KB