0f91635c2a718d37c6cddf4e7cfc52a0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

0f91635c2a718d37c6cddf4e7cfc52a0N.exe
Size

3.5MB
MD5

0f91635c2a718d37c6cddf4e7cfc52a0
SHA1

4b364881c882d8ac1108ccc2fd03e620f7e7b40b
SHA256

6012a9cbb33bdb137cd009cc3e146826cf004a156c9376ed6974a523dcaf6d67
SHA512

5189df30bf475c06c5fa02dc187a0d1136b434d4d37ff455b7d59d92fe170be1a2b521c9bd040c7c80abdb8a149e5d3dcb8e8aa6911aff028379b9f19df30699
SSDEEP

49152:X9OoBaW3Z6Geddu1p6eUVlbvpLzPj54OyemWdYOxO4h:X9OoBaWp6nWUJr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f91635c2a718d37c6cddf4e7cfc52a0N.exe

Files

0f91635c2a718d37c6cddf4e7cfc52a0N.exe
.exe windows:6 windows x86 arch:x86

75a4f886a6ea85f43d49cc2e9e383ea5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\andrew.story\Downloads\autotranslate\Engine\Windows\Debug\autotranslate.vivremotion.pdb

Imports

ws2_32

accept
bind
closesocket
freeaddrinfo
getaddrinfo
WSAAddressToStringW
WSASocketW
WSASend
WSARecv
WSAIoctl
WSAGetLastError
WSASetLastError
WSACleanup
WSAStartup
shutdown
setsockopt
select
ntohs
ntohl
listen
htons
htonl
getsockopt
getsockname
getpeername
ioctlsocket
connect
__WSAFDIsSet

wininet

InternetCloseHandle
InternetConnectA
InternetReadFile
InternetSetCookieA
HttpQueryInfoW
HttpQueryInfoA
HttpSendRequestA
HttpOpenRequestA
InternetSetOptionA
InternetQueryOptionW
InternetQueryOptionA
InternetOpenA

urlmon

FindMimeFromData

kernel32

SleepConditionVariableCS
CreateFileW
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
ReadConsoleW
SetFilePointerEx
GetFileSizeEx
ReadFile
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetTimeZoneInformation
OutputDebugStringW
HeapQueryInformation
HeapSize
HeapReAlloc
GetCurrentThread
GetCommandLineW
GetCommandLineA
WriteFile
ExitProcess
SetConsoleCtrlHandler
WriteConsoleW
GetFileType
GetStdHandle
FreeLibraryAndExitThread
ResumeThread
ExitThread
VerSetConditionMask
CloseHandle
GetLastError
SetLastError
CreateIoCompletionPort
GetQueuedCompletionStatus
PostQueuedCompletionStatus
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetEvent
WaitForSingleObject
SleepEx
CreateEventW
SetWaitableTimer
Sleep
WaitForMultipleObjects
CreateWaitableTimerW
QueueUserAPC
TerminateThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleA
GetProcAddress
LocalFree
FormatMessageA
VerifyVersionInfoW
WideCharToMultiByte
GetModuleFileNameA
CreateProcessA
CreateThread
GetExitCodeThread
OutputDebugStringA
QueryPerformanceCounter
QueryPerformanceFrequency
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
InitializeCriticalSectionEx
TryEnterCriticalSection
GetCurrentThreadId
MultiByteToWideChar
SetFileInformationByHandle
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
InitOnceExecuteOnce
InitializeConditionVariable
WakeConditionVariable
WakeAllConditionVariable
SetEndOfFile
SleepConditionVariableSRW
CreateEventExW
CreateSemaphoreExW
FlushProcessWriteBuffers
GetCurrentProcessorNumber
GetSystemTimeAsFileTime
GetTickCount64
FreeLibraryWhenCallbackReturns
CreateThreadpoolWork
SubmitThreadpoolWork
CloseThreadpoolWork
CreateThreadpoolTimer
SetThreadpoolTimer
WaitForThreadpoolTimerCallbacks
CloseThreadpoolTimer
CreateThreadpoolWait
SetThreadpoolWait
CloseThreadpoolWait
GetModuleHandleW
GetFileInformationByHandleEx
CreateSymbolicLinkW
EncodePointer
DecodePointer
LCMapStringEx
GetLocaleInfoEx
GetStringTypeW
CompareStringEx
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
ResetEvent
WaitForSingleObjectEx
IsDebuggerPresent
GetStartupInfoW
RaiseException
GetCurrentProcessId
InitializeSListHead
HeapAlloc
HeapFree
GetProcessHeap
VirtualQuery
FreeLibrary
GetModuleHandleExW
InterlockedPushEntrySList
InterlockedFlushSList
RtlUnwind
GetModuleFileNameW
LoadLibraryExW
HeapValidate
GetSystemInfo

Sections

.textbss
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 429KB - Virtual size: 428KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.msvcjmc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 777B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 265B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

75a4f886a6ea85f43d49cc2e9e383ea5

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ws2_32

wininet

urlmon

kernel32

Sections

.textbss Size: - Virtual size: 1.3MB

.text Size: 2.9MB - Virtual size: 2.9MB

.rdata Size: 429KB - Virtual size: 428KB

.data Size: 28KB - Virtual size: 35KB

.idata Size: 6KB - Virtual size: 6KB

.msvcjmc Size: 2KB - Virtual size: 1KB

.tls Size: 1024B - Virtual size: 777B

.00cfg Size: 512B - Virtual size: 265B

.rsrc Size: 14KB - Virtual size: 13KB

.reloc Size: 101KB - Virtual size: 100KB

.textbss
Size: - Virtual size: 1.3MB

.text
Size: 2.9MB - Virtual size: 2.9MB

.rdata
Size: 429KB - Virtual size: 428KB

.data
Size: 28KB - Virtual size: 35KB

.idata
Size: 6KB - Virtual size: 6KB

.msvcjmc
Size: 2KB - Virtual size: 1KB

.tls
Size: 1024B - Virtual size: 777B

.00cfg
Size: 512B - Virtual size: 265B

.rsrc
Size: 14KB - Virtual size: 13KB

.reloc
Size: 101KB - Virtual size: 100KB