cc88aa620c1f8b54e4dab2553bf2de40N[.]exe

General

Target

cc88aa620c1f8b54e4dab2553bf2de40N.exe
Size

43KB
MD5

cc88aa620c1f8b54e4dab2553bf2de40
SHA1

ee87cced8bb08277dd5f1d5f51ff2223a49004da
SHA256

c39c86beab1fbc8061eb1504f7cf1ec221402106285092738069a7c7e9624fa9
SHA512

0985df3ca2b27b6ff6e8538c3be1cf53909be6ea0ef39fd532dc873a5bd5bed317a7526d6833ca056996425e99e0cb6852449e5b0be64788ea328611d63fcde0
SSDEEP

768:UcfV+xaqOny0uzePNF5/Oz+/jvRY7kcZZxUCdVa7KM/p0:rfVSOnygNTOy/jvRY7NZbUAaFp0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cc88aa620c1f8b54e4dab2553bf2de40N.exe

Files

cc88aa620c1f8b54e4dab2553bf2de40N.exe
.exe windows:6 windows x86 arch:x86

f64f437982c9d905ccf4b07559bd60be

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

mnybbsvc.pdb

Imports

kernel32

HeapSetInformation
GetProcessHeap
CloseHandle
GetModuleFileNameW
GetLastError
CreateProcessW
CreateMutexW
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InterlockedCompareExchange
Sleep
InterlockedExchange
GetStartupInfoA

msvcr80

_amsg_exit
__getmainargs
_cexit
_exit
_XcptFilter
_ismbblead
exit
_acmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_encode_pointer
__set_app_type
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_invoke_watson
_controlfp_s
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_CxxThrowException
_wsplitpath
memset
_decode_pointer

user32

PostQuitMessage
DefWindowProcW
CreateWindowExW
LoadCursorW
DispatchMessageW
TranslateMessage
GetMessageW
PostMessageW
SetForegroundWindow
GetCursorPos
RegisterClassExW
SetTimer
KillTimer
FindWindowW
TrackPopupMenu

shlwapi

PathQuoteSpacesW

utlsrf08

MakePathW
HEAPFree
PvHEAPAllocate_
StringCopyW
HrRegistryLoadDwordW

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f64f437982c9d905ccf4b07559bd60be

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

msvcr80

user32

shlwapi

utlsrf08

Sections

.text Size: 8KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 972B

.rsrc Size: 33KB - Virtual size: 32KB

.text
Size: 8KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 972B

.rsrc
Size: 33KB - Virtual size: 32KB