8f7a25d58b4eb63d1c766ad9d1b6fe50N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

8f7a25d58b4eb63d1c766ad9d1b6fe50N.exe
Size

82KB
MD5

8f7a25d58b4eb63d1c766ad9d1b6fe50
SHA1

25455d63eb8dc0672aeb2badb8da5bd1a1552d55
SHA256

617649f975328098ca14f14772787889000df2d5d7d83cbde679a8d9cad36e04
SHA512

449b3da7cc38d2566dc253c3a4b784157a327a8cb0f1dc9f84ff17ac72fae0e33076d6aedfa871563b4d52a24fc5b684940f2af97cb827c97bd3a2a1e56ab2de
SSDEEP

1536:2TeyClDJLu141jJEpJgehL5TeOa4Gvaq+GPmP33UJAFJWyGlMGdlNRH9/:2qDs14T0Kvn0kAFUWGdlDH9/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8f7a25d58b4eb63d1c766ad9d1b6fe50N.exe

Files

8f7a25d58b4eb63d1c766ad9d1b6fe50N.exe
.exe windows:6 windows x86 arch:x86

fafa5acc6e2e1f53b80066b2497fc089

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

pvk2pfx.pdb

Imports

advapi32

CryptDestroyHash
CryptDestroyKey
CryptDeriveKey
CryptHashData
CryptCreateHash
CryptImportKey
CryptReleaseContext
CryptAcquireContextW
CryptGetProvParam

kernel32

GetModuleHandleW
HeapSetInformation
GetProcessHeap
Sleep
CreateFileW
GetFileSize
CloseHandle
GetConsoleWindow
MultiByteToWideChar
FormatMessageW
WideCharToMultiByte
WriteFile
ReadFile
GetLastError
LocalFree
LocalAlloc
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
RtlUnwind
InterlockedCompareExchange
InterlockedExchange

msvcrt

__set_app_type
__p__fmode
__p__commode
__setusermatherr
_amsg_exit
_initterm
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
_controlfp
?terminate@@YAXXZ
fprintf
_wcsicmp
memset
_iob
vfwprintf
_vsnwprintf

user32

EndDialog
GetWindowLongW
SendDlgItemMessageW
GetDlgItemTextW
SetDlgItemTextW
SetWindowLongW
LoadStringW
DialogBoxParamW

crypt32

CertCloseStore
CertSetCertificateContextProperty
CertComparePublicKeyInfo
CryptExportPublicKeyInfo
CertOIDToAlgId
CertEnumCertificatesInStore
CertOpenStore
PFXExportCertStoreEx
CertFreeCertificateContext

cryptui

CryptUIWizExport

rpcrt4

UuidCreate

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 65KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fafa5acc6e2e1f53b80066b2497fc089

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

advapi32

kernel32

msvcrt

user32

crypt32

cryptui

rpcrt4

Sections

.text Size: 11KB - Virtual size: 11KB

.data Size: 1024B - Virtual size: 1KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 65KB - Virtual size: 68KB

.text
Size: 11KB - Virtual size: 11KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 65KB - Virtual size: 68KB