a934f150c18c8febf312337b84ce29f0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

a934f150c18c8febf312337b84ce29f0N.exe
Size

2.7MB
MD5

a934f150c18c8febf312337b84ce29f0
SHA1

00620177fe62560f6d59fdc1817a7e11ce9f3794
SHA256

4ec1aa01abcb9d47387af499fc46b74317dd945ea6069cfb453808776785c3d4
SHA512

f77791810e779fccb98bf6f208e913e28213607aa4984086975cc007b7045b30a86535a242bafbfe03325d3748bb00de2c75ce99a84b4f5fdbee43a3a20cd398
SSDEEP

49152:ZkLCQy7n/sDXccKs+jkV0ePnofIYI8RbiLX4exEvXvgu:6Ab/sDXcPKPofokbiLoQEv/g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a934f150c18c8febf312337b84ce29f0N.exe

Files

a934f150c18c8febf312337b84ce29f0N.exe
.dll windows:5 windows x86 arch:x86

337d7109cd6cbfd0977e314900eac0de

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

GetAsyncKeyState
GetKeyboardLayoutNameA

oleaut32

SysStringLen

shlwapi

SHGetValueA
StrRChrW
PathGetDriveNumberA

netapi32

NetApiBufferReallocate

gdi32

Pie
CopyMetaFileW

mprapi

MprAdminMIBEntryGetFirst
MprAdminUserGetInfo

rpcrt4

RpcBindingReset
RpcEpRegisterW

kernel32

GetNamedPipeHandleStateA
GetModuleHandleW
SetProcessAffinityMask
GetFileTime
GetLogicalDrives
TerminateJobObject

Exports

Exports

EenohaaieciOoossuenh

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.CRT
Size: 4KB - Virtual size: 454B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 384KB - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt0
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

fWps
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

X
Size: 244KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

m7U|F
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

LlZkfrt
Size: 96KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 104KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

337d7109cd6cbfd0977e314900eac0de

Headers

File Characteristics

Imports

user32

oleaut32

shlwapi

netapi32

gdi32

mprapi

rpcrt4

kernel32

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 8KB

.CRT Size: 4KB - Virtual size: 454B

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 384KB - Virtual size: 384KB

.crt0 Size: 36KB - Virtual size: 33KB

fWps Size: 60KB - Virtual size: 57KB

X Size: 244KB - Virtual size: 240KB

m7U|F Size: 1.7MB - Virtual size: 1.7MB

LlZkfrt Size: 96KB - Virtual size: 92KB

.rsrc Size: 4KB - Virtual size: 1008B

.reloc Size: 104KB - Virtual size: 100KB

.text
Size: 12KB - Virtual size: 8KB

.CRT
Size: 4KB - Virtual size: 454B

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 384KB - Virtual size: 384KB

.crt0
Size: 36KB - Virtual size: 33KB

fWps
Size: 60KB - Virtual size: 57KB

X
Size: 244KB - Virtual size: 240KB

m7U|F
Size: 1.7MB - Virtual size: 1.7MB

LlZkfrt
Size: 96KB - Virtual size: 92KB

.rsrc
Size: 4KB - Virtual size: 1008B

.reloc
Size: 104KB - Virtual size: 100KB