d0eafbb6f33d1e4b428ff926e34f1460N[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d0eafbb6f33d1e4b428ff926e34f1460N.exe
Size

32KB
MD5

d0eafbb6f33d1e4b428ff926e34f1460
SHA1

e3aa9733549f11ebc7b38831424aaa9df273cdaf
SHA256

d23f002d21e6ff9f54a72104580b5866cacdc455bafa175c57f7ceb522477c85
SHA512

4d2782e983167bb3c58db7fc7f730523758a75b1e1b17db20fa89913e8e12772ea71d9fd3765bebe1016327f5c30c0fce0b97ddac1913fba59d67f6c3309c538
SSDEEP

768:SUEDuoh/g9+OMuH5FcE9r4E6KnSSt+KNrHWQPRr:SUCh/g5MsFxqh++Ktr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d0eafbb6f33d1e4b428ff926e34f1460N.exe

Files

d0eafbb6f33d1e4b428ff926e34f1460N.exe
.exe windows:3 windows x86 arch:x86

b2f749d0f2df7aed7c4cdcc1fa21d05d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

LookupAccountNameW
EqualSid
GetLengthSid
InitializeAcl
AddAce
GetSecurityDescriptorDacl
GetFileSecurityW
SetFileSecurityW
LookupAccountSidW

kernel32

GetFullPathNameW
GetLastError
LocalAlloc
FindClose
FindFirstFileW
LocalFree
FindNextFileW
FormatMessageA
CloseHandle
FormatMessageW
GetVersion
GetEnvironmentStrings
GetCommandLineA
CompareStringW
ExitProcess
RtlUnwind
UnhandledExceptionFilter
GetModuleFileNameA
GetStdHandle
GetFileType
GetStartupInfoA
GetProcessHeap
WriteFile
HeapAlloc
HeapFree
WideCharToMultiByte
ReadFile
MultiByteToWideChar
FlushFileBuffers
SetFilePointer
SetStdHandle

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ