3ac8c19c5ebeb847f9040f7a03243fa1ea6211a302322d1e4596c1b3aec35703N[.]exe

General

Target

3ac8c19c5ebeb847f9040f7a03243fa1ea6211a302322d1e4596c1b3aec35703N.exe
Size

283KB
MD5

21b07c6d29ca93d1f74df946f3435690
SHA1

354fc6afd341a607d9c1f9d09bfcb372360ae510
SHA256

3ac8c19c5ebeb847f9040f7a03243fa1ea6211a302322d1e4596c1b3aec35703
SHA512

45d88babd91fd24d7ffdf236f9cd282285ee7d2ed001bef5a245c6722951aceb2da48abc0f2ff5ec8c2aa670e72b26a670ff711b1937196eade9d6dc98fd6bfb
SSDEEP

6144:yT1is4xluxHpFV1IkqcjnGpFLWC8b2FFANZ:yT8x4VivcjnGpFLWC88FANZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ac8c19c5ebeb847f9040f7a03243fa1ea6211a302322d1e4596c1b3aec35703N.exe

Files

3ac8c19c5ebeb847f9040f7a03243fa1ea6211a302322d1e4596c1b3aec35703N.exe
.exe windows:4 windows x64 arch:x64

dd67029da6725f24ebc32a2f6cc9e267

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetExitCodeProcess
OutputDebugStringA
CreateProcessA
CloseHandle
WaitForSingleObject
GetStartupInfoA
GetLastError
HeapFree
HeapAlloc
GetCommandLineA
GetVersionExA
GetProcessHeap
HeapSetInformation
HeapCreate
GetProcAddress
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
RtlUnwindEx
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
FlsGetValue
FlsSetValue
TlsFree
FlsFree
SetLastError
GetCurrentThreadId
FlsAlloc
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
LoadLibraryA
InitializeCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
Sleep
HeapSize
MultiByteToWideChar
GetLocaleInfoA
LCMapStringA
LCMapStringW
GetStringTypeA
VirtualAlloc
HeapReAlloc

winspool.drv

EnumMonitorsA

Sections

.text
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 159KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dd67029da6725f24ebc32a2f6cc9e267

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

winspool.drv

Sections

.text Size: 39KB - Virtual size: 38KB

.rdata Size: 9KB - Virtual size: 9KB

.data Size: 65KB - Virtual size: 72KB

.pdata Size: 2KB - Virtual size: 1KB

.rsrc Size: 159KB - Virtual size: 158KB

.text
Size: 39KB - Virtual size: 38KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 65KB - Virtual size: 72KB

.pdata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 159KB - Virtual size: 158KB