P15Mainexec[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

P15Mainexec.exe
Size

29KB
MD5

178ec6921b1cac08d1be9c9407c77007
SHA1

8488363a2f6ed230f31c8dea925ca68866e96da8
SHA256

94824e91afdbf6b2a618d650f8e11280af605f4bf33c6d17fbfbe6715d84be7e
SHA512

26d1bc05de0ac0dfe870cb968367957b23fafbe45ecfcf6b6e2d0973b7167a369bd064772edcca69c887ff4a6e22dff1d9b2434390a5fc6a6bc62b075f2a680a
SSDEEP

768:Je6bWP/yteUyDV3EUnxj70rwdJ4gzMk4:Jeyq/yt9yD1EUnxkrSGgzC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
P15Mainexec.exe

Files

P15Mainexec.exe
.exe windows:6 windows x86 arch:x86

a96b7c64320337e92b66e172676ea109

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\ACER\Downloads\Null's Trojans\Phosphorous\P15Mainexec\Debug\P15Mainexec.pdb

Imports

kernel32

GetCurrentProcess
TerminateProcess
SuspendThread
OpenProcess
DeleteFileW
HeapAlloc
Beep
ExitProcess
GetProcessHeap
CreateProcessW
MoveFileW
GetExitCodeProcess
GetSystemTime
lstrlenW
SetCurrentDirectoryW
GetModuleHandleW
HeapFree
SetLastError
CreateToolhelp32Snapshot
Process32NextW
Process32FirstW
CreateThread
lstrcmpW
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetProcAddress
LoadLibraryW
Sleep
CloseHandle
GetTickCount
GetLastError
CreateFileW
VirtualProtect
WriteFile
GetCurrentThreadId

user32

CreateWindowExW
SetWindowLongW
GetWindowRect
GetWindowLongW
SetWindowPos
FillRect
GetActiveWindow
GetDesktopWindow
GetDC

gdi32

TextOutW
BitBlt
CreateSolidBrush
DeleteObject

advapi32

RegCloseKey
RegSetValueExW
RegCreateKeyW

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.msvcjmc
Size: 512B - Virtual size: 78B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a96b7c64320337e92b66e172676ea109

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 9KB - Virtual size: 8KB

.rdata Size: 15KB - Virtual size: 15KB

.data Size: 2KB - Virtual size: 2KB

.msvcjmc Size: 512B - Virtual size: 78B

.rsrc Size: 512B - Virtual size: 488B

.reloc Size: 1024B - Virtual size: 816B

.text
Size: 9KB - Virtual size: 8KB

.rdata
Size: 15KB - Virtual size: 15KB

.data
Size: 2KB - Virtual size: 2KB

.msvcjmc
Size: 512B - Virtual size: 78B

.rsrc
Size: 512B - Virtual size: 488B

.reloc
Size: 1024B - Virtual size: 816B