a38ae629ba81d1e3091443dbbcb975af23032908ce5c62a963666ba68a303552[.]exe

General

Target

a38ae629ba81d1e3091443dbbcb975af23032908ce5c62a963666ba68a303552.exe
Size

3.5MB
MD5

c4366de305eddf73a65fef6de9a84c1b
SHA1

a6d7ebf4a880b3e596a799fa30d9f9c977b977cf
SHA256

a38ae629ba81d1e3091443dbbcb975af23032908ce5c62a963666ba68a303552
SHA512

1c89c7913ddd8e179c943870bea82ebf69316a77f416e3286605c4e36c39d94f60171dd43ef8e8bcaee2a5bc2300117092b1a13a1e661f38a6ef0e20b208083d
SSDEEP

49152:Blbqeq49IrrUKUQK2THLhWPdVUkLUvqvnqHiUDlcQe3m/:eyQUKUQ/bNWFHYyfBUDJe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a38ae629ba81d1e3091443dbbcb975af23032908ce5c62a963666ba68a303552.exe

Files

a38ae629ba81d1e3091443dbbcb975af23032908ce5c62a963666ba68a303552.exe
.dll regsvr32 windows:6 windows x64 arch:x64

0f40f644a3857941cdd7b1cbb706c61c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
CreateFileA
CloseHandle
GetLastError
TryEnterCriticalSection
OpenThread
GetFileAttributesA
FindFirstFileA
FindNextFileA
GetTempPathA
GetCurrentThread
CreateFileMappingA
VirtualAlloc
GetCurrentProcess
DuplicateHandle
DeviceIoControl

Exports

Exports

DllRegisterServer
NUJ2u
SoSLhv29

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rotext
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 300B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rodata
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0f40f644a3857941cdd7b1cbb706c61c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 19KB - Virtual size: 18KB

.rotext Size: 31KB - Virtual size: 30KB

.rdata Size: 1.9MB - Virtual size: 1.9MB

.data Size: 1.6MB - Virtual size: 1.6MB

.pdata Size: 512B - Virtual size: 300B

.rodata Size: 512B - Virtual size: 144B

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 19KB - Virtual size: 18KB

.rotext
Size: 31KB - Virtual size: 30KB

.rdata
Size: 1.9MB - Virtual size: 1.9MB

.data
Size: 1.6MB - Virtual size: 1.6MB

.pdata
Size: 512B - Virtual size: 300B

.rodata
Size: 512B - Virtual size: 144B

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 512B - Virtual size: 12B