5d91391caa4520c281f6b5cab65914417fed0445d836067c7f70c77795417af6N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

5d91391caa4520c281f6b5cab65914417fed0445d836067c7f70c77795417af6N.exe
Size

4.4MB
MD5

400fba5ba55de726ed484ba680e74500
SHA1

47162d96f3a19e579cec5413fb88246a9a3a8c06
SHA256

5d91391caa4520c281f6b5cab65914417fed0445d836067c7f70c77795417af6
SHA512

6dca212c62a9a40d11859ba0636ce4ba7e4ad540a034f1caf3c145cd676c89e7179329abbb965e06bde1a8d3d2294a025e9ac56c35e7ba38b41cb981249e0d9c
SSDEEP

98304:74AqGkgAo0Gkuv0VrN2OVDv4j24lilj1qn:74vlPqsrNAi9Un

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d91391caa4520c281f6b5cab65914417fed0445d836067c7f70c77795417af6N.exe

Files

5d91391caa4520c281f6b5cab65914417fed0445d836067c7f70c77795417af6N.exe
.exe windows:5 windows x86 arch:x86

444a63419f2dc4d9905ad6a923b878cf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\personal\nhdev\366\official\binary\NetHack.PDB

Imports

kernel32

GlobalFree
MultiByteToWideChar
GetConsoleOutputCP
VerSetConditionMask
FreeLibrary
GetProcAddress
LoadLibraryA
VerifyVersionInfoW
GetStdHandle
Beep
CloseHandle
GetVersion
GetConsoleMode
SetConsoleMode
ReadConsoleInputA
CopyFileA
GlobalLock
FillConsoleOutputAttribute
FlushConsoleInputBuffer
SetConsoleOutputCP
GetConsoleScreenBufferInfo
SetConsoleScreenBufferSize
SetConsoleCursorPosition
WriteConsoleOutputCharacterA
WriteConsoleOutputCharacterW
WriteConsoleOutputAttribute
GetConsoleTitleA
SetConsoleTitleA
GetCurrentConsoleFontEx
SetCurrentConsoleFontEx
GetConsoleWindow
GetModuleFileNameA
GetCurrentProcessId
GlobalUnlock
GlobalAlloc
Sleep
OutputDebugStringA
DebugBreak
GetDiskFreeSpaceA
FindNextFileA
FindFirstFileA
FillConsoleOutputCharacterA
FindClose
IsDebuggerPresent
SetConsoleCtrlHandler
CreateDirectoryA
GetFileSizeEx
GetFileAttributesExW
SetEndOfFile
DeleteFileW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
HeapQueryInformation
HeapSize
HeapReAlloc
GetTimeZoneInformation
MoveFileExW
GetTickCount
GetConsoleCursorInfo
SetConsoleCursorInfo
WriteConsoleA
WriteConsoleOutputA
GetFileType
DuplicateHandle
SetUnhandledExceptionFilter
GetCurrentProcess
OpenProcess
MapViewOfFile
UnmapViewOfFile
GetModuleHandleA
CreateFileMappingA
CreateConsoleScreenBuffer
SetConsoleActiveScreenBuffer
GetLargestConsoleWindowSize
SetConsoleTextAttribute
SetConsoleWindowInfo
GetNumberOfConsoleInputEvents
PeekConsoleInputA
UnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
RaiseException
WideCharToMultiByte
GetLastError
HeapAlloc
HeapFree
GetProcessHeap
VirtualQuery
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
GetStartupInfoW
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
GetCPInfo
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
RtlUnwind
GetModuleFileNameW
LoadLibraryExW
InterlockedPushEntrySList
InterlockedFlushSList
CreateFileW
GetDriveTypeW
GetFileInformationByHandle
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
WriteFile
OutputDebugStringW
WriteConsoleW
ExitProcess
GetModuleHandleExW
SetCurrentDirectoryW
GetCurrentDirectoryW
GetConsoleCP
ReadFile
HeapValidate
GetSystemInfo
QueryPerformanceFrequency
GetCommandLineA
GetCommandLineW
SetFilePointerEx
ReadConsoleW
GetCurrentThread
GetDateFormatW
GetTimeFormatW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetFullPathNameW
SetStdHandle
ReadConsoleInputW
FlushFileBuffers

advapi32

RegCloseKey
RegQueryValueExA
GetUserNameA
RegQueryValueExW
RegOpenKeyExA

gdi32

GetCharABCWidthsW
GetCharWidthW
EnumFontFamiliesExW
DeleteObject
CreateFontIndirectW
SelectObject
GetFontUnicodeRanges
GetTextMetricsA

ole32

CoTaskMemFree

shell32

SHGetKnownFolderPath

user32

GetWindowThreadProcessId
FindWindowA
SendMessageA
wsprintfA
GetKeyboardLayout
GetMonitorInfoA
MapVirtualKeyA
ReleaseDC
GetDC
EmptyClipboard
SetClipboardData
GetClipboardData
OpenClipboard
GetKeyState
MonitorFromWindow
MessageBeep
CloseClipboard

winmm

sndPlaySoundA

bcrypt

BCryptCloseAlgorithmProvider
BCryptOpenAlgorithmProvider
BCryptGenRandom

Sections

.text
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 521KB - Virtual size: 521KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 226KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 214KB - Virtual size: 213KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.itext
Size: 202KB - Virtual size: 201KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

444a63419f2dc4d9905ad6a923b878cf

Headers

File Characteristics

PDB Paths

Imports

kernel32

advapi32

gdi32

ole32

shell32

user32

winmm

bcrypt

Sections

.text Size: 3.4MB - Virtual size: 3.4MB

.rdata Size: 521KB - Virtual size: 521KB

.data Size: 88KB - Virtual size: 226KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 214KB - Virtual size: 213KB

.itext Size: 202KB - Virtual size: 201KB

.idata Size: 512B - Virtual size: 3KB

.text
Size: 3.4MB - Virtual size: 3.4MB

.rdata
Size: 521KB - Virtual size: 521KB

.data
Size: 88KB - Virtual size: 226KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 214KB - Virtual size: 213KB

.itext
Size: 202KB - Virtual size: 201KB

.idata
Size: 512B - Virtual size: 3KB