554de863ce11900f8d6f97af6eeb207d08a708f092ad9a54ebaf33cc2e27f252N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

554de863ce11900f8d6f97af6eeb207d08a708f092ad9a54ebaf33cc2e27f252N.exe
Size

219KB
MD5

dd3c0d5caa44945b9b9122e86e116020
SHA1

8231510e55caf8301e797d7f29e4c248afdf33c2
SHA256

554de863ce11900f8d6f97af6eeb207d08a708f092ad9a54ebaf33cc2e27f252
SHA512

133f4f89d0cde43b84ff40cd1e69fd1e74a0b466e8a469cf660373c3a15bfa82926f31c0b92d5c432fe84f9eb4baea4ee03999eb35e93228579c80a1249b177b
SSDEEP

3072:x246SUuS6Uti+lnlhlP5AR7jzK6LyT5FAcGt+GxEEX:I4JUcUTblP5ABzwAZt+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
554de863ce11900f8d6f97af6eeb207d08a708f092ad9a54ebaf33cc2e27f252N.exe

Files

554de863ce11900f8d6f97af6eeb207d08a708f092ad9a54ebaf33cc2e27f252N.exe
.exe windows:5 windows x86 arch:x86

128efbf4516ad3b3027fe8494b118263

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleOutputCharacterW
GetLocaleInfoA
InterlockedDecrement
SetDefaultCommConfigW
GetEnvironmentStringsW
InterlockedCompareExchange
GetTimeFormatA
ConnectNamedPipe
GetModuleHandleW
GetConsoleAliasesA
GetCommandLineA
LoadLibraryW
GetProcessHandleCount
GetSystemWindowsDirectoryA
GetConsoleAliasExesLengthW
WriteConsoleOutputA
GetConsoleAliasW
GetVolumePathNameA
GetStringTypeExA
GetShortPathNameA
GetLogicalDriveStringsA
SetThreadContext
GetProcAddress
MoveFileW
OpenWaitableTimerA
WriteConsoleA
LocalAlloc
AddAtomW
OpenJobObjectW
SetCommMask
FindAtomA
GetModuleFileNameA
GetModuleHandleA
BuildCommDCBA
SetCalendarInfoA
SetThreadAffinityMask
OpenFileMappingA
GetSystemTime
CreateFileA
GetNumaNodeProcessorMask
GetLastError
GetComputerNameA
HeapFree
HeapAlloc
HeapReAlloc
Sleep
ExitProcess
GetStartupInfoA
RaiseException
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
WriteFile
GetStdHandle
SetHandleCount
GetFileType
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
LoadLibraryA
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
MultiByteToWideChar
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
SetStdHandle
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
CloseHandle
GetConsoleOutputCP
WriteConsoleW

user32

GetClassLongA
GetMonitorInfoA

advapi32

DeleteAce
RegCreateKeyA

Sections

.text
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 38.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hocu
Size: 15KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hes
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.toru
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

128efbf4516ad3b3027fe8494b118263

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 120KB - Virtual size: 120KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 5KB - Virtual size: 38.2MB

.hocu Size: 15KB - Virtual size: 18KB

.hes Size: 1024B - Virtual size: 1024B

.toru Size: 512B - Virtual size: 12B

.rsrc Size: 64KB - Virtual size: 63KB

.text
Size: 120KB - Virtual size: 120KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 5KB - Virtual size: 38.2MB

.hocu
Size: 15KB - Virtual size: 18KB

.hes
Size: 1024B - Virtual size: 1024B

.toru
Size: 512B - Virtual size: 12B

.rsrc
Size: 64KB - Virtual size: 63KB