381a38685bf71e10a9b240c3ffa9c7e2af1a8f93a5276c40078cfd219fcb3502N[.]exe

General

Target

381a38685bf71e10a9b240c3ffa9c7e2af1a8f93a5276c40078cfd219fcb3502N.exe
Size

195KB
MD5

cedb60895a10252742060e1e99a38070
SHA1

3be121ff592a7479b5019ec92c351691bb3ffd12
SHA256

381a38685bf71e10a9b240c3ffa9c7e2af1a8f93a5276c40078cfd219fcb3502
SHA512

d0d3963913e27d7fb9ad1206a3564fb504d32cececfb3faf42b6556eb747ab5ddcbc808fb093932305342f9caf4daedfa1b2b4e0482a1dac0442a482bdfbfb2b
SSDEEP

3072:nrjhsOwbilBFoGKiZsEe+4k+ua41XUD1UtKVYLYgs+wdylBvoVLMvIzrHbxWCI:D2wZsjb36XUmsVY/lVoqwzrsr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
381a38685bf71e10a9b240c3ffa9c7e2af1a8f93a5276c40078cfd219fcb3502N.exe

Files

381a38685bf71e10a9b240c3ffa9c7e2af1a8f93a5276c40078cfd219fcb3502N.exe
.exe windows:4 windows x86 arch:x86

95d382f3b03799db28111fc8d3a6fa82

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedIncrement
GetTempPathA
SetFileAttributesA
MultiByteToWideChar
lstrlenA
LocalFree
SetPriorityClass
CloseHandle
GetTempFileNameW
GetCurrentDirectoryW
FreeLibrary
DeleteFileW
GetFileAttributesW
LocalAlloc
CreateFileA
SetFileAttributesW
GetModuleFileNameW
GetExitCodeThread
WideCharToMultiByte
lstrcmpA
EnumResourceTypesW
SetCurrentDirectoryW
FindClose
GetVersionExA
GetModuleFileNameA
CopyFileA
FindNextFileW
GetLastError
GetFileAttributesA
DisableThreadLibraryCalls
FindNextFileA
ReadFile
GetPrivateProfileStringW
InterlockedDecrement
CreateDirectoryA
GetTempPathW
WaitForSingleObject
GetFileSize
DeleteFileA
FindFirstFileW
SetErrorMode
GetTempFileNameA

ole32

CoMarshalHresult
CoCreateInstance
CoRegisterClassObject
CoTaskMemFree
CreateItemMoniker
StringFromGUID2
CoRevokeClassObject
CoInitializeEx
GetRunningObjectTable
CoFreeUnusedLibraries
StringFromCLSID
CreateStreamOnHGlobal
CoUninitialize
CoInitialize
CLSIDFromString
CoTaskMemAlloc

gdiplus

GdipGetImageWidth
GdipDisposeImage

Sections

.text
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

95d382f3b03799db28111fc8d3a6fa82

Headers

File Characteristics

Imports

kernel32

ole32

gdiplus

Sections

.text Size: 122KB - Virtual size: 121KB

.tls Size: 2KB - Virtual size: 1KB

.data Size: 69KB - Virtual size: 69KB

.reloc Size: 1024B - Virtual size: 248KB

.text
Size: 122KB - Virtual size: 121KB

.tls
Size: 2KB - Virtual size: 1KB

.data
Size: 69KB - Virtual size: 69KB

.reloc
Size: 1024B - Virtual size: 248KB