ac74aeee1fbf323ad871323e5f48e2cd71a1c66ff2b190f6aebb12ec1ad9e600N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

ac74aeee1fbf323ad871323e5f48e2cd71a1c66ff2b190f6aebb12ec1ad9e600N.exe
Size

428KB
MD5

2756a8572321ca2f8c1828652e5ce390
SHA1

b7a5b8137575f57b102a4d6e111ee8838382b5df
SHA256

ac74aeee1fbf323ad871323e5f48e2cd71a1c66ff2b190f6aebb12ec1ad9e600
SHA512

5e9f700be595a8d615e40335d03e23ea618a9941c1881963e79e22fe9962f5bce1c8207fff81733c52a07597c6367b2ef028068047eeee7e31c71db2c281a7ac
SSDEEP

6144:XaTvM7ShqOEgFmXn594tHllr4vpZPHouzbgwuO0RFZKnlVMwVfG:XaTE7fKFE5WtH/4vPIunnwRFZ4l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac74aeee1fbf323ad871323e5f48e2cd71a1c66ff2b190f6aebb12ec1ad9e600N.exe

Files

ac74aeee1fbf323ad871323e5f48e2cd71a1c66ff2b190f6aebb12ec1ad9e600N.exe
.exe windows:5 windows x86 arch:x86

2bd126df02096c6e6cf7269fdfee603d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\zakezabi\mixo_t.pdb

Imports

kernel32

FindFirstChangeNotificationW
WriteConsoleOutputCharacterW
SetMailslotInfo
GetConsoleAliasesLengthA
GetConsoleTitleA
LoadLibraryW
InterlockedPopEntrySList
LeaveCriticalSection
GetBinaryTypeA
GetModuleFileNameW
lstrlenW
CreateDirectoryA
GetConsoleAliasesW
GetStdHandle
GetCPInfoExW
GetLastError
UnregisterWait
MoveFileW
WriteProfileSectionA
LoadLibraryA
WriteConsoleA
LocalAlloc
SetCalendarInfoW
SetProcessWorkingSetSize
SetConsoleWindowInfo
GetModuleFileNameA
GetModuleHandleA
FreeEnvironmentStringsW
VirtualProtect
GetFileAttributesExW
LocalFree
FillConsoleOutputCharacterA
WriteConsoleW
HeapSize
GetCommandLineW
HeapSetInformation
GetStartupInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
DecodePointer
TerminateProcess
GetCurrentProcess
HeapAlloc
HeapFree
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetProcAddress
GetModuleHandleW
ExitProcess
WriteFile
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
Sleep
CloseHandle
CreateFileA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
IsProcessorFeaturePresent
HeapReAlloc
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetStdHandle
SetFilePointer
SetEndOfFile
GetProcessHeap
MultiByteToWideChar
ReadFile
LCMapStringW
GetStringTypeW
CreateFileW

winhttp

WinHttpCloseHandle

Sections

.text
Size: 273KB - Virtual size: 273KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 295KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2bd126df02096c6e6cf7269fdfee603d

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

winhttp

Sections

.text Size: 273KB - Virtual size: 273KB

.data Size: 32KB - Virtual size: 295KB

.rsrc Size: 122KB - Virtual size: 121KB

.text
Size: 273KB - Virtual size: 273KB

.data
Size: 32KB - Virtual size: 295KB

.rsrc
Size: 122KB - Virtual size: 121KB