09ded679c3cc34a5f693510d16c1cb522e9e9d26ec7ff48b1dc9a46502eb1345N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

09ded679c3cc34a5f693510d16c1cb522e9e9d26ec7ff48b1dc9a46502eb1345N.exe
Size

755KB
MD5

3e2f18e9187b944b393458e60263e8d0
SHA1

1101e49cf90fc2296747a91390774fdc9b053f6d
SHA256

09ded679c3cc34a5f693510d16c1cb522e9e9d26ec7ff48b1dc9a46502eb1345
SHA512

7885c281b6fd1ffab56e689f636a4a142d1133d7ff21cfca265006289a8edadc2078627e2bceb4e865d000e4c233d2219f64871da0b112cfa87fbc888cb2aabf
SSDEEP

12288:FhnwBK8tUEMK+hVO4St+/JvbY9FVPluzZFOPNcUng5emptT198gDzy8a4oEF3bj2:FhnwBKKUEMK+bvbYFdufOFc75zj8WJat

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
09ded679c3cc34a5f693510d16c1cb522e9e9d26ec7ff48b1dc9a46502eb1345N.exe

Files

09ded679c3cc34a5f693510d16c1cb522e9e9d26ec7ff48b1dc9a46502eb1345N.exe
.exe windows:5 windows x86 arch:x86

c75ed6a41507e89921afb82ad65b59a5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\trunk\CommonPlatform\Helper2345\bin\Win32\Release\pdb\Helper_2345.pdb

Imports

kernel32

CreateProcessW
lstrcmpiW
CloseHandle
GetCurrentProcessId
FindFirstFileW
FindClose
GetModuleHandleW
GetFileAttributesW
ExpandEnvironmentStringsW
CreateMutexW
WaitForSingleObject
Sleep
GetLastError
ReleaseMutex
CreateFileW
GetLongPathNameW
GetFileAttributesExW
HeapAlloc
HeapFree
GetProcessHeap
OpenProcess
GetVersionExW
GetCurrentThreadId
GetCurrentProcess
QueryDosDeviceW
GetFileSize
SetFilePointer
SetEndOfFile
WriteFile
ReadFile
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
lstrlenW
LocalFree
GetFileSizeEx
DeleteFileW
GetFullPathNameW
GetTempFileNameW
MoveFileExW
CreateDirectoryW
GetTempPathW
MoveFileW
RemoveDirectoryW
GetWindowsDirectoryW
SetFileAttributesW
FindNextFileW
FindResourceW
LoadResource
LockResource
GetLogicalDriveStringsW
GetTickCount
FormatMessageW
GetACP
GlobalMemoryStatusEx
SetEvent
ResetEvent
CreateEventW
InterlockedExchangeAdd
InterlockedExchange
WideCharToMultiByte
MultiByteToWideChar
SetLastError
InitializeCriticalSectionAndSpinCount
LoadLibraryExW
GetExitCodeProcess
WaitForMultipleObjects
GetProcAddress
GetModuleFileNameW
LoadLibraryW
FreeLibrary
GetCommandLineW
WriteConsoleW
SetStdHandle
FlushFileBuffers
OutputDebugStringW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
EncodePointer
DecodePointer
GetStringTypeW
IsDebuggerPresent
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
RaiseException
RtlUnwind
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ExitProcess
GetModuleHandleExW
HeapSize
GetStdHandle
GetFileType
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
IsValidCodePage
GetOEMCP
GetTimeZoneInformation
HeapReAlloc
SetEnvironmentVariableA

shell32

SHGetSpecialFolderPathW
CommandLineToArgvW

Sections

.text
Size: 534KB - Virtual size: 534KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 9KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 97KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c75ed6a41507e89921afb82ad65b59a5

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

shell32

Sections

.text Size: 534KB - Virtual size: 534KB

.rdata Size: 95KB - Virtual size: 95KB

.data Size: 9KB - Virtual size: 18KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 97KB - Virtual size: 100KB

.text
Size: 534KB - Virtual size: 534KB

.rdata
Size: 95KB - Virtual size: 95KB

.data
Size: 9KB - Virtual size: 18KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 97KB - Virtual size: 100KB