d4eb068af1ccf724754e3792a9be2bfa19a004a0465bb56565445f188ed202b6N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

d4eb068af1ccf724754e3792a9be2bfa19a004a0465bb56565445f188ed202b6N.exe
Size

176KB
MD5

077301c2296d43620fdf4b88f3fc73c0
SHA1

3d8617f958ec95a299dc2d61287d822035306362
SHA256

d4eb068af1ccf724754e3792a9be2bfa19a004a0465bb56565445f188ed202b6
SHA512

98dc6dcaabe8376c23d520fe10fd3797ad6af1ca652f8034df3f3af1d74240e8031fa1b80fdf860b541a1c75a60690b46b2bd326e4493b25afe56e7980aabd90
SSDEEP

3072:M+iDZVCmbSn7iylnmtyqKGArtksxgyU14pn9IK7GGGGGGGGGGGGGGGGGl1m9rpUR:MTb27Q3cbem9rpUraIcHykF6G2xWIf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d4eb068af1ccf724754e3792a9be2bfa19a004a0465bb56565445f188ed202b6N.exe

Files

d4eb068af1ccf724754e3792a9be2bfa19a004a0465bb56565445f188ed202b6N.exe
.exe windows:4 windows x86 arch:x86

180075f02f8de1265062d64682fc3348

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindNextFileA
lstrlenA
lstrcpyA
FindClose
FindFirstFileA
SetCurrentDirectoryA
RemoveDirectoryA
CloseHandle
WaitForSingleObject
CreateProcessA
GetLastError
CopyFileA
GetPrivateProfileStringA
GetPrivateProfileIntA
IsBadStringPtrA
DeleteFileA
SetEndOfFile
InterlockedIncrement
InterlockedDecrement
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
CreateFileA
FlushFileBuffers
SetStdHandle
SetUnhandledExceptionFilter
LCMapStringW
lstrcpynA
SetFileAttributesA
GetFileAttributesA
CreateDirectoryA
IsBadWritePtr
WideCharToMultiByte
LocalFree
FreeLibrary
GetProcAddress
LoadLibraryA
GetModuleFileNameA
PeekNamedPipe
ReadFile
CreatePipe
GetTempPathA
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
HeapAlloc
RaiseException
HeapReAlloc
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
TerminateProcess
GetCurrentProcess
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
GetCPInfo
GetACP
GetOEMCP
SetFilePointer
VirtualAlloc
MultiByteToWideChar
LCMapStringA

user32

wsprintfA
MessageBoxA

shlwapi

PathFileExistsA
PathStripPathA
StrDupA
PathStripToRootA
PathIsUNCA
PathAddBackslashA
PathIsDirectoryA
PathRemoveFileSpecA
PathAppendA

shell32

SHGetSpecialFolderPathA

Sections

.text
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rrdata
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

180075f02f8de1265062d64682fc3348

Headers

File Characteristics

Imports

kernel32

user32

shlwapi

shell32

Sections

.text Size: 44KB - Virtual size: 42KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 16KB - Virtual size: 17KB

.rsrc Size: 24KB - Virtual size: 23KB

.rrdata Size: 80KB - Virtual size: 80KB

.text
Size: 44KB - Virtual size: 42KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 16KB - Virtual size: 17KB

.rsrc
Size: 24KB - Virtual size: 23KB

.rrdata
Size: 80KB - Virtual size: 80KB