562de5d1952d2854a755f1992c05f98c78e89bdcfa2bdc1b178602bc3ee81dd4N[.]exe

General

Target

562de5d1952d2854a755f1992c05f98c78e89bdcfa2bdc1b178602bc3ee81dd4N.exe
Size

236KB
MD5

3f18f929437e24444e48787e7ef1d770
SHA1

0e114003082d934a49304d05ea8a4bceb30e11ba
SHA256

562de5d1952d2854a755f1992c05f98c78e89bdcfa2bdc1b178602bc3ee81dd4
SHA512

6681d7b809b1407db69ff3540d51558a3d13956359cc05bd5ed0a94f4a28e486a070e8ac869a5f316d461438ab83fec7a9cf9bc2f28358ae0190ebc3a27e6f97
SSDEEP

6144:0P/Vt2NLKvMpMyVkk/EhdBV+UdvrEFp7hKOr:0P/Vt2NLKEpMy6CEhdBjvrEH7R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
562de5d1952d2854a755f1992c05f98c78e89bdcfa2bdc1b178602bc3ee81dd4N.exe

Files

562de5d1952d2854a755f1992c05f98c78e89bdcfa2bdc1b178602bc3ee81dd4N.exe
.dll windows:4 windows x86 arch:x86

4eff41a005fb149247033c4b1aa53f8e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameA
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetCurrentProcessId

user32

PostMessageA
IsWindow
RegisterWindowMessageA

msvcr80

memset
isupper
isalpha
memmove
fputs
fprintf
_chdrive
toupper
atoi
strtok
fclose
fread
ftell
fseek
fopen
memcpy
realloc
__iob_func
_tempnam
remove
_setjmp3
_CIpow
tolower
vfprintf
strncmp
fgetc
sscanf
fwrite
vprintf
fflush
fsetpos
fgets
fgetpos
feof
_encode_pointer
_malloc_crt
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
strtol
sprintf
isdigit
malloc
free
longjmp
strrchr
strchr
_access
_chdir
_stricmp
isspace
_strdup

Exports

Exports

Compile
pc_addconstant
pc_addtag
pc_compile
pc_enablewarning

Sections

.text
Size: 108KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4eff41a005fb149247033c4b1aa53f8e

Headers

File Characteristics

Imports

kernel32

user32

msvcr80

Exports

Exports

Sections

.text Size: 108KB - Virtual size: 106KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 8KB - Virtual size: 11KB

.rsrc Size: 12KB - Virtual size: 9KB

.reloc Size: 12KB - Virtual size: 8KB

.text
Size: 108KB - Virtual size: 106KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 8KB - Virtual size: 11KB

.rsrc
Size: 12KB - Virtual size: 9KB

.reloc
Size: 12KB - Virtual size: 8KB