dc7f7ab4d34f0589de49de7964aaf7c83d8c79f53daccdec7613e8afd85d89e2N[.]exe

General

Target

dc7f7ab4d34f0589de49de7964aaf7c83d8c79f53daccdec7613e8afd85d89e2N.exe
Size

109KB
MD5

519d8da70b6fb026471ccac67c9f2240
SHA1

cb529f7ff7013fd139ac0ee230d01a395bb3511a
SHA256

dc7f7ab4d34f0589de49de7964aaf7c83d8c79f53daccdec7613e8afd85d89e2
SHA512

8a66dd30d65af0e6412a923d2559c5c6c5abbb10456854810ccec348dbb80b0fbd7dbd00907bd296fc71029ebd8f358d2b076d0650bc1a7af9837afce3dc1e7b
SSDEEP

3072:byLIALaZaLAV2lQBV+UdE+rECWp7hKJri:bgIAcasBV+UdvrEFp7hKJri

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dc7f7ab4d34f0589de49de7964aaf7c83d8c79f53daccdec7613e8afd85d89e2N.exe

Files

dc7f7ab4d34f0589de49de7964aaf7c83d8c79f53daccdec7613e8afd85d89e2N.exe
.dll regsvr32 windows:5 windows x86 arch:x86

55b453dc75174df6c51e5aa5564295e9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\cbs\build\115526~2\in\a3d\objfre_wnet_x86\i386\A3D.pdb

Imports

ntdll

RtlUnwind

kernel32

GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
ExitProcess
GetProcAddress
GetModuleHandleA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
HeapDestroy
HeapCreate
VirtualFree
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
InterlockedDecrement
WriteFile
Sleep
GetACP
GetOEMCP
GetCPInfo
VirtualAlloc
HeapReAlloc
LoadLibraryA
InterlockedExchange
VirtualQuery
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
VirtualProtect
GetSystemInfo
InterlockedIncrement
lstrcpyA
lstrcatA
lstrlenA
GetLastError
GetEnvironmentStringsW

user32

wsprintfA

advapi32

RegSetValueExA
RegCloseKey
GetUserNameA
RegDeleteKeyA
RegCreateKeyExA

ole32

StringFromGUID2
CoCreateInstance

dsound

ord1

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
_A3dCreate@12

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 744B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

55b453dc75174df6c51e5aa5564295e9

Headers

File Characteristics

PDB Paths

Imports

ntdll

kernel32

user32

advapi32

ole32

dsound

Exports

Exports

Sections

.text Size: 27KB - Virtual size: 26KB

.data Size: 2KB - Virtual size: 3KB

.rsrc Size: 1024B - Virtual size: 744B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 27KB - Virtual size: 26KB

.data
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 744B

.reloc
Size: 2KB - Virtual size: 1KB