943e2c2bdefb076c3254577dcd0a27031e6ef89a031cc5c5fa392e64057638d5N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

943e2c2bdefb076c3254577dcd0a27031e6ef89a031cc5c5fa392e64057638d5N.exe
Size

356KB
MD5

efc6f5710d259d52985d7123bd2a3520
SHA1

dd5ca17eb95b98d2dfac84ed419f6e9e6bd91956
SHA256

943e2c2bdefb076c3254577dcd0a27031e6ef89a031cc5c5fa392e64057638d5
SHA512

8c76e10040a844f3afd38ca606df7067759bdedcf2f9fd6f61de6e5b86312ed9189bc3b4254f7577e47974c4a6cad02e7ce0be4296e22337d22fca0b4896a0ce
SSDEEP

6144:ZWy71bY6Jb6Cgid1xEWvNMcAO8guQ40G7HEgXUq7KWFQHBV+UdvrEFp7hKQ:Zv7LzxOO8gXGLEgEqnQHBjvrEH7z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
943e2c2bdefb076c3254577dcd0a27031e6ef89a031cc5c5fa392e64057638d5N.exe

Files

943e2c2bdefb076c3254577dcd0a27031e6ef89a031cc5c5fa392e64057638d5N.exe
.dll windows:4 windows x86 arch:x86

9b25a03e95f3e7ad94e827d1d9c1eac4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCPInfo
FileTimeToDosDateTime
FileTimeToLocalFileTime
CloseHandle
GetFileInformationByHandle
CreateFileA
CompareFileTime
GetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
SetFileAttributesA
SetFileTime
GetFileSize
CreateDirectoryA
FindClose
FindFirstFileA
RemoveDirectoryA
DeleteFileA
lstrcmpA
FindNextFileA
GetProcAddress
SetUnhandledExceptionFilter
EnterCriticalSection
Sleep
InitializeCriticalSection
InterlockedExchange
DeleteCriticalSection
LeaveCriticalSection
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte
MultiByteToWideChar
RtlUnwind
RaiseException
HeapAlloc
HeapFree
GetFileType
GetLastError
ReadFile
WriteFile
SetFilePointer
GetCommandLineA
GetVersion
HeapReAlloc
ExitProcess
LCMapStringA
LCMapStringW
GetFileAttributesA
CompareStringA
CompareStringW
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetEnvironmentVariableA
GetLocaleInfoW
GetModuleHandleA
TerminateProcess
GetCurrentProcess
HeapSize
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetStdHandle
SetEndOfFile
SetHandleCount
GetStdHandle
GetStartupInfoA
FlushFileBuffers
GetACP
GetOEMCP
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetVersionExA
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
LoadLibraryA

user32

wsprintfA

Exports

Exports

Extract
Extract_CRC
UnPack
UnPackFolder
UnPackFolder_CRC
UnPack_CRC

Sections

.text
Size: 216KB - Virtual size: 214KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9b25a03e95f3e7ad94e827d1d9c1eac4

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 216KB - Virtual size: 214KB

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 12KB - Virtual size: 95KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 16KB - Virtual size: 12KB

.text
Size: 216KB - Virtual size: 214KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 12KB - Virtual size: 95KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 16KB - Virtual size: 12KB