1180b0c41b2c32e770ae110ca2668a8e4f6e961cc25abac36989eb4cf750bc00N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

1180b0c41b2c32e770ae110ca2668a8e4f6e961cc25abac36989eb4cf750bc00N.exe
Size

219KB
MD5

4f7ba95b7c8b74d0d1b62314192c5f90
SHA1

076667f044a302714a0b9bbe87c96a2db02ece7b
SHA256

1180b0c41b2c32e770ae110ca2668a8e4f6e961cc25abac36989eb4cf750bc00
SHA512

6f26213119178a2a5962ffa30c18a2cb23a5ae073da9df404a253a58c41b88e4fe6a6fbb0091efb34d04bffb6c99b413e16dfc7d9cbca8b5b1a17bc282f8564b
SSDEEP

3072:hrHIQm9TOcx4AGPmQ2OvWRNqxDJMIeALuIcY3bCl2OVdRUXqHy5kVw+HM:ZHUMPOyJveAao3afQ2VxHM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1180b0c41b2c32e770ae110ca2668a8e4f6e961cc25abac36989eb4cf750bc00N.exe

Files

1180b0c41b2c32e770ae110ca2668a8e4f6e961cc25abac36989eb4cf750bc00N.exe
.exe windows:5 windows x86 arch:x86

22af25ade079dc53a69f7ebb2b0d578a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetVolumeLabelA
SetDefaultCommConfigA
CreateMutexW
SetPriorityClass
SetFilePointer
lstrlenA
WritePrivateProfileStructA
_llseek
BuildCommDCBAndTimeoutsA
CallNamedPipeA
WriteTapemark
SetEnvironmentVariableW
CreateJobObjectW
GetNamedPipeHandleStateA
SetComputerNameW
OpenSemaphoreA
FreeEnvironmentStringsA
SetTapeParameters
GetProcessPriorityBoost
WriteFile
ActivateActCtx
LoadLibraryW
TerminateThread
Sleep
GetPrivateProfileStructW
SetSystemTimeAdjustment
GetConsoleWindow
DeleteVolumeMountPointW
GetBinaryTypeA
SetSystemPowerState
IsDBCSLeadByte
GetOverlappedResult
GetACP
DosDateTimeToFileTime
FindNextVolumeMountPointW
SetThreadPriority
RaiseException
DeactivateActCtx
InterlockedExchange
GetCurrentDirectoryW
GetProcAddress
GetTapeStatus
BeginUpdateResourceW
CopyFileA
GetConsoleDisplayMode
EnterCriticalSection
LoadLibraryA
LocalAlloc
BuildCommDCBAndTimeoutsW
IsSystemResumeAutomatic
SetConsoleDisplayMode
AddAtomW
SetCurrentDirectoryW
SetFileApisToANSI
PostQueuedCompletionStatus
GetTapeParameters
WaitForMultipleObjects
CreateIoCompletionPort
GetCommTimeouts
EnumResourceNamesA
EnumDateFormatsW
_lopen
GetVersionExA
LocalSize
CopyFileExA
lstrcpyA
lstrlenW
FileTimeToDosDateTime
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
GetLastError
MoveFileA
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
ExitProcess
GetCommandLineA
GetStartupInfoA
RtlUnwind
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
GetCPInfo
HeapAlloc
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetStdHandle
GetModuleFileNameA
InitializeCriticalSectionAndSpinCount
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapSize
GetOEMCP
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
GetLocaleInfoW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
CloseHandle
FlushFileBuffers
GetModuleHandleA

advapi32

ClearEventLogW

winhttp

WinHttpCloseHandle

Exports

Exports

_enough@4
_futurama@4
_hellgate@4
_hiduk@8
_husaberg@4
_lifan@8

Sections

.text
Size: 142KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 39.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jot
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.muneme
Size: 512B - Virtual size: 74B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

22af25ade079dc53a69f7ebb2b0d578a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

winhttp

Exports

Exports

Sections

.text Size: 142KB - Virtual size: 141KB

.rdata Size: 25KB - Virtual size: 25KB

.data Size: 8KB - Virtual size: 39.4MB

.jot Size: 1024B - Virtual size: 4KB

.muneme Size: 512B - Virtual size: 74B

.rsrc Size: 41KB - Virtual size: 41KB

.text
Size: 142KB - Virtual size: 141KB

.rdata
Size: 25KB - Virtual size: 25KB

.data
Size: 8KB - Virtual size: 39.4MB

.jot
Size: 1024B - Virtual size: 4KB

.muneme
Size: 512B - Virtual size: 74B

.rsrc
Size: 41KB - Virtual size: 41KB