3e066c8b166096cab6beceff9919a42bd98f46fa4d6efcb3b497067e792b2567N[.]exe

General

Target

3e066c8b166096cab6beceff9919a42bd98f46fa4d6efcb3b497067e792b2567N.exe
Size

263KB
MD5

5ae42d334a6a5e01298a28be83a18370
SHA1

5dc8ac78b63366f98c9b6cabae585b96674aaacd
SHA256

3e066c8b166096cab6beceff9919a42bd98f46fa4d6efcb3b497067e792b2567
SHA512

f575eeef20e9a09de5224522604f00d72c1e79f4f70a8fb934a0b864be0d09321915a216135ad7e233c03687970b20a9f5086557be3413e63549ac696ff3a3fd
SSDEEP

6144:z44qB4hPmyzQ8AEvobJv4c/DWHXUnzabFerCJBhuE21:U4+yylf/DW3UMBh32

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e066c8b166096cab6beceff9919a42bd98f46fa4d6efcb3b497067e792b2567N.exe

Files

3e066c8b166096cab6beceff9919a42bd98f46fa4d6efcb3b497067e792b2567N.exe
.exe windows:5 windows x86 arch:x86

0d72904ccf66b6063fd117ccb8c03bc8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProfileIntA
CreateSemaphoreW
CreateFileMappingW
GetTempFileNameA
LoadLibraryA
CreateMailslotA
GetComputerNameExW
GetProcAddress
lstrlenW
FormatMessageA
WaitForSingleObjectEx
GetVersionExW
GetCurrentDirectoryA
GetAtomNameW
AddAtomA
LocalFileTimeToFileTime
GetBinaryTypeA
CreateFileW
FindFirstFileA
ResetEvent
CreateMutexA
GetConsoleTitleW
LoadLibraryExA
GetCommandLineW

msimg32

TransparentBlt
AlphaBlend

cfgmgr32

CM_Add_Empty_Log_Conf
CMP_Init_Detection
CM_Add_Range
CMP_Report_LogOn
CM_Add_IDA

crypt32

CryptFormatObject
CryptFindOIDInfo
CertOIDToAlgId
CryptMsgControl
CryptMsgGetParam
CertCreateContext
CertFindAttribute
CertOpenStore
CertSaveStore
CertNameToStrA
CryptProtectData

azroles

AzGetProperty
AzCloseHandle

Sections

.text
Size: 246KB - Virtual size: 245KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.adata
Size: - Virtual size: 256B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0d72904ccf66b6063fd117ccb8c03bc8

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msimg32

cfgmgr32

crypt32

azroles

Sections

.text Size: 246KB - Virtual size: 245KB

.adata Size: - Virtual size: 256B

.data Size: 10KB - Virtual size: 9KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 246KB - Virtual size: 245KB

.adata
Size: - Virtual size: 256B

.data
Size: 10KB - Virtual size: 9KB

.rsrc
Size: 4KB - Virtual size: 3KB