b045358154f9358338c7055516982872ed6017b58ec396e0cc3344a843838709N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

b045358154f9358338c7055516982872ed6017b58ec396e0cc3344a843838709N.exe
Size

640KB
MD5

7af5475085c991c01f9530134b5cec70
SHA1

3ad78b2805a69a5c3528a0213848e57b984eb759
SHA256

b045358154f9358338c7055516982872ed6017b58ec396e0cc3344a843838709
SHA512

ac8c8cf34ab6de910962b935bc1132467c3824ab5d7690ff2b51e9f2e7e28d0e42517bd74b8af6dedce59869a56c8daa9676e6ef06971db5c60f01a3235960f8
SSDEEP

12288:72f+zZvZ5kjAcUFc2yV7zIFDIyWOy6ba3yd4QCZUv5YYYkx:7ROQa3e4JZ8Yk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b045358154f9358338c7055516982872ed6017b58ec396e0cc3344a843838709N.exe

Files

b045358154f9358338c7055516982872ed6017b58ec396e0cc3344a843838709N.exe
.exe windows:4 windows x86 arch:x86

dab014811e2f98a21c6619a151545464

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CreateServiceA
CloseServiceHandle
DeleteService
OpenServiceA
OpenSCManagerA
RegSetValueExA
RegCreateKeyExA
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
RegQueryValueExA
RegCreateKeyA
RegCloseKey
RegisterEventSourceA
ReportEventA
DeregisterEventSource
SetServiceStatus
RegOpenKeyExA

kernel32

GetCommandLineA
GetVersionExA
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
SetFilePointer
HeapAlloc
HeapReAlloc
HeapSize
LoadLibraryA
GetACP
GetOEMCP
GetCPInfo
VirtualAlloc
IsBadWritePtr
RtlUnwind
InterlockedExchange
VirtualQuery
SetStdHandle
QueryPerformanceCounter
GetCurrentProcess
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
FlushFileBuffers
GetLocaleInfoA
VirtualProtect
GetSystemInfo
CloseHandle
ExitThread
CreateThread
GetExitCodeProcess
CompareStringW
CompareStringA
OpenProcess
SetEndOfFile
SetEnvironmentVariableW
SetEnvironmentVariableA
RaiseException
GetTimeZoneInformation
FindFirstFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
CreateFileA
ReadFile
GetCurrentDirectoryA
GetDriveTypeA
GetDateFormatA
GetTimeFormatA
DeleteFileA
ReleaseSemaphore
OpenSemaphoreA
CreateSemaphoreA
IsBadReadPtr
CreateEventA
TerminateProcess
GetModuleHandleA
GetProcAddress
ExitProcess
GetFullPathNameA
GetFileAttributesA
GetModuleFileNameA
GetTickCount
FormatMessageA
GetLocalTime
CreateMutexA
LocalFree
WaitForSingleObject
ReleaseMutex
Sleep
CreateProcessA
QueryPerformanceFrequency

iphlpapi

GetAdaptersInfo
GetIfEntry

ws2_32

getsockname
ntohs
getsockopt
closesocket
send
ioctlsocket
recv
setsockopt
connect
WSAGetLastError
socket
htonl
inet_addr
htons
bind
listen
WSAStartup
gethostname
gethostbyname
inet_ntoa
select
__WSAFDIsSet
accept

winmm

timeSetEvent
timeGetDevCaps
timeKillEvent

Sections

.text
Size: 384KB - Virtual size: 383KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 160KB - Virtual size: 537KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

dab014811e2f98a21c6619a151545464

Headers

File Characteristics

Imports

advapi32

kernel32

iphlpapi

ws2_32

winmm

Sections

.text Size: 384KB - Virtual size: 383KB

.rdata Size: 32KB - Virtual size: 29KB

.data Size: 160KB - Virtual size: 537KB

.rsrc Size: 4KB - Virtual size: 1016B

.rmnet Size: 56KB - Virtual size: 56KB

.text
Size: 384KB - Virtual size: 383KB

.rdata
Size: 32KB - Virtual size: 29KB

.data
Size: 160KB - Virtual size: 537KB

.rsrc
Size: 4KB - Virtual size: 1016B

.rmnet
Size: 56KB - Virtual size: 56KB