DiverseClient-1[.]0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

DiverseClient-1.0.exe
Size

1009KB
MD5

3d15500d45493ae22f2538b15b2a62e5
SHA1

2fec3316305b44fe9ae7732baef6654159a74028
SHA256

bd3baf3633c9190d5a52265d87ba40a21263beab643dd7c477ccb12110497ba0
SHA512

27668615c2b2c3a81a570baeb8eae15b09b9951c9036768f05d3d1cc258f499d72256b8d205e92e5403f0f3312f3bdbf75b1a934657ce40b166738786a573f4f
SSDEEP

24576:NXT03skSIqPLz/P3YMdDpsoBdyRDNGrm9Qp1E46GTJv8Sdr7/:NXT031BY7d9awm+SGdUw

Score

1^/10

Malware Config

Signatures

Files

DiverseClient-1.0.exe
.exe windows x64

3e67b41f4e01e24ed9c704b2c34f25e7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

dwmapi

DwmExtendFrameIntoClientArea

kernel32

GetSystemDirectoryA
GetModuleHandleA

user32

DispatchMessageA
CharLowerW

gdi32

GetStockObject

advapi32

ConvertSidToStringSidA
RegOpenKeyExA

msvcp140

?always_noconv@codecvt_base@std@@QEBA_NXZ

imm32

ImmReleaseContext

d3d9

Direct3DCreate9Ex

ntdll

RtlInitUnicodeString

vcruntime140_1

__CxxFrameHandler4

vcruntime140

memcmp

api-ms-win-crt-runtime-l1-1-0

_seh_filter_exe

api-ms-win-crt-heap-l1-1-0

_aligned_malloc

api-ms-win-crt-string-l1-1-0

isprint

api-ms-win-crt-stdio-l1-1-0

_read

api-ms-win-crt-convert-l1-1-0

wcstombs_s

api-ms-win-crt-utility-l1-1-0

srand

api-ms-win-crt-time-l1-1-0

_gmtime64

api-ms-win-crt-filesystem-l1-1-0

_stat64

api-ms-win-crt-math-l1-1-0

cosf

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

normaliz

IdnToAscii

ws2_32

setsockopt

wldap32

ord46

crypt32

CertFreeCertificateContext

shell32

SHGetDiskFreeSpaceA

Sections

.pexe
Size: - Virtual size: 819KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 351KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3e67b41f4e01e24ed9c704b2c34f25e7

Headers

DLL Characteristics

File Characteristics

Imports

dwmapi

kernel32

user32

gdi32

advapi32

msvcp140

imm32

d3d9

ntdll

vcruntime140_1

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

normaliz

ws2_32

wldap32

crypt32

shell32

Sections

.pexe Size: - Virtual size: 819KB

.rdata Size: - Virtual size: 351KB

.text Size: - Virtual size: 23KB

.rsrc Size: 23KB - Virtual size: 22KB

.pdata Size: 105KB - Virtual size: 105KB

.pexe
Size: - Virtual size: 819KB

.rdata
Size: - Virtual size: 351KB

.text
Size: - Virtual size: 23KB

.rsrc
Size: 23KB - Virtual size: 22KB

.pdata
Size: 105KB - Virtual size: 105KB