f54a41145b732d47d4a2b0a1c6e811ddcba48558[.]exe

Resubmissions

27-03-2023 11:22

230327-ngrd2adc33 7

27-03-2023 10:06

230327-l455laeh8s 1

23-03-2023 15:46

230323-s7rjyagf63 1

Sharing

Copy URL

Twitter E-mail

General

Target

f54a41145b732d47d4a2b0a1c6e811ddcba48558.exe
Size

502KB
MD5

0118319ac0ffa2b074fe4e7ce2b3c0cb
SHA1

f54a41145b732d47d4a2b0a1c6e811ddcba48558
SHA256

9a9b94e04c97df3b3df7ef20da36b11bf782a2b20db806c227612c44124d6bb3
SHA512

585ac4860fb35ccad737a9ec1f6b51efc2a4ac749cab4f905311ba49b4be42ce1ab85b282b226c3e51188fbd611f32e0205f73f3da5ff80df6f8da32e519e4f0
SSDEEP

12288:BGW89Rlv7AVUPPc51erzJYzGDJ2p+Ia2ZOoM2P:BZShwUPPcqr1fD8xZnP

Score

1^/10

Malware Config

Signatures

Files

f54a41145b732d47d4a2b0a1c6e811ddcba48558.exe
.exe windows x64

1e9b98fe56584aa1a9facc45399a3951

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetModuleHandleA
GetProcAddress
GetLastError
GetModuleFileNameW
DeleteFileW
WideCharToMultiByte
HeapAlloc
HeapFree
GetVersionExA
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
HeapSetInformation
HeapCreate
RtlUnwindEx
EnterCriticalSection
LeaveCriticalSection
GetConsoleCP
GetConsoleMode
CloseHandle
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
FlsGetValue
FlsSetValue
TlsFree
FlsFree
SetLastError
GetCurrentThreadId
FlsAlloc
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
Sleep
LoadLibraryA
InitializeCriticalSection
CreateFileW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
FlushFileBuffers
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapReAlloc
HeapSize
SetEndOfFile
ReadFile
CreateFileA

advapi32

CryptDestroyKey
CryptImportKey
CryptReleaseContext
CryptSetKeyParam
CryptAcquireContextW
CryptDecrypt

Sections

.text
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 421KB - Virtual size: 429KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

1e9b98fe56584aa1a9facc45399a3951

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 61KB - Virtual size: 61KB

.rdata Size: 14KB - Virtual size: 14KB

.data Size: 421KB - Virtual size: 429KB

.pdata Size: 4KB - Virtual size: 3KB

.text
Size: 61KB - Virtual size: 61KB

.rdata
Size: 14KB - Virtual size: 14KB

.data
Size: 421KB - Virtual size: 429KB

.pdata
Size: 4KB - Virtual size: 3KB