842737b5c36f624c9420a005239b04876990a2c4011db87fe67504fa09281031[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

842737b5c36f624c9420a005239b04876990a2c4011db87fe67504fa09281031.exe
Size

1.1MB
MD5

df5ce1159ef2e257df92e1825d786d87
SHA1

a7e163eaa0fc2afb9c0d5ac6f79cb3e49919dd3c
SHA256

842737b5c36f624c9420a005239b04876990a2c4011db87fe67504fa09281031
SHA512

4e08bc2ab8602356a025fc293ad997c893adf5a4dcaaef304b0e5110da8f8f489af49286b1a90209244bbb1114fb974dae8f63eb26e7a1fe275a9a5b99834fab
SSDEEP

24576:LOTX2KCv3hoGjmxMO55Hl+rcTopkXcLF6iZi/ZfD3OhkMwn0tB1d5Cxzjzq:Zv3hXjAHlIcToTLM+hZw0tB1d5Cxzjzq

Score

1^/10

Malware Config

Signatures

Files

842737b5c36f624c9420a005239b04876990a2c4011db87fe67504fa09281031.exe
.exe windows x86

bca5675746d13a1f246e2da3c2217492

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

crypt32

CertNameToStrA
CertFreeCertificateContext
CryptDecodeObjectEx

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

advapi32

ConvertStringSidToSidA
ConvertSecurityDescriptorToStringSecurityDescriptorA
LsaLookupSids
ConvertSidToStringSidA
ConvertStringSidToSidW
GetSecurityDescriptorOwner
GetSecurityDescriptorLength
LsaOpenPolicy
GetLengthSid
IsValidSecurityDescriptor
LookupAccountSidA
IsValidSid

wldap32

ord309
ord215
ord139
ord132
ord12
ord178
ord77
ord141
ord207
ord96
ord146
ord223
ord310
ord41
ord218
ord135
ord72
ord304
ord191
ord14
ord147
ord166
ord79
ord36
ord27
ord121
ord13
ord54
ord55
ord205
ord26
ord117
ord119
ord126
ord301
ord93
ord196

ws2_32

ntohs

kernel32

WriteConsoleW
HeapSize
SetStdHandle
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
FindClose
GetProcessHeap
SetFilePointerEx
ReadFile
SetConsoleMode
ReadConsoleInputA
ReadConsoleW
CreateFileW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetACP
GetCommandLineW
GetCommandLineA
WriteFile
HeapFree
HeapReAlloc
HeapAlloc
GetModuleHandleExW
ExitProcess
LoadLibraryExW
FreeLibrary
GetModuleFileNameA
GetFileAttributesExA
GetStdHandle
MultiByteToWideChar
FormatMessageW
GetTimeZoneInformation
LocalFileTimeToFileTime
GetLastError
GetFileAttributesA
FileTimeToSystemTime
FileTimeToLocalFileTime
LocalFree
SystemTimeToFileTime
WideCharToMultiByte
GetFileType
CreateDirectoryA
GetSystemTime
GetTickCount
RaiseException
SetEndOfFile
RtlUnwind
GetStringTypeW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetModuleHandleW
GetProcAddress
CompareStringW
LCMapStringW
GetLocaleInfoW
GetCPInfo
CloseHandle
SetEvent
ResetEvent
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead

ole32

StringFromGUID2
CLSIDFromString

Sections

.text
Size: 793KB - Virtual size: 793KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 248KB - Virtual size: 247KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bca5675746d13a1f246e2da3c2217492

Headers

DLL Characteristics

File Characteristics

Imports

crypt32

version

advapi32

wldap32

ws2_32

kernel32

ole32

Sections

.text Size: 793KB - Virtual size: 793KB

.rdata Size: 248KB - Virtual size: 247KB

.data Size: 4KB - Virtual size: 1.0MB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 6KB - Virtual size: 5KB

.reloc Size: 46KB - Virtual size: 46KB

.text
Size: 793KB - Virtual size: 793KB

.rdata
Size: 248KB - Virtual size: 247KB

.data
Size: 4KB - Virtual size: 1.0MB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 6KB - Virtual size: 5KB

.reloc
Size: 46KB - Virtual size: 46KB