immunity[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

immunity.exe
Size

7.6MB
MD5

7b1b70f6c752e2a0dc06ad718aac11ee
SHA1

39324b1868ec24cb810e7f30157dd187cb5fdcc6
SHA256

d9760a570adf7275df1dbcf073960b56531dd524c06c5db0855e39e08365db88
SHA512

13fc66f182c696f4e7d61e79520c04487c7f970fff44a3efd1958bce2a57a6e6561d0d8aee7fb2c8936ceecb2644159b0a1e9270c5efc23d7d4eeec47d528f58
SSDEEP

196608:Iu045rdpsZCyjA2Ab/N9Uxy23ciDUP/tXEDkJ:IkdAU2A7NqjMiwP/tX

Score

1^/10

Malware Config

Signatures

Files

immunity.exe
.exe windows x64

c66c8c21c3f6de2a7239366b4060d4b8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

WriteProcessMemory
GetSystemTimeAsFileTime
LocalAlloc
GetModuleFileNameW
LocalFree
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

OpenClipboard
GetUserObjectInformationW
GetProcessWindowStation
GetUserObjectInformationW

shell32

SHGetPathFromIDListA

ole32

CoInitialize

oleaut32

SysAllocString

imm32

ImmSetCompositionWindow

d3d9

Direct3DCreate9

wininet

HttpSendRequestA

wtsapi32

WTSSendMessageW

Sections

.text
Size: - Virtual size: 643KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wxQ0
Size: - Virtual size: 5.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.wxQ1
Size: 7.5MB - Virtual size: 7.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c66c8c21c3f6de2a7239366b4060d4b8

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

ole32

oleaut32

imm32

d3d9

wininet

wtsapi32

Sections

.text Size: - Virtual size: 643KB

.rdata Size: - Virtual size: 163KB

.data Size: - Virtual size: 31KB

.pdata Size: - Virtual size: 25KB

_RDATA Size: - Virtual size: 148B

.wxQ0 Size: - Virtual size: 5.1MB

.wxQ1 Size: 7.5MB - Virtual size: 7.5MB

.reloc Size: 512B - Virtual size: 208B

.rsrc Size: 108KB - Virtual size: 107KB

.text
Size: - Virtual size: 643KB

.rdata
Size: - Virtual size: 163KB

.data
Size: - Virtual size: 31KB

.pdata
Size: - Virtual size: 25KB

_RDATA
Size: - Virtual size: 148B

.wxQ0
Size: - Virtual size: 5.1MB

.wxQ1
Size: 7.5MB - Virtual size: 7.5MB

.reloc
Size: 512B - Virtual size: 208B

.rsrc
Size: 108KB - Virtual size: 107KB