d2a0e6e5bdd66332fca965dad6126c1d6ef956e3782c431f1f41e99f45926331[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

d2a0e6e5bdd66332fca965dad6126c1d6ef956e3782c431f1f41e99f45926331.exe
Size

539KB
MD5

c273cdfcfd808efa49ec0ed4f1c976e0
SHA1

d29208c4ad04330e2676f1a65357c5e15252ab8e
SHA256

d2a0e6e5bdd66332fca965dad6126c1d6ef956e3782c431f1f41e99f45926331
SHA512

8ae08c93d66441ef1d85975fedb29c154b4ffd52167de656f011db22a427034f2b37b7ef04e6a63fae5dca38245972fc0b03f7001565af16fd80161b6c1df285
SSDEEP

12288:NZpWRlLEq3vWcm9jmslPiKxK1lWoVf6pkqY4+1IKIPeo0p0hp8qncjA6/Auhys4B:NnfU1v4teomiuA6y2TE9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d2a0e6e5bdd66332fca965dad6126c1d6ef956e3782c431f1f41e99f45926331.exe

Files

d2a0e6e5bdd66332fca965dad6126c1d6ef956e3782c431f1f41e99f45926331.exe
.exe windows x86

2a44c3000fd59a726b4a9e5477fb2f10

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RaiseException
HeapAlloc
GetLogicalDriveStringsA
GlobalFree
DeleteCriticalSection
GetProcessHeap
HeapReAlloc
GlobalAlloc
GetLastError
HeapSize
InitializeCriticalSectionEx
GetCommandLineW
DecodePointer
HeapFree
WriteConsoleW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
ReadConsoleW
GetTimeZoneInformation
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
GetFileSizeEx
GetStdHandle
GetModuleHandleExW
CreateFileW
GetFileAttributesW
GetTempPathW
CloseHandle
GetFileInformationByHandle
GetFileType
GetFullPathNameW
ReadFile
WriteFile
PeekNamedPipe
MultiByteToWideChar
WideCharToMultiByte
IsValidCodePage
GetACP
GetOEMCP
LocalFree
FormatMessageA
GetCurrentDirectoryW
CreateDirectoryW
DeleteFileW
FindClose
FindFirstFileExW
FindNextFileW
GetFileAttributesExW
RemoveDirectoryW
SetEndOfFile
SetFilePointerEx
AreFileApisANSI
SetLastError
GetModuleHandleW
GetProcAddress
QueryPerformanceCounter
QueryPerformanceFrequency
Sleep
GetCurrentThreadId
InitializeCriticalSectionAndSpinCount
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
EnterCriticalSection
LeaveCriticalSection
EncodePointer
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
IsDebuggerPresent
OutputDebugStringW
SetEvent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
GetStartupInfoW
GetCurrentProcessId
InitializeSListHead
GetCurrentThread
GetThreadTimes
FreeLibrary
GetModuleFileNameW
LoadLibraryExW
RtlUnwind
GetDriveTypeW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
SetStdHandle
ExitProcess

shell32

CommandLineToArgvW

wininet

InternetCloseHandle
InternetOpenA
HttpOpenRequestA
HttpSendRequestA
InternetConnectA
InternetSetOptionW
InternetReadFile

mpr

WNetCloseEnum
WNetOpenEnumA
WNetEnumResourceA

bcrypt

BCryptHashData
BCryptCreateHash
BCryptDeriveKeyPBKDF2
BCryptOpenAlgorithmProvider
BCryptGetProperty
BCryptSetProperty
BCryptCloseAlgorithmProvider
BCryptGenerateSymmetricKey
BCryptEncrypt
BCryptDestroyKey
BCryptFinishHash

advapi32

CryptAcquireContextA
CryptGenRandom
CryptGetHashParam
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptReleaseContext

Sections

.text
Size: 406KB - Virtual size: 405KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 648B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2a44c3000fd59a726b4a9e5477fb2f10

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

shell32

wininet

mpr

bcrypt

advapi32

Sections

.text Size: 406KB - Virtual size: 405KB

.rdata Size: 125KB - Virtual size: 125KB

.data Size: 6KB - Virtual size: 10KB

.rsrc Size: 1024B - Virtual size: 648B

.text
Size: 406KB - Virtual size: 405KB

.rdata
Size: 125KB - Virtual size: 125KB

.data
Size: 6KB - Virtual size: 10KB

.rsrc
Size: 1024B - Virtual size: 648B