65e977deba7a8c40d676992406dfdb9ac061ff40b7cff9e5e779bd73f28664b7

Sharing

Copy URL Twitter E-mail

General

Target

65e977deba7a8c40d676992406dfdb9ac061ff40b7cff9e5e779bd73f28664b7
Size

5.9MB
MD5

f28ff8e5cd2eaa152c49633c036ae69b
SHA1

4d5d57d0eac89745549bf6aefbdf7bb53e09fed0
SHA256

65e977deba7a8c40d676992406dfdb9ac061ff40b7cff9e5e779bd73f28664b7
SHA512

af64fc3939bfe0fca998b8ac0dec7a33cfc24bece78f326def8d1a4fa4d1d8e3d650605263f4f8d20cf5b322364361547947b695778c1ca56493ad7b37dc80d3
SSDEEP

98304:1NUMTq5uEYDjJBmHn3G0QyNyO4wYHMvCR2IDl+zuM4ueFJwMf+3J3UiuhD3iY:nTTdKWWRYHMysaMfeFJeuPhTiY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
65e977deba7a8c40d676992406dfdb9ac061ff40b7cff9e5e779bd73f28664b7

Files

65e977deba7a8c40d676992406dfdb9ac061ff40b7cff9e5e779bd73f28664b7
.exe windows x64

25b993df4fdc58bf8d760023e7d27631

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

wsock32

WSACleanup

version

GetFileVersionInfoW

winmm

timeGetTime

comctl32

ImageList_ReplaceIcon

mpr

WNetUseConnectionW

wininet

InternetQueryDataAvailable

psapi

GetProcessMemoryInfo

iphlpapi

IcmpCreateFile

userenv

DestroyEnvironmentBlock

uxtheme

IsThemeActive

kernel32

WaitForSingleObject

user32

RegisterHotKey

gdi32

StrokePath

comdlg32

GetOpenFileNameW

advapi32

GetAce

shell32

DragQueryPoint

ole32

CoTaskMemAlloc

oleaut32

UnRegisterTypeLi

msvcrt

_wcsnicmp

Sections

.text
Size: 4.0MB - Virtual size: 4.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 69KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

25b993df4fdc58bf8d760023e7d27631

Headers

DLL Characteristics

File Characteristics

Imports

wsock32

version

winmm

comctl32

mpr

wininet

psapi

iphlpapi

userenv

uxtheme

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

msvcrt

Sections

.text Size: 4.0MB - Virtual size: 4.1MB

.sedata Size: 1.8MB - Virtual size: 1.8MB

.idata Size: 1KB - Virtual size: 4KB

.rsrc Size: 69KB - Virtual size: 72KB

.sedata Size: 4KB - Virtual size: 4KB

.text
Size: 4.0MB - Virtual size: 4.1MB

.sedata
Size: 1.8MB - Virtual size: 1.8MB

.idata
Size: 1KB - Virtual size: 4KB

.rsrc
Size: 69KB - Virtual size: 72KB

.sedata
Size: 4KB - Virtual size: 4KB