71dff14ffdc3e09c404c2a55e84430ff[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

71dff14ffdc3e09c404c2a55e84430ff.exe
Size

266KB
MD5

71dff14ffdc3e09c404c2a55e84430ff
SHA1

bd4f363cfa68f9988c38c4c5bb08935081486ec0
SHA256

a77732ddffe3379c1637253174c4ee2f4b6b3f619efcee3bc2e9da2f39608bd2
SHA512

e15f76b7fb10cdd29f95c64162ec76b549c6a17e6b5cc821f51f28470b71ed735c5fc29303db9e4a0dc9dec66a0d84bb7de2ac06674747f99febaedfad4a9169
SSDEEP

3072:4wvy57PHN2Zl7uToLz8UxzD80+djrEnHWGYaaSKDrj206FqvPuMS2L5YW5uub:WPHN2PqToLAa80yXm2GzPGu06cvPuMu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71dff14ffdc3e09c404c2a55e84430ff.exe

Files

71dff14ffdc3e09c404c2a55e84430ff.exe
.exe windows x86

56d10481189f6a27053ef040fb6b42af

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CommConfigDialogA
FindResourceExW
WriteConsoleOutputW
_lwrite
ReadConsoleA
InterlockedDecrement
WaitForSingleObject
AddConsoleAliasW
CreateHardLinkA
GetProcessPriorityBoost
GetTickCount
GetConsoleAliasesA
CreateRemoteThread
GetConsoleAliasExesW
GlobalAlloc
LoadLibraryW
_hread
FormatMessageW
FindNextVolumeW
WriteConsoleW
ReadFile
GetModuleFileNameW
CreateActCtxA
GetACP
GetLocaleInfoA
GetLogicalDriveStringsA
GetLastError
ReadConsoleOutputCharacterA
GetProcAddress
VirtualAlloc
LocalLock
IsValidCodePage
CreateMemoryResourceNotification
LoadLibraryA
GlobalHandle
VirtualProtect
GetCurrentDirectoryA
GetVersionExA
FindAtomW
FileTimeToLocalFileTime
GetCurrentProcessId
AddConsoleAliasA
OpenFileMappingA
GetConsoleOutputCP
WriteConsoleA
SetCurrentDirectoryA
CreateTimerQueue
InterlockedIncrement
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
MultiByteToWideChar
GetModuleHandleW
ExitProcess
GetCommandLineA
GetStartupInfoA
RtlUnwind
RaiseException
LCMapStringA
WideCharToMultiByte
LCMapStringW
GetCPInfo
HeapAlloc
HeapCreate
VirtualFree
HeapReAlloc
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
HeapSize
GetOEMCP
WriteFile
GetStdHandle
GetModuleFileNameA
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetStringTypeA
GetStringTypeW
CloseHandle
CreateFileA
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetStdHandle
SetFilePointer
SetEndOfFile
GetProcessHeap

user32

LoadMenuW
GetCaretPos
CharUpperBuffA

advapi32

MapGenericMask

Sections

.text
Size: 221KB - Virtual size: 221KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

56d10481189f6a27053ef040fb6b42af

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 221KB - Virtual size: 221KB

.data Size: 6KB - Virtual size: 2.7MB

.rsrc Size: 38KB - Virtual size: 37KB

.text
Size: 221KB - Virtual size: 221KB

.data
Size: 6KB - Virtual size: 2.7MB

.rsrc
Size: 38KB - Virtual size: 37KB