478ba184dfed3aexeexeexeex[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

478ba184dfed3aexeexeexeex.exe
Size

143KB
MD5

478ba184dfed3a28bcc4607b2dd10e05
SHA1

3e54bc4d0cd560780aa0b24c412ae5167b02d5cd
SHA256

18b1fcc0d07ad1b2de59b8585af39b2a0e8d203ec9d6c178d2985a14fe69bf34
SHA512

71c0c6d0cf341daabe64b991290f8b2ea48aa0b88cafc3679a01a8c760d5edebeecd00350f3f65406a79f555e146dd902866ac7dda4d27a60886041b419e014d
SSDEEP

3072:kHYWzJ+3E0ZhUrQWQXLcln5+JgiM0RgUFNT5:ydzkdUJQbc15ioxUFNF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
478ba184dfed3aexeexeexeex.exe

Files

478ba184dfed3aexeexeexeex.exe
.exe windows x86

79a6d0a2f3147943a651e965147d60ee

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wlanapi

WlanOpenHandle
WlanCloseHandle
WlanEnumInterfaces
WlanSetProfile
WlanFreeMemory

kernel32

SetUnhandledExceptionFilter
LoadLibraryW
SetStdHandle
WriteConsoleW
RaiseException
GetLastError
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
GetCurrentThreadId
SetEvent
GetVersion
CreateEventW
ResetEvent
CloseHandle
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
HeapReAlloc
GetStringTypeW
SetFilePointer
ReadFile
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
EncodePointer
DecodePointer
Sleep
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
HeapFree
GetCommandLineW
HeapSetInformation
LCMapStringW
MultiByteToWideChar
GetCPInfo
HeapAlloc
IsProcessorFeaturePresent
UnhandledExceptionFilter
CreateFileW
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
WriteFile
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoW
GetProcAddress
GetModuleHandleW
ExitProcess
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
HeapCreate
HeapSize
GetModuleFileNameW
GetLocaleInfoW
FreeEnvironmentStringsW

user32

PostThreadMessageW

ole32

CoCreateInstance
CoReleaseServerProcess
CoUninitialize
CoInitializeEx
CoWaitForMultipleHandles
StringFromGUID2
PropVariantClear
CoAddRefServerProcess

Sections

.text
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 35KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

fgjpyes
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

79a6d0a2f3147943a651e965147d60ee

Headers

DLL Characteristics

File Characteristics

Imports

wlanapi

kernel32

user32

ole32

Sections

.text Size: 77KB - Virtual size: 77KB

.rdata Size: 23KB - Virtual size: 23KB

.data Size: 6KB - Virtual size: 18KB

.rsrc Size: 512B - Virtual size: 448B

.reloc Size: 35KB - Virtual size: 36KB

fgjpyes Size: - Virtual size: 4KB

.text
Size: 77KB - Virtual size: 77KB

.rdata
Size: 23KB - Virtual size: 23KB

.data
Size: 6KB - Virtual size: 18KB

.rsrc
Size: 512B - Virtual size: 448B

.reloc
Size: 35KB - Virtual size: 36KB

fgjpyes
Size: - Virtual size: 4KB