ixfgtray[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

ixfgtray.exe
Size

382KB
MD5

10ed410eb0c4a8edf4a2e7b75e043d7a
SHA1

7234832461df041f135101c3e09e8866e328d2c1
SHA256

6ca8be221bbec7da46ec7609baf4e5c1b1d65e6b3e41d0c305f21a7089db98d6
SHA512

eb2c4c9b11cfbf1e0e2a511b0a9ea90b4fdf209ad4fa7c088c80b23c6701fd476d48a6fee6bfe7ab743027770dc5d00276e846396e7f62f5f904d740cae5b573
SSDEEP

6144:R+9QxcOGLpbfIQxbsbPqocJH07uA4wH/+CO1t4/q:R+9QpGLNfIc25cJH07uA4wHBOH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ixfgtray.exe

Files

ixfgtray.exe
.exe windows x86

e47b6a57642f031da7874a192926e35b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
CreateDirectoryA
SetFileAttributesA
SetEnvironmentVariableA
CreateFileW
GetFileAttributesExW
CreateProcessA
GetExitCodeProcess
WaitForSingleObject
SetStdHandle
InterlockedIncrement
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
EncodePointer
DecodePointer
WideCharToMultiByte
GetLocaleInfoEx
MultiByteToWideChar
GetStringTypeW
GetCommandLineA
GetSystemTimeAsFileTime
ReadFile
GetLastError
ExitProcess
GetModuleHandleExW
GetProcAddress
AreFileApisANSI
GetModuleFileNameW
IsDebuggerPresent
IsProcessorFeaturePresent
InitializeCriticalSectionAndSpinCount
RaiseException
RtlUnwind
HeapValidate
GetSystemInfo
GetCPInfo
SetLastError
GetCurrentThreadId
GetStdHandle
WriteFile
GetProcessHeap
GetFileType
InitOnceExecuteOnce
GetStartupInfoW
GetModuleFileNameA
QueryPerformanceCounter
GetTickCount64
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetConsoleCP
GetConsoleMode
CloseHandle
SetFilePointer
SetFilePointerEx
ReadConsoleW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
GetCurrentProcess
TerminateProcess
GetModuleHandleW
LoadLibraryExW
IsValidCodePage
GetACP
GetOEMCP
OutputDebugStringW
WaitForSingleObjectEx
CreateThread
LoadLibraryW
OutputDebugStringA
WriteConsoleW
FlushFileBuffers
HeapFree
HeapReAlloc
HeapSize
HeapQueryInformation
HeapAlloc
CompareStringEx
GetUserDefaultLocaleName
LCMapStringEx
IsValidLocaleName
EnumSystemLocalesEx
SetEndOfFile

wininet

InternetReadFile
HttpSendRequestW
HttpOpenRequestA
InternetConnectA
InternetOpenW
InternetCloseHandle

Sections

.text
Size: 248KB - Virtual size: 248KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e47b6a57642f031da7874a192926e35b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

wininet

Sections

.text Size: 248KB - Virtual size: 248KB

.rdata Size: 68KB - Virtual size: 67KB

.data Size: 7KB - Virtual size: 15KB

.reloc Size: 58KB - Virtual size: 57KB

.text
Size: 248KB - Virtual size: 248KB

.rdata
Size: 68KB - Virtual size: 67KB

.data
Size: 7KB - Virtual size: 15KB

.reloc
Size: 58KB - Virtual size: 57KB