iXFS[.]exe | Triage

Sharing

Copy URL

Twitter E-mail

General

Target

iXFS.exe
Size

148KB
MD5

f2f97115234d63784b17ea5601b67b6b
SHA1

f519f01d7d2eb6d976ff3dfafd2356cd4d3dbaee
SHA256

93067d2f42e0f3ee859e2518cb6e55215871593b9924ad8e4e4ec712a7f59e3a
SHA512

5477d6db9448b7539a9d1ab145c8f7ff629883387072b151f7014f6faafbfc6ed6e79047e365f0086a2070bfa6d5ab54d8efd27e65bf3f1dbe9854622899adce
SSDEEP

3072:wEbwIFczTunswSUScqVdT37hd9dNYUE9TBfbZDU:ndT5SiCdT3fPNYUE9TBD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
iXFS.exe

Files

iXFS.exe
.exe windows x86

e0992e37f24ee07f2344c8c7e6be2fdf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
GetCurrentDirectoryA
CompareStringW
CompareStringA
HeapSize
SetEndOfFile
LCMapStringW
LCMapStringA
GetSystemInfo
VirtualProtect
GetLocaleInfoA
FlushFileBuffers
CreateThread
GetCPInfo
GetOEMCP
GetLastError
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
VirtualQuery
InterlockedExchange
RtlUnwind
LoadLibraryA
HeapReAlloc
VirtualAlloc
GetTempPathA
SetFilePointer
ReadFile
DeleteFileA
MoveFileA
CreateDirectoryA
WriteFile
SetStdHandle
CreateFileA
VirtualFree
HeapCreate
HeapDestroy
GetFileType
SetHandleCount
GetEnvironmentStringsW
CloseHandle
GetFileSize
GetACP
ExitProcess
GetSystemTimeAsFileTime
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersionExA
HeapFree
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetModuleFileNameA
HeapAlloc
GetProcAddress
TerminateProcess
GetCurrentProcess
WideCharToMultiByte
GetTimeZoneInformation
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
SetEnvironmentVariableA

user32

GetParent
MessageBoxA
GetSysColor
LoadMenuA
LoadIconA
SetWindowLongA
GetCursorPos
GetSubMenu
TrackPopupMenu
MessageBeep
SendMessageA
DialogBoxParamA
GetWindowTextA
BeginPaint
FillRect
CallWindowProcA
IntersectRect
EndPaint
EndDialog
SetWindowTextA
GetClientRect
EnableWindow
GetDlgItem

gdi32

DeleteObject
GetClipBox
SelectObject
GetTextExtentPoint32A
SetBkMode
SetTextColor
TextOutA
CreateBrushIndirect

comdlg32

GetFileTitleA
GetOpenFileNameA

shell32

DragQueryFileA
DragFinish

comctl32

ord17
ord6

Sections

.text
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 526KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e0992e37f24ee07f2344c8c7e6be2fdf

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

shell32

comctl32

Sections

.text Size: 72KB - Virtual size: 68KB

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 8KB - Virtual size: 526KB

.rsrc Size: 36KB - Virtual size: 33KB

.text
Size: 72KB - Virtual size: 68KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 8KB - Virtual size: 526KB

.rsrc
Size: 36KB - Virtual size: 33KB