6335347336[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

6335347336.exe
Size

10.1MB
MD5

ba4cea297373facb64aaf44f5c062c08
SHA1

662b5b70d1d21ee14aa3ee0f184e9ad2ad05034a
SHA256

9c78112a61d5d59c8773f0406104d83c552c8eff82cea775815345e11066d648
SHA512

c7123f6cb00f6907cea6da7a7e208e00954cd8d3fdbc26be182af2ec2a5694433b339aa0678493139c0f9f26e0b1e58c7431ae72786ebbdc9aa184e28c914851
SSDEEP

49152:K9htPkt2gXdtwvfq9z3OLKkuAsuRt+3ipOhrADOhMXL6Yi:KnVW2gXdXO2kuAbRy96GL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6335347336.exe

Files

6335347336.exe
.exe windows:6 windows x64

Password: 1nf47(ubR--

5f36d255575bd16060ed219d9fd2dbcc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

EnterCriticalSection
GetFullPathNameW
WriteFile
GetDiskFreeSpaceW
OutputDebugStringA
LockFile
LeaveCriticalSection
InitializeCriticalSection
SetFilePointer
GetFullPathNameA
SetEndOfFile
UnlockFileEx
GetTempPathW
CreateMutexW
WaitForSingleObject
CreateFileW
GetFileAttributesW
GetCurrentThreadId
GetVersionExW
UnmapViewOfFile
HeapValidate
HeapSize
MultiByteToWideChar
Sleep
GetTempPathA
FormatMessageW
GetDiskFreeSpaceA
GetLastError
GetFileAttributesA
GetFileAttributesExW
OutputDebugStringW
FlushViewOfFile
CreateFileA
WaitForSingleObjectEx
GetVersionExA
DeleteFileA
HeapFree
HeapReAlloc
CloseHandle
GetSystemInfo
HeapAlloc
HeapCompact
HeapDestroy
UnlockFile
CreateFileMappingA
LocalFree
LockFileEx
GetFileSize
DeleteCriticalSection
GetCurrentProcessId
GetProcessHeap
SystemTimeToFileTime
WideCharToMultiByte
GetSystemTimeAsFileTime
GetSystemTime
FormatMessageA
CreateFileMappingW
MapViewOfFile
QueryPerformanceCounter
GetTickCount
FlushFileBuffers
LoadLibraryA
GetProcAddress
CreateDirectoryW
GetCurrentProcess
GetUserDefaultUILanguage
GetTimeZoneInformation
LoadLibraryW
SetCurrentDirectoryW
GetModuleHandleW
CopyFileW
QueryFullProcessImageNameW
GetComputerNameA
ReadConsoleW
HeapCreate
TryEnterCriticalSection
ReadFile
AreFileApisANSI
DeleteFileW
WriteConsoleW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
SetConsoleCtrlHandler
GetConsoleMode
GetConsoleOutputCP
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
GetCurrentThread
SetFilePointerEx
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetFileInformationByHandle
GetDriveTypeW
GetModuleFileNameW
ExitProcess
GetModuleHandleExW
FreeLibraryAndExitThread
ResumeThread
GetCurrentDirectoryW
ExitThread
CreateThread
SetStdHandle
RtlUnwind
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InterlockedFlushSList
InterlockedPushEntrySList
RtlPcToFileHeader
RtlUnwindEx
GetFileSizeEx
VerifyVersionInfoW
VerSetConditionMask
SleepEx
WaitForMultipleObjects
PeekNamedPipe
GetFileType
GetStdHandle
GetEnvironmentVariableA
MoveFileExA
SetLastError
GetModuleHandleA
GetSystemDirectoryA
QueryPerformanceFrequency
RaiseException
VirtualProtect
VirtualQuery
FreeLibrary
LoadLibraryExA
InitializeCriticalSectionEx
EncodePointer
DecodePointer
GetLocaleInfoEx
LCMapStringEx
GetStringTypeW
CompareStringEx
GetCPInfo
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
CreateEventW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
InitializeSListHead
TerminateProcess
ReleaseSRWLockExclusive
AcquireSRWLockExclusive

gdi32

ChoosePixelFormat
SwapBuffers
SetPixelFormat
GetPixelFormat
DescribePixelFormat

winmm

midiOutOpen
midiInStart
midiInUnprepareHeader
waveOutPause
midiOutLongMsg
midiOutGetDevCapsW
midiInReset
waveOutClose
midiInClose
waveOutReset
midiInGetDevCapsW
midiInPrepareHeader
waveOutRestart
waveOutOpen
waveOutGetNumDevs
waveOutPrepareHeader
waveOutUnprepareHeader
midiInAddBuffer
midiInGetNumDevs
midiOutClose
midiOutGetNumDevs
waveOutWrite
midiInOpen

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
GetFileVersionInfoExW
GetFileVersionInfoSizeExW
GetFileVersionInfoSizeW
GetFileVersionInfoW

msdelta

GetDeltaInfoB
ApplyDeltaW
CreateDeltaW
CreateDeltaA
ApplyDeltaA
GetDeltaInfoA
GetDeltaSignatureW
ApplyDeltaProvidedB
DeltaFree
DeltaNormalizeProvidedB
ApplyDeltaB
GetDeltaSignatureB
GetDeltaInfoW
CreateDeltaB

dwmapi

DwmGetWindowAttribute
DwmDefWindowProc
DwmIsCompositionEnabled
DwmExtendFrameIntoClientArea
DwmGetColorizationColor
DwmGetCompositionTimingInfo
DwmSetWindowAttribute

d3d9

D3DPERF_EndEvent
D3DPERF_SetMarker
Direct3DCreate9
D3DPERF_GetStatus
D3DPERF_BeginEvent

dxgi

CreateDXGIFactory
CreateDXGIFactory1

bcrypt

BCryptGenRandom

Sections

.text
Size: 6.2MB - Virtual size: 6.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 344KB - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: 1nf47(ubR--

5f36d255575bd16060ed219d9fd2dbcc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

winmm

version

msdelta

dwmapi

d3d9

dxgi

bcrypt

Sections

.text Size: 6.2MB - Virtual size: 6.2MB

.rdata Size: 344KB - Virtual size: 344KB

.data Size: 3.4MB - Virtual size: 3.4MB

.pdata Size: 111KB - Virtual size: 110KB

_RDATA Size: 512B - Virtual size: 348B

.rsrc Size: 93KB - Virtual size: 92KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 6.2MB - Virtual size: 6.2MB

.rdata
Size: 344KB - Virtual size: 344KB

.data
Size: 3.4MB - Virtual size: 3.4MB

.pdata
Size: 111KB - Virtual size: 110KB

_RDATA
Size: 512B - Virtual size: 348B

.rsrc
Size: 93KB - Virtual size: 92KB

.reloc
Size: 8KB - Virtual size: 7KB