5A97KwGuTChEcL[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

5A97KwGuTChEcL.exe
Size

20.7MB
MD5

eda3ddad6510317788ae60ef0e883a0f
SHA1

09ee4c440dc209a3068a65c6ca7738e0f3b49f84
SHA256

29d1dccfaa8ae3532d3c75e08fb5cae81481638e527d296cfb321488e7612edb
SHA512

36ff65a1ae660c12afc2a6467ff5eb26781071f93e8d40ebe560720f55947345a25a39af477f774615f1c5cbf6fc18c5437f1b3c421287a6fc001f691ca8020f
SSDEEP

393216:Tcxz4D9wtXCNjBeVxNQmh4zkHeU9DwRi5vgQsdhSJ7EwF5Yk:TYz4hwtXlik+zRAgFvO95Yk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5A97KwGuTChEcL.exe

Files

5A97KwGuTChEcL.exe
.exe windows:6 windows x64

ee7230a33c148b88d80bc3e112f999af

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

AcquireSRWLockExclusive
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

Sections

.tusatem
Size: - Virtual size: 298KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.imqds
Size: - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.yblfynf
Size: - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.byaj
Size: - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bjqsrfm
Size: - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sjqxmu
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zckuu
Size: - Virtual size: 140B

.ngvbba
Size: - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ksofr
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pfmvib
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.egyl
Size: - Virtual size: 13.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.znebw
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.npfu
Size: 20.7MB - Virtual size: 20.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ryxbxd
Size: 512B - Virtual size: 422B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ee7230a33c148b88d80bc3e112f999af

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.tusatem Size: - Virtual size: 298KB

.imqds Size: - Virtual size: 97KB

.yblfynf Size: - Virtual size: 25KB

.byaj Size: - Virtual size: 13KB

.bjqsrfm Size: - Virtual size: 56B

.sjqxmu Size: - Virtual size: 8KB

.zckuu Size: - Virtual size: 140B

.ngvbba Size: - Virtual size: 9B

.ksofr Size: - Virtual size: 4KB

.pfmvib Size: - Virtual size: 4KB

.egyl Size: - Virtual size: 13.8MB

.znebw Size: 3KB - Virtual size: 2KB

.npfu Size: 20.7MB - Virtual size: 20.7MB

.ryxbxd Size: 512B - Virtual size: 422B

.tusatem
Size: - Virtual size: 298KB

.imqds
Size: - Virtual size: 97KB

.yblfynf
Size: - Virtual size: 25KB

.byaj
Size: - Virtual size: 13KB

.bjqsrfm
Size: - Virtual size: 56B

.sjqxmu
Size: - Virtual size: 8KB

.zckuu
Size: - Virtual size: 140B

.ngvbba
Size: - Virtual size: 9B

.ksofr
Size: - Virtual size: 4KB

.pfmvib
Size: - Virtual size: 4KB

.egyl
Size: - Virtual size: 13.8MB

.znebw
Size: 3KB - Virtual size: 2KB

.npfu
Size: 20.7MB - Virtual size: 20.7MB

.ryxbxd
Size: 512B - Virtual size: 422B