7f624a8edced8677c0dee6452f770ec0_console[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

7f624a8edced8677c0dee6452f770ec0_console.exe
Size

139KB
MD5

7f624a8edced8677c0dee6452f770ec0
SHA1

b21c394c53cf5b06ea64d7d8c2d55cc218838107
SHA256

4c49dcabbff36b0117706bd5dbe1c469d9bc1f5dbedb19fa68636665c22c064a
SHA512

20dce47d976f21953150294584414c79c8d42df52a2bb63231bc7338e0aec0bc7d0bc95eafb8f42eced530ec4cebba70f52348c1f5075b3cec6f2a6b05c3432a
SSDEEP

3072:TPtBaMKbTCFh7uMwqrz9gnj2lbYSrJSVdlZ/P:TLW6hmozqSlXFSBZn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7f624a8edced8677c0dee6452f770ec0_console.exe

Files

7f624a8edced8677c0dee6452f770ec0_console.exe
.exe windows:4 windows x86

c5e29b4bd6d2967cc5c11c890bfdbfed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAlloc
GetTempPathA
lstrcatA
GetLastError
lstrlenA
DeleteFileA
WaitForSingleObject
CreateProcessA
FindFirstFileA
GetModuleFileNameA
GetVersion
GetModuleHandleA
lstrcpyA
TerminateProcess
GetShortPathNameA
SetStdHandle
SetEndOfFile
VirtualAlloc
HeapAlloc
GetProcAddress
SetFilePointer
WriteFile
HeapFree
VirtualFree
HeapCreate
RtlUnwind
GetFileType
GetStdHandle
HeapDestroy
GetOEMCP
GetACP
SetHandleCount
WideCharToMultiByte
GetEnvironmentStringsW
GetCPInfo
FreeEnvironmentStringsW
GetEnvironmentStrings
UnhandledExceptionFilter
GetCommandLineA
FreeEnvironmentStringsA
LoadLibraryA
ReadFile
GetCurrentProcess
GetTickCount
GetStartupInfoA
ExitProcess
FlushFileBuffers
CloseHandle
CreateFileA

user32

GetMessageA
MessageBoxA
TranslateMessage
LoadStringA
RegisterClassA
RegisterClassExA
LoadIconA
wsprintfA
GetDlgItemTextA
ShowWindow
EndDialog
SetDlgItemInt
IsDlgButtonChecked
GetDlgItemInt
SetDlgItemTextA
GetDlgItem
EnableWindow
SetFocus
SetWindowTextA
CheckDlgButton
DefWindowProcA
DialogBoxParamA
DestroyWindow
GetDC
WinHelpA
PostQuitMessage
SetScrollRange
ReleaseDC
CreateWindowExA
DispatchMessageA
SetScrollPos
LoadCursorA

comdlg32

GetSaveFileNameA

shell32

SHGetSpecialFolderLocation
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc

ole32

CoUninitialize
CoInitialize

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 943B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.erdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c5e29b4bd6d2967cc5c11c890bfdbfed

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

shell32

ole32

Sections

.text Size: 23KB - Virtual size: 23KB

.rdata Size: 1024B - Virtual size: 943B

.data Size: 11KB - Virtual size: 20KB

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 3KB

.erdata Size: 20KB - Virtual size: 20KB

.text
Size: 23KB - Virtual size: 23KB

.rdata
Size: 1024B - Virtual size: 943B

.data
Size: 11KB - Virtual size: 20KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 3KB

.erdata
Size: 20KB - Virtual size: 20KB