20e537bfd21f45154ef2ae971cd35790_console[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

20e537bfd21f45154ef2ae971cd35790_console.exe
Size

577KB
MD5

20e537bfd21f45154ef2ae971cd35790
SHA1

b0857f657e888630e78bb33ef058ffbfed8de110
SHA256

ee476c39e2e8bb428032fd9c6c4b6bc5ae59f74e1b24ac93cf08eb6a097142c8
SHA512

1d8217835721ea9d5f1a2369e706b22bb2d38a792fa75e9c18d23483ba41c944a6f10c1b28c27c9d177bacaefd3089d3b7df96b5b4cdb4c2cddd9d2028c830d8
SSDEEP

12288:O6bq+LpKcaapN9eXN6EQGjf87NMPrNxj/GTTeAIMBOdZ8TTclQ9rF8v/:W+VKcaapNQdqGjfKMP5xj/G+ztdZ8T81

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
20e537bfd21f45154ef2ae971cd35790_console.exe

Files

20e537bfd21f45154ef2ae971cd35790_console.exe
.exe windows:4 windows x86

d4fdd7aac9e50f3deabb12752da85a68

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

CryptAcquireContextA
CryptGenRandom

kernel32

CloseHandle
CreateSemaphoreA
CreateThread
DeleteCriticalSection
EnterCriticalSection
FindClose
FindFirstFileA
FindNextFileA
FormatMessageA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetStartupInfoA
GetStdHandle
GetSystemTimeAsFileTime
GetTickCount
GetVersionExA
InitializeCriticalSection
LeaveCriticalSection
MoveFileExA
OutputDebugStringA
QueryPerformanceCounter
QueryPerformanceFrequency
ReleaseSemaphore
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
TryEnterCriticalSection
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WaitForSingleObject
WriteConsoleA
WriteConsoleW

msvcrt

__getmainargs
__initenv
__lconv_init
__p__acmdln
__p__fmode
__set_app_type
__setusermatherr
_amsg_exit
_cexit
_errno
_getcwd
_initterm
_iob
_mkdir
_onexit
_snprintf
_stricmp
_strnicmp
_vsnprintf
_wopen
abort
atof
atoi
atol
bsearch
calloc
exit
fclose
ferror
fflush
fopen
fprintf
fputc
fputs
fread
free
fseek
ftell
fwrite
getenv
isspace
malloc
memchr
memcmp
memcpy
memmove
memset
localtime
_getpid
realloc
remove
signal
sprintf
sscanf
strcmp
strcpy
strcspn
strerror
strftime
strlen
strncmp
strncpy
strrchr
strspn
strtol
tolower
vfprintf
time
wcstombs
_stat
_write
_read
_open
_lseek
_close
_chdir

libwinpthread-1

pthread_cond_broadcast
pthread_cond_wait
pthread_getspecific
pthread_key_create
pthread_key_delete
pthread_mutex_destroy
pthread_mutex_init
pthread_mutex_lock
pthread_mutex_unlock
pthread_once
pthread_setspecific

shell32

ShellExecuteA

ws2_32

WSAGetLastError
WSAStartup
WSAStringToAddressA
__WSAFDIsSet
accept
bind
closesocket
connect
freeaddrinfo
getaddrinfo
htons
ioctlsocket
listen
recv
recvfrom
select
send
sendto
setsockopt
socket

Sections

.text
Size: 401KB - Virtual size: 401KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 159KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 457KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d4fdd7aac9e50f3deabb12752da85a68

Headers

File Characteristics

Imports

advapi32

kernel32

msvcrt

libwinpthread-1

shell32

ws2_32

Sections

.text Size: 401KB - Virtual size: 401KB

.data Size: 11KB - Virtual size: 10KB

.rdata Size: 159KB - Virtual size: 158KB

.bss Size: - Virtual size: 457KB

.idata Size: 4KB - Virtual size: 3KB

.CRT Size: 512B - Virtual size: 52B

.tls Size: 512B - Virtual size: 8B

.text
Size: 401KB - Virtual size: 401KB

.data
Size: 11KB - Virtual size: 10KB

.rdata
Size: 159KB - Virtual size: 158KB

.bss
Size: - Virtual size: 457KB

.idata
Size: 4KB - Virtual size: 3KB

.CRT
Size: 512B - Virtual size: 52B

.tls
Size: 512B - Virtual size: 8B