fdf50a01a8837c9f4280f3e7f7e336f3cbf93a30c78b48aa50c05b45a7f2ee5b[.]exe

Resubmissions

23/10/2023, 15:49

231023-s9vz5shg5t 9

23/10/2023, 15:21

231023-srhbbshe7x 7

12/10/2023, 20:30

231012-zabksabd6x 7

Sharing

Copy URL Twitter E-mail

General

Target

fdf50a01a8837c9f4280f3e7f7e336f3cbf93a30c78b48aa50c05b45a7f2ee5b.exe
Size

6.4MB
MD5

34e3e94f9955c101640b44926bc44393
SHA1

4a65848af705b2d2b23af0b0795f0ec8bfdc0c69
SHA256

fdf50a01a8837c9f4280f3e7f7e336f3cbf93a30c78b48aa50c05b45a7f2ee5b
SHA512

3bd4c9727072bca3ff5f1b56d0325795975c52e674ea807498bd6695bd583f634398ce31b1d3afd977c133dc6cd93de1ecc15b4c7237beb91bdaaa90f7f748a3
SSDEEP

196608:wFdcod40VI97J1QmbhSDQNiapy4sQv0IgHV9:wLcT97EcADeycXg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fdf50a01a8837c9f4280f3e7f7e336f3cbf93a30c78b48aa50c05b45a7f2ee5b.exe

Files

fdf50a01a8837c9f4280f3e7f7e336f3cbf93a30c78b48aa50c05b45a7f2ee5b.exe
.dll regsvr32 windows:6 windows x64

db53459cb7c27bb8104be7d6f472c9ac

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

ws2_32

inet_ntoa

kernel32

FindFirstFileExW
GetVersion
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

wsprintfW
CharUpperBuffW

ole32

CoSetProxyBlanket

oleaut32

VariantInit

advapi32

GetTokenInformation

iphlpapi

GetIpNetTable

userenv

DestroyEnvironmentBlock

shlwapi

PathMatchSpecW

netapi32

NetUseEnum

mpr

WNetAddConnection2W

Exports

Exports

DllMain
DllRegisterServer

Sections

.text
Size: - Virtual size: 774KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.z+u
Size: - Virtual size: 3.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.1>c
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fTe
Size: 6.4MB - Virtual size: 6.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 204B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 434B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

db53459cb7c27bb8104be7d6f472c9ac

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

kernel32

user32

ole32

oleaut32

advapi32

iphlpapi

userenv

shlwapi

netapi32

mpr

Exports

Exports

Sections

.text Size: - Virtual size: 774KB

.rdata Size: - Virtual size: 172KB

.data Size: - Virtual size: 2.0MB

.pdata Size: - Virtual size: 33KB

_RDATA Size: - Virtual size: 244B

.z+u Size: - Virtual size: 3.6MB

.1>c Size: 3KB - Virtual size: 3KB

.fTe Size: 6.4MB - Virtual size: 6.4MB

.reloc Size: 512B - Virtual size: 204B

.rsrc Size: 512B - Virtual size: 434B

.text
Size: - Virtual size: 774KB

.rdata
Size: - Virtual size: 172KB

.data
Size: - Virtual size: 2.0MB

.pdata
Size: - Virtual size: 33KB

_RDATA
Size: - Virtual size: 244B

.z+u
Size: - Virtual size: 3.6MB

.1>c
Size: 3KB - Virtual size: 3KB

.fTe
Size: 6.4MB - Virtual size: 6.4MB

.reloc
Size: 512B - Virtual size: 204B

.rsrc
Size: 512B - Virtual size: 434B