vHn3xjt[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

vHn3xjt.exe
Size

300KB
MD5

e57d1405893f48bacad8acfc6e0f677e
SHA1

e799c03e455aa0f6e2a12a7017eea97c24cbaf09
SHA256

ffee1dd5823819f07e78a39b77ec50a6e2ace983352134647155a52ca58fd44d
SHA512

e07918251b1784648ad80b607e8182ad2b008745f56f7b9813818449c6a8635e65725af0065f44e5bf31a452b1f1725d726a4509299c4f8b0f3eb5061cdaf5ca
SSDEEP

6144:uvWnMqSR7HGAJjwfx6y95mu7OYjHz5++iUHeiedUeDK9/26Zrz:39SBGwjEN80OyV+xU0FDK9/9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
vHn3xjt.exe

Files

vHn3xjt.exe
.exe windows:5 windows x86

ba4369bae573036ddae7833163a0833a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetFileAttributesA
CreateDirectoryA
FindResourceA
GetExitCodeThread
HeapSize
FindClose
GetModuleHandleA
GetDriveTypeW
IsValidCodePage
VirtualProtect
SetLastError
GetFileAttributesA
CancelIo
RemoveDirectoryA
MapViewOfFile
GetLocaleInfoA
ResetEvent
GetProcessHeap
CreateMailslotW
GetTickCount
IsBadWritePtr

user32

SetCursor
PostMessageW
DispatchMessageA
LoadCursorA
IsWindow
GetWindowTextW
wsprintfA
LoadImageW
IsDialogMessageA
PeekMessageA
SetFocus
GetWindowLongW
GetCapture

ipsmsnap

DllGetClassObject
DllCanUnloadNow
DllGetClassObject
DllUnregisterServer

rasapi32

DwRasUninitialize

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 291KB - Virtual size: 291KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.import
Size: 512B - Virtual size: 464B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE