dx2vxp9gf5u463[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dx2vxp9gf5u463.exe
Size

2.1MB
MD5

49b7a81c39c76490387e7490a6432c4f
SHA1

e8222b479e6d2094c31aec9f6160adc8045be544
SHA256

6460e932d263bf69379d397644f02036dfe83754f7c3810895aafcf7901eb65c
SHA512

4db4a32aeffafec3a70e509a8a2b79c31953eed509d4f8600447d7d2d9b1d77d4776507c8e3ed4e9e16a44953088c027aba6b627c48075d45cb97d9f8c777aa4
SSDEEP

49152:haT7WTWiUwd5ZsDcMKcPU49OSreIlo6ZREOOXeSBtefW5w+Pi+CyiKvv:k7WTZ9bp4em38bXJBFjotKvv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dx2vxp9gf5u463.exe

Files

dx2vxp9gf5u463.exe
.exe windows:6 windows x64

ba4ff8b43bf50438f2c00a55e2357900

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

advapi32

RegOpenKeyExA

user32

CreateWindowExW

shell32

SHGetDiskFreeSpaceExW

kernel32

GetModuleHandleA

Sections

.text
Size: - Virtual size: 949KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: - Virtual size: 334KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE