67fd310280e558947e9673a8477bc830[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

67fd310280e558947e9673a8477bc830.exe
Size

270KB
MD5

67fd310280e558947e9673a8477bc830
SHA1

bcfde98883a8dc333d421d2356c7c6d1a4d23843
SHA256

bd40b000e9e2040cdc3636b8ae35550c97bdec758791faae2b816acc3e6c4df2
SHA512

05612f7cf03aa2af04db36b4ad225e66ac15ac2a831b91970c0dfdbd139d1b12bda9180c68f336c5be6742173c242dcd3c240dc3bba7236133ecc0aa913a14e7
SSDEEP

6144:3eF9NmLlAnq+r5AT17WOLBoNfj60ed0prdYrHi:3ezqi9rOTtXVoNfjYdcBYrC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67fd310280e558947e9673a8477bc830.exe

Files

67fd310280e558947e9673a8477bc830.exe
.exe windows:4 windows x64 arch:x64

827dff750df061800266a8567fedfbc8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

InitializeCriticalSection
DeviceIoControl
CreateFileA
WaitForMultipleObjects
ReleaseMutex
CreateMutexA
GetTickCount
ReadFile
GetFileSize
GetModuleFileNameA
GetVersionExA
GetSystemTimeAsFileTime
GetCurrentThreadId
OpenEventA
SetWaitableTimer
CreateWaitableTimerA
CancelWaitableTimer
VirtualFree
VirtualAlloc
Sleep
__C_specific_handler
SetThreadPriority
DeleteCriticalSection
GetCurrentThread
MultiByteToWideChar
ResumeThread
DisconnectNamedPipe
CancelIo
WriteFile
ConnectNamedPipe
FlushFileBuffers
LocalFree
CreateNamedPipeA
LocalAlloc
GetProcAddress
LoadLibraryA
GetSystemTimeAdjustment
GetSystemTime
FindClose
FindNextFileA
FindFirstFileA
GetWindowsDirectoryA
ResetEvent
EnterCriticalSection
LeaveCriticalSection
CreateThread
WaitForSingleObject
TerminateThread
GetExitCodeThread
WaitForSingleObjectEx
SetEvent
CloseHandle
CreateEventA
GetThreadPriority
GetLastError
VirtualQuery
GetSystemInfo
VirtualProtect
LCMapStringW
LCMapStringA
SetStdHandle
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
HeapReAlloc
IsBadCodePtr
QueryPerformanceCounter
GetCurrentProcessId
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
RtlUnwindEx
HeapAlloc
RaiseException
RtlPcToFileHeader
HeapFree
ExitThread
GetCommandLineA
GetProcessHeap
GetStartupInfoA
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
GetModuleHandleA
HeapSetInformation
HeapCreate
ExitProcess
HeapSize
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
SetFilePointer
GetACP
GetOEMCP
GetCPInfo
IsBadReadPtr
IsBadWritePtr

advapi32

SetSecurityDescriptorDacl
RegEnumKeyExA
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumValueA
RegQueryValueExA
StartServiceCtrlDispatcherA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegisterServiceCtrlHandlerExA
SetServiceStatus
InitializeSecurityDescriptor

ws2_32

WSAGetLastError
socket
setsockopt
htons
connect
gethostbyname
ioctlsocket
shutdown
select
__WSAFDIsSet
recv
send
WSACleanup
WSAStartup
inet_addr
closesocket

shlwapi

SHDeleteKeyA

Sections

.text
Size: 209KB - Virtual size: 208KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

827dff750df061800266a8567fedfbc8

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

ws2_32

shlwapi

Sections

.text Size: 209KB - Virtual size: 208KB

.rdata Size: 41KB - Virtual size: 40KB

.data Size: 4KB - Virtual size: 14KB

.pdata Size: 12KB - Virtual size: 12KB

.CRT Size: 512B - Virtual size: 8B

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 209KB - Virtual size: 208KB

.rdata
Size: 41KB - Virtual size: 40KB

.data
Size: 4KB - Virtual size: 14KB

.pdata
Size: 12KB - Virtual size: 12KB

.CRT
Size: 512B - Virtual size: 8B

.rsrc
Size: 1KB - Virtual size: 1KB