666b3b7d630d66d6ec790473768b4a8c[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

666b3b7d630d66d6ec790473768b4a8c.exe
Size

71KB
MD5

666b3b7d630d66d6ec790473768b4a8c
SHA1

fa6f8d37c0a78793d08a2347119ef74b5290bd91
SHA256

c2613228ff8b7d63e7208f16f26f3c44256acba47c98a33d394547e6c1f542c0
SHA512

1283f1d45ec820198108260cb942ff9b3acaa4bbb829245cb98763e8b9e03cb149de74f7eeb9e4208be83caa291d9f38d34586286fee455074a191003e48129a
SSDEEP

768:MZAtTXRp/jEUqHeWPp7cPLih0V3AXDwsIYFeHcT2xcYaTK7y:uCTPrEDpPxcTih0V6DaYmcTGcXT2y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
666b3b7d630d66d6ec790473768b4a8c.exe

Files

666b3b7d630d66d6ec790473768b4a8c.exe
.exe windows:4 windows x86 arch:x86

17ba0f4c28ddf925f44a35a27011236f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

GetDCEx

gdi32

SetROP2

kernel32

Sleep
Sleep
GetSystemTime
Sleep
DeviceIoControl
WriteProcessMemory
GetSystemTimeAsFileTime
SleepEx
CreateFileA
WriteProcessMemory
WaitForSingleObject
CreateProcessA
VirtualProtectEx
VirtualProtect
DeviceIoControl
SleepEx
GetSystemTimeAsFileTime
LoadLibraryExA
TerminateProcess
SleepEx
LoadLibraryExW
WriteProcessMemory
LoadLibraryExA
ReleaseMutex
GetSystemTime
ReleaseMutex
CreateProcessA
ReleaseMutex
CreateProcessA
TerminateProcess
GetSystemTimeAsFileTime
GetProcAddress
GetCurrentDirectoryA
GetLastError
LoadLibraryA
GetCommandLineA
SetHandleInformation
GetCommandLineA
TlsGetValue
GetCurrentProcess
GetCurrentDirectoryA
GetCurrentThread
GetCurrentThreadId
TerminateProcess
WaitForSingleObject
SleepEx
TerminateProcess
WaitForSingleObject
TerminateProcess
GetStartupInfoA
VirtualProtectEx
ReleaseMutex
LoadLibraryExW
ReleaseMutex
VirtualProtectEx
CreateProcessW
WaitForSingleObjectEx
Sleep
Sleep
WriteProcessMemory
ReadProcessMemory
SleepEx
ReleaseMutex
WaitForSingleObjectEx
DeviceIoControl
Sleep
Sleep
GetStartupInfoA
WaitForSingleObject
CreateProcessW
Sleep
SleepEx
ReadProcessMemory
CreateProcessW
WaitForSingleObject
TerminateProcess
CreateProcessW
CreateProcessA
ReadProcessMemory
WriteProcessMemory
ReadFile
CreateFileA
GetStartupInfoW
WaitForSingleObject
ReleaseMutex
WriteProcessMemory
LoadLibraryA
WaitForSingleObjectEx
TerminateProcess
CreateFileA
WaitForSingleObject
CreateProcessW
CreateFileA
LoadLibraryA
LoadLibraryA
GetSystemTimeAsFileTime
ReleaseMutex
GetStartupInfoA
VirtualProtect
GetSystemTimeAsFileTime
WriteProcessMemory
GetStartupInfoW
CreateProcessA
TerminateProcess
GetStartupInfoW
DeviceIoControl
ReleaseMutex
WaitForSingleObjectEx
GetSystemTimeAsFileTime
LoadLibraryA
WaitForSingleObjectEx
WaitForSingleObjectEx
GetStartupInfoA
CreateProcessW
VirtualProtectEx
CreateProcessW
CreateProcessA
ReadProcessMemory
WaitForSingleObjectEx
GetSystemTime
WriteProcessMemory
Sleep
ReadProcessMemory
ReleaseMutex
CreateProcessA
VirtualProtect
ReadProcessMemory
ReadProcessMemory
CreateFileA
Sleep
GetSystemTime
ReleaseMutex
ReleaseMutex
GetSystemTimeAsFileTime
ReleaseMutex
TerminateProcess
ReleaseMutex
LoadLibraryExA
ReadFile
VirtualProtectEx
LoadLibraryExA
CreateProcessA
GetStartupInfoA
CreateFileA
ReadFile
LoadLibraryExA
VirtualProtect
SleepEx
CreateProcessW
CreateFileA
GetStartupInfoA
CreateFileA
WaitForSingleObject
CreateProcessW
VirtualProtect
LoadLibraryA
LoadLibraryExW
CreateProcessA
GetStartupInfoA
DeviceIoControl
CreateFileA
WriteProcessMemory
ReleaseMutex
LoadLibraryExW
ReleaseMutex
GetSystemTimeAsFileTime
WriteProcessMemory
GetSystemTimeAsFileTime
ReadProcessMemory
VirtualProtect
CreateProcessA
VirtualProtectEx
WaitForSingleObject
WaitForSingleObjectEx

Sections

.text
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.itext
Size: 46KB - Virtual size: 48KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

17ba0f4c28ddf925f44a35a27011236f

Headers

File Characteristics

Imports

user32

gdi32

kernel32

Sections

.text Size: 10KB - Virtual size: 12KB

.itext Size: 46KB - Virtual size: 48KB

.rdata Size: 5KB - Virtual size: 8KB

.data Size: 2KB - Virtual size: 4KB

.idata Size: 1024B - Virtual size: 4KB

.rsrc Size: 5KB - Virtual size: 8KB

.text
Size: 10KB - Virtual size: 12KB

.itext
Size: 46KB - Virtual size: 48KB

.rdata
Size: 5KB - Virtual size: 8KB

.data
Size: 2KB - Virtual size: 4KB

.idata
Size: 1024B - Virtual size: 4KB

.rsrc
Size: 5KB - Virtual size: 8KB