df5b004be71717362e6b1ad22072f9ee4113b95b5d78c496a90857977a9fb415[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

df5b004be71717362e6b1ad22072f9ee4113b95b5d78c496a90857977a9fb415.exe
Size

949KB
MD5

a292fee8d8db83711e72c06d6f82562d
SHA1

82f88c1af036181ee4e92a2f9338c152d1ff0c58
SHA256

df5b004be71717362e6b1ad22072f9ee4113b95b5d78c496a90857977a9fb415
SHA512

50a63500809fdc218b3d1cdc2cf402261e1c2d63c6f66088c857b03f6c7e7165835f9959b9d8200541e6f69dd149bdc0f7c0a0801caaeccfe0a9807e7f8289f1
SSDEEP

12288:RcOlvT7Zom3rITxaVDrd5vUa69Ghj91nlQocyW7/P6E4kKjqnes9PBVW/g:RDJJDbcJ90jtH0bP6ELVne2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
df5b004be71717362e6b1ad22072f9ee4113b95b5d78c496a90857977a9fb415.exe

Files

df5b004be71717362e6b1ad22072f9ee4113b95b5d78c496a90857977a9fb415.exe
.exe windows:6 windows x86 arch:x86

0342305287526630b0692bf1d3350409

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDirectoryA
GetProcAddress
ExitProcess
FreeLibrary
GetEnvironmentStrings
SleepEx
GetTickCount
VirtualAlloc
GetCommandLineA
GetTickCount64
CreateDirectoryA
GetModuleFileNameA
FindFirstFileW
SetHandleCount
VirtualProtect
GetCurrentProcess
GetConsoleOutputCP
lstrlenW
GetStdHandle
WriteConsoleA
DeviceIoControl
GetConsoleCP
LeaveCriticalSection
lstrlenA
LocalAlloc
CreateFileW
GetFileAttributesW
GetCurrentThreadId
lstrcmpA
GetSystemDirectoryW
GetCurrentDirectoryA
GetModuleHandleA
SetFileAttributesW
GetFileInformationByHandle
LocalFileTimeToFileTime
GetFileAttributesA
FindClose
GetCurrentThread
LoadLibraryA
TlsAlloc
FindResourceExW
GetWindowsDirectoryA
LoadResource
FindResourceW
SetStdHandle
SystemTimeToFileTime
GetModuleHandleW
TlsGetValue
TlsFree
QueryPerformanceCounter
SetUnhandledExceptionFilter
WriteConsoleW
CloseHandle
SetFilePointerEx
GetConsoleMode
FlushFileBuffers
HeapReAlloc
HeapSize
GetStringTypeW
GetFileType
GetProcessHeap
DecodePointer
LCMapStringW
FindNextFileA
LoadLibraryExA
CreateFileA
FindFirstFileA
FreeEnvironmentStringsW
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
GetStartupInfoW
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeSListHead
TerminateProcess
RtlUnwind
RaiseException
GetLastError
SetLastError
EncodePointer
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsSetValue
LoadLibraryExW
GetModuleHandleExW
GetModuleFileNameW
WriteFile
HeapAlloc
HeapFree
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW

user32

GetFocus
GetCaretPos
MessageBoxW
GetClipboardOwner
GetOpenClipboardWindow
GetActiveWindow
GetInputState
MessageBoxA
GetMessageTime
SetWindowsHookExW
GetDesktopWindow
GetProcessWindowStation
GetCursorPos
CloseWindow
DestroyWindow
SendMessageTimeoutA
DefWindowProcA
CreateDialogParamA
PostQuitMessage
FindWindowA
GetClipboardViewer

advapi32

RegCloseKey
RegOpenKeyA
RegEnumKeyA

shlwapi

PathAppendA
PathFileExistsW

Sections

.text
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 681KB - Virtual size: 683KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 123KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0342305287526630b0692bf1d3350409

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

Sections

.text Size: 107KB - Virtual size: 106KB

.rdata Size: 29KB - Virtual size: 29KB

.data Size: 681KB - Virtual size: 683KB

.rsrc Size: 123KB - Virtual size: 123KB

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 107KB - Virtual size: 106KB

.rdata
Size: 29KB - Virtual size: 29KB

.data
Size: 681KB - Virtual size: 683KB

.rsrc
Size: 123KB - Virtual size: 123KB

.reloc
Size: 6KB - Virtual size: 6KB