b685dde2a62e7db4fb7189373e8a9e1f9618385be1c03[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

b685dde2a62e7db4fb7189373e8a9e1f9618385be1c03.exe
Size

2.8MB
MD5

40d4a0fa0cd5b7df36808379296b57fc
SHA1

7154a6d777a1bbeb766b0e0fac95ce9f09740dc4
SHA256

b685dde2a62e7db4fb7189373e8a9e1f9618385be1c03411ce202a2a757712f4
SHA512

3cc33c24bcd31d70ab4a19663743d9b455ce430adbb7a894642205b3e4385894d1fed0067406e68ca9bfd7e76a61cd4d2ef1d43338fd9f4e801bba0aae189479
SSDEEP

49152:Ph0h+60pVW24ec06KvLph1aXUjNSdPoQhex:x60Cle5hka4dPoQhU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b685dde2a62e7db4fb7189373e8a9e1f9618385be1c03.exe

Files

b685dde2a62e7db4fb7189373e8a9e1f9618385be1c03.exe
.exe windows:6 windows x64 arch:x64

e15f48dc5703383815ef01024cf1426a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

user32

SetTimer
DispatchMessageW
TranslateMessage
KillTimer
GetMessageW

oleaut32

SafeArrayPutElement
SysAllocString
SafeArrayCreateVector
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreate

kernel32

GetSystemTimeAsFileTime
FlushFileBuffers
HeapSize
SetFilePointerEx
WriteConsoleW
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
GetTimeZoneInformation
GetFileType
CreateFileA
GetDiskFreeSpaceExA
GetFileSize
GetTempFileNameW
ReadFile
CloseHandle
QueryPerformanceCounter
QueryPerformanceFrequency
HeapAlloc
GetProcessHeap
GetCurrentProcess
GetSystemTime
VirtualProtect
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
LoadLibraryA
LoadLibraryW
lstrcpyW
lstrlenW
MultiByteToWideChar
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
EncodePointer
DecodePointer
LCMapStringEx
GetLocaleInfoEx
GetStringTypeW
LocalFree
CompareStringEx
GetCPInfo
GetLastError
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
GetCurrentProcessId
GetCurrentThreadId
HeapReAlloc
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
EnumSystemLocalesW
CreateFileW
GetConsoleMode
RaiseException
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetStdHandle
WriteFile
GetCommandLineA
GetCommandLineW
HeapFree
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
GetConsoleOutputCP

ntdll

RtlPcToFileHeader
RtlUnwindEx

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 343KB - Virtual size: 348KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 147KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e15f48dc5703383815ef01024cf1426a

Headers

DLL Characteristics

File Characteristics

Imports

user32

oleaut32

kernel32

ntdll

Sections

.text Size: 2.2MB - Virtual size: 2.2MB

.rdata Size: 84KB - Virtual size: 84KB

.data Size: 343KB - Virtual size: 348KB

.pdata Size: 17KB - Virtual size: 16KB

_RDATA Size: 512B - Virtual size: 500B

.rsrc Size: 147KB - Virtual size: 147KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 2.2MB - Virtual size: 2.2MB

.rdata
Size: 84KB - Virtual size: 84KB

.data
Size: 343KB - Virtual size: 348KB

.pdata
Size: 17KB - Virtual size: 16KB

_RDATA
Size: 512B - Virtual size: 500B

.rsrc
Size: 147KB - Virtual size: 147KB

.reloc
Size: 3KB - Virtual size: 3KB