djGZtzQY[.]exe

General

Target

djGZtzQY.exe
Size

31KB
MD5

f59c16c7dd358578529b0132608679f9
SHA1

a84e7888a57d5dd9556f766488557aaddae549ba
SHA256

fe39596f1c0a0781e68cb0eff1f4356f355504525d34b8ae2a1044ee647dae76
SHA512

158836ef2362cd4ab477f1ce74e9dde209c777d91ee4030cc35ac5dce5b4f524309eee8250c64c2aa2a4deee4fd01c182fea8e2e69618ace50297f558013a464
SSDEEP

768:CpfwjIl8XfxrutBVr1e56mlM+z5bu3gPu7Fe:CpfwjK6rUx7mlM+z52gW7Fe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
djGZtzQY.exe

Files

djGZtzQY.exe
.exe windows:6 windows x86 arch:x86

06808242f219c69af05507840ef08387

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__getmainargs
__mb_cur_max
__set_app_type
_beginthread
_errno
_iob
_lock
_unlock
atexit
atoi
fputc
free
localeconv
malloc
memcpy
memset
setlocale
strchr
strerror
strlen
tolower
wcslen

kernel32

CloseHandle
ConnectNamedPipe
CreateEventA
CreateNamedPipeA
CreateProcessA
DeleteCriticalSection
DisconnectNamedPipe
EnterCriticalSection
ExitProcess
GetCurrentProcessId
GetExitCodeProcess
GetLastError
GetModuleHandleW
GetProcAddress
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LocalAlloc
LocalFree
MultiByteToWideChar
OpenProcess
ReadFile
SetEvent
Sleep
WaitForSingleObject
WideCharToMultiByte
WriteFile

advapi32

AllocateAndInitializeSid
CloseServiceHandle
DeleteService
EqualSid
FreeSid
GetTokenInformation
InitializeSecurityDescriptor
OpenProcessToken
OpenSCManagerA
OpenServiceA
RegisterServiceCtrlHandlerA
SetSecurityDescriptorDacl
SetServiceStatus
StartServiceCtrlDispatcherA

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

06808242f219c69af05507840ef08387

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

advapi32

Sections

.text Size: 25KB - Virtual size: 24KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 1024B - Virtual size: 3KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 25KB - Virtual size: 24KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 1024B - Virtual size: 3KB

.reloc
Size: 1KB - Virtual size: 1KB