_-_--_-_-_-_--_-_-_-_-__-_-_-_--_-_-_-_--_-_-_-_--_-_-_-_-_-_--[.]_-_--_-_-_-_--_-_-_-_-__-_-_-_--_-_-_-_--_-_-_-_--_-_-_-_-_-_--

Sharing

Copy URL Twitter E-mail

General

Target

_-_--_-_-_-_--_-_-_-_-__-_-_-_--_-_-_-_--_-_-_-_--_-_-_-_-_-_--._-_--_-_-_-_--_-_-_-_-__-_-_-_--_-_-_-_--_-_-_-_--_-_-_-_-_-_--
Size

6.1MB
MD5

bc0a9fc9af2ee27b4f5a230c68deded0
SHA1

0e2787ab2893fe55aea6b4157b604fe46ed40621
SHA256

d4105de123dafd7715ee1d2f818c919e31840ea020186aa591af84535570365c
SHA512

57ce1c0e55fdc0b0a39a43d8fb06e5a50f56a433b600b4da660e416f645b1b21462606837279ad27bb7233a4d2e4664c18687cae079a3c82bd81a4ddefb562ad
SSDEEP

98304:FRJ4BB1/laElvnPD3dLKEewX1jv9yNz7yaJ5O9WOT+ggKqWm/lWdeNN:6BvtaQLR/1v9yNzRKPagaVWkN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
_-_--_-_-_-_--_-_-_-_-__-_-_-_--_-_-_-_--_-_-_-_--_-_-_-_-_-_--._-_--_-_-_-_--_-_-_-_-__-_-_-_--_-_-_-_--_-_-_-_--_-_-_-_-_-_--

Files

_-_--_-_-_-_--_-_-_-_-__-_-_-_--_-_-_-_--_-_-_-_--_-_-_-_-_-_--._-_--_-_-_-_--_-_-_-_-__-_-_-_--_-_-_-_--_-_-_-_--_-_-_-_-_-_--
.dll windows:5 windows x86 arch:x86

2b8c4761e4ca1944ca8f8a7658d2a322

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Documents and Settings\Administrator\Desktop\ShellExec\out\release\hyubgycdixpm.pdb

Imports

kernel32

HeapAlloc
ReadConsoleA
GetModuleHandleExW
SetHandleInformation
GetCurrentThread
GetProcessHeap
FormatMessageA
GetCurrencyFormatW
LoadLibraryW
Sleep
lstrcatA
MultiByteToWideChar
lstrlenW
GetFileSizeEx
GetStdHandle
GetLastError
GetProcAddress
LoadResource
CreateFileMappingA
LocalAlloc
LockResource
GetModuleFileNameA
GetModuleHandleA
VirtualProtect
GetCurrentDirectoryA
lstrcpyA
CloseHandle
CreateFileW
WriteConsoleW
SetStdHandle
HeapSize
CompareStringW
MapViewOfFile
FindResourceW
lstrlenA
FindResourceA
CreateFileA
LoadLibraryA
GetCommandLineW
RtlUnwind
WideCharToMultiByte
GetTimeFormatA
GetDateFormatA
HeapReAlloc
GetSystemTimeAsFileTime
GetCurrentThreadId
DecodePointer
GetCommandLineA
RaiseException
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
HeapFree
IsProcessorFeaturePresent
GetModuleHandleW
ExitProcess
WriteFile
GetModuleFileNameW
HeapCreate
HeapDestroy
SetEnvironmentVariableA
SetEnvironmentVariableW
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
GetStringTypeW
LCMapStringW
SetHandleCount
GetFileType
GetStartupInfoW
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
SetFilePointer
GetConsoleCP
GetConsoleMode
FlushFileBuffers

user32

wsprintfA
GetScrollRange
CreateWindowExA
FindWindowA
GetScrollPos
RegisterWindowMessageA
CopyImage

gdi32

GdiFlush

advapi32

RegEnumKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shlwapi

PathRemoveFileSpecA
PathStripPathA

Exports

Exports

mq6AQUko48OSim2I
WZesXSYQaGj
hEFrfGVkEhRiskgN
lmjmowvlflcdy
qkjmkdxpdid
reYvcefpGIC
vmvyuivuqyghcems
xybushhxryj
zjqmwdsjoug

Sections

.text
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2b8c4761e4ca1944ca8f8a7658d2a322

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shlwapi

Exports

Exports

Sections

.text Size: 77KB - Virtual size: 76KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 6KB - Virtual size: 19KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 77KB - Virtual size: 76KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 6KB - Virtual size: 19KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 7KB - Virtual size: 7KB