39d11a7c0c4286ab2fa318d37cb3c3f3[.]exe

Resubmissions

11/04/2024, 07:38

240411-jgeysahh8y 7

11/04/2024, 07:37

11/04/2024, 07:37

11/04/2024, 07:36

11/04/2024, 07:36

07/04/2024, 09:41

07/04/2024, 09:41

07/04/2024, 09:41

07/04/2024, 09:41

Sharing

Copy URL

Twitter E-mail

General

Target

39d11a7c0c4286ab2fa318d37cb3c3f3.exe
Size

1.9MB
MD5

39d11a7c0c4286ab2fa318d37cb3c3f3
SHA1

c18444d8d82b628100ac6d7b33c873884be99897
SHA256

48ee5e003fdd3d8c6b50ffb7931e5562ef3d04b7b411d8cf89118655da5c0e03
SHA512

3b24266cfda84af111551bb35111b1816739ffb971ee9ed26f20d3463abb7e7cc7f301bd29b0fed9f68b40a2e43e8b8fbb3c3776f3ea78eb875e0327f52d5a10
SSDEEP

49152:CeZz2gwNjPDGrcflSdRwwlM2oTPHUcmdfgL:hQg0iyqwwlJyLmB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39d11a7c0c4286ab2fa318d37cb3c3f3.exe

Files

39d11a7c0c4286ab2fa318d37cb3c3f3.exe
.exe windows:5 windows x86 arch:x86

a010ada1aa352a4971def9619d728b6a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

PeekNamedPipe
GetLocaleInfoA
CommConfigDialogA
ConvertThreadToFiber
UpdateResourceA
InterlockedIncrement
InterlockedDecrement
GetNamedPipeHandleStateA
WriteConsoleInputA
SetVolumeMountPointW
GetModuleHandleW
LocalFlags
GetWindowsDirectoryA
GetCompressedFileSizeW
GetVolumePathNameW
GlobalAlloc
LoadLibraryW
GetVersionExW
GetConsoleAliasW
WriteConsoleW
WritePrivateProfileSectionW
ReadFile
GetStartupInfoW
FindFirstFileW
GetShortPathNameA
GetCPInfoExW
GetLastError
GetProcAddress
HeapSize
PeekConsoleInputW
IsValidCodePage
OpenWaitableTimerA
WriteConsoleA
LocalAlloc
BuildCommDCBAndTimeoutsW
FindFirstVolumeMountPointW
UpdateResourceW
FreeEnvironmentStringsW
FindNextFileW
GetCurrentDirectoryA
WaitForDebugEvent
GetVolumeNameForVolumeMountPointW
GlobalAddAtomW
GetProfileSectionW
CreateFileW
FlushFileBuffers
SetStdHandle
GetConsoleMode
GetCommandLineW
LocalUnlock
VirtualUnlock
DebugActiveProcess
GetConsoleCP
SetFilePointer
IsValidLocale
WideCharToMultiByte
InterlockedExchange
MultiByteToWideChar
EncodePointer
DecodePointer
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapFree
DeleteFileA
HeapReAlloc
GetCommandLineA
HeapSetInformation
GetCPInfo
RaiseException
RtlUnwind
HeapAlloc
LCMapStringW
IsProcessorFeaturePresent
ExitProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
HeapCreate
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetACP
GetOEMCP
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
WriteFile
GetModuleFileNameW
GetModuleFileNameA
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStringTypeW
GetLocaleInfoW
GetUserDefaultLCID
EnumSystemLocalesA
CloseHandle

user32

GetDlgCtrlID
CharToOemBuffA
CharUpperBuffW

gdi32

GetCharWidthW

advapi32

DuplicateToken

winhttp

WinHttpCloseHandle

msimg32

AlphaBlend

Sections

.text
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1.7MB - Virtual size: 6.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

a010ada1aa352a4971def9619d728b6a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

winhttp

msimg32

Sections

.text Size: 124KB - Virtual size: 124KB

.data Size: 1.7MB - Virtual size: 6.4MB

.rsrc Size: 39KB - Virtual size: 38KB

.text
Size: 124KB - Virtual size: 124KB

.data
Size: 1.7MB - Virtual size: 6.4MB

.rsrc
Size: 39KB - Virtual size: 38KB