siq2g8ez[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

siq2g8ez.exe
Size

2.3MB
MD5

cbd9afcfdbcbbf334e1dd9c12d39a050
SHA1

3d7ee7107ee0cf38d0f7a017e0af549b70f83033
SHA256

94cbf70b6d1a280d31b9c9d2aa3bbc3faa4609a8caec8339f9e265fc07c44913
SHA512

064b6b7c75ab4f674a3971b7c4983f0638401caf7e7500b2a004fe59b239bdcc205383efdbfedfd4e6db0f4b48a001c14c55a39ec79bb2da5b088b12f1c8f485
SSDEEP

24576:/Rsv6GfQ1a3TzeWJh1zV+sVuVq7XJ3GG3QyiZVH4xenaTvFjhNesLU:Cv6GFD7zJV3Vu43GpyiH4ykvF1NxLU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
siq2g8ez.exe

Files

siq2g8ez.exe
.exe windows:6 windows x64 arch:x64

70af22963e68621cb4a26bc8c12b498e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

d3d11

D3D11CreateDevice

shlwapi

PathCanonicalizeA
PathCanonicalizeW

kernel32

QueryDosDeviceA
ProcessIdToSessionId
OpenProcess
IsWow64Process
CreateToolhelp32Snapshot
Process32First
Process32Next
Module32First
Module32Next
GetCurrentDirectoryA
GetFileAttributesW
GetTempPathW
GetSystemDirectoryA
GetSystemDirectoryW
GetSystemWow64DirectoryA
GetCommandLineW
SetCurrentDirectoryW
GetCurrentProcess
CreateFileA
CreateFileW
LocalFree
K32EnumDeviceDrivers
K32GetDeviceDriverBaseNameA
K32GetDeviceDriverFileNameW
MultiByteToWideChar
WideCharToMultiByte
GetVolumeInformationW
AllocConsole
FreeConsole
GlobalUnlock
GlobalLock
WriteConsoleW
SetEndOfFile
HeapSize
SetStdHandle
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
GetFileSizeEx
GetConsoleOutputCP
FlushFileBuffers
EnumSystemLocalesW
GetSystemDEPPolicy
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
HeapReAlloc
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetFileType
GetFileAttributesExW
GetExitCodeProcess
HeapAlloc
HeapFree
WriteFile
GetStdHandle
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
MoveFileExW
ReadFile
LoadLibraryExW
GetModuleFileNameA
GetCurrentDirectoryW
CreateProcessW
ExitProcess
DeleteCriticalSection
InitializeCriticalSection
CreateEventExA
WaitForSingleObject
CloseHandle
GetLogicalDriveStringsA
LoadLibraryA
GetCurrentProcessId
LeaveCriticalSection
EnterCriticalSection
GetDriveTypeA
FindFirstFileA
FindClose
Sleep
CreateDirectoryW
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
DeviceIoControl
GetLastError
SetFileAttributesW
RemoveDirectoryW
DeleteFileW
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
SetLastError
RtlUnwindEx
RaiseException
RtlPcToFileHeader
InitializeSListHead
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetCPInfo
GetStringTypeW
GetUserDefaultLCID
GetSystemTimeAsFileTime
QueryPerformanceCounter
QueryPerformanceFrequency
GetCurrentThreadId
InitializeCriticalSectionEx
EncodePointer
DecodePointer
LCMapStringEx

user32

GetMessageA
TranslateMessage
DispatchMessageA
SendMessageA
DefWindowProcA
PostQuitMessage
RegisterClassExW
CreateWindowExA
CreateWindowExW
ShowWindow
SetWindowPos
MessageBoxA
SetTimer
UpdateWindow
SetWindowTextA
GetClientRect
GetWindowLongPtrA
SetWindowLongPtrA
LoadCursorA
LoadIconA
ExitWindowsEx
UnregisterClassW
ShowWindowAsync
MoveWindow
SetForegroundWindow
GetDC
ReleaseDC
GetDlgItem
DestroyWindow
GetWindowRect
GetKeyNameTextA
GetClipboardData
CloseClipboard
OpenClipboard
GetRawInputData
ScreenToClient
MapVirtualKeyA
MessageBoxW
GetWindow
GetTopWindow
GetWindowTextA
PeekMessageA
GetWindowThreadProcessId
EnumWindows
SetProcessDPIAware
GetDesktopWindow
ShowCursor

gdi32

GetStockObject
GetDeviceCaps

comdlg32

GetOpenFileNameW

advapi32

RegQueryInfoKeyA
RegCloseKey
RegDeleteValueA
RegEnumKeyExA
ConvertSidToStringSidA
OpenServiceA
OpenSCManagerA
ControlService
CloseServiceHandle
ChangeServiceConfigA
LookupPrivilegeValueA
IsValidSid
GetTokenInformation
AdjustTokenPrivileges
OpenProcessToken
RegOpenKeyExW
RegOpenKeyExA
RegEnumValueA
RegDeleteTreeW
RegCreateKeyW
RegSetValueExW
RegSetValueExA
RegQueryValueExA

shell32

ShellExecuteA

ole32

CoSetProxyBlanket
CoCreateInstance
CoUninitialize
CoInitializeEx
CoInitializeSecurity

oleaut32

SysAllocString
SysFreeString
VariantClear

api-ms-win-shcore-scaling-l1-1-1

SetProcessDpiAwareness

ws2_32

socket
select
ioctlsocket
closesocket
__WSAFDIsSet
getaddrinfo
connect
WSAGetLastError
recv
send
WSAStartup
WSACleanup

dxgi

CreateDXGIFactory1

dwmapi

DwmExtendFrameIntoClientArea

setupapi

SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsA

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 149KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

70af22963e68621cb4a26bc8c12b498e

Headers

DLL Characteristics

File Characteristics

Imports

d3d11

shlwapi

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

api-ms-win-shcore-scaling-l1-1-1

ws2_32

dxgi

dwmapi

setupapi

Sections

.text Size: 1.0MB - Virtual size: 1.0MB

.rdata Size: 149KB - Virtual size: 148KB

.data Size: 1.1MB - Virtual size: 1.1MB

.pdata Size: 30KB - Virtual size: 29KB

_RDATA Size: 512B - Virtual size: 244B

.rsrc Size: 512B - Virtual size: 488B

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 1.0MB - Virtual size: 1.0MB

.rdata
Size: 149KB - Virtual size: 148KB

.data
Size: 1.1MB - Virtual size: 1.1MB

.pdata
Size: 30KB - Virtual size: 29KB

_RDATA
Size: 512B - Virtual size: 244B

.rsrc
Size: 512B - Virtual size: 488B

.reloc
Size: 4KB - Virtual size: 4KB