akJcgxHzirB[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

akJcgxHzirB.exe
Size

6.9MB
MD5

3df6c1aacf0e9b8db1134017b7dfdfd7
SHA1

e0d676cb9bb513bba679a8c8a837bb36a94ec171
SHA256

1a9a862a9e95a0eab6dc096ea5fdf83b97a7b866b7e1876031051d57cae58247
SHA512

2dfdc5ee5c636ebc80babb73947fd14ba6d12d5ec72a5ab69fffb9d7dd12730347cfe4c4a5e182ce55947b620c3f36ceb84173e73effd4d6a3de876f3f39fd61
SSDEEP

196608:xNGZGAwbZ1Y/D7uFi6bXz38vxERbde9qG:x0kAwbiDp6bj8vQIQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
akJcgxHzirB.exe

Files

akJcgxHzirB.exe
.exe windows:6 windows x86 arch:x86

bc0dacce3015b5d0739eab02610e53a7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

d3d9

Direct3DCreate9

d3dx9_43

D3DXCreateTextureFromFileInMemoryEx

ws2_32

htons

wldap32

ord143

normaliz

IdnToAscii

kernel32

GetVersionExA
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

UpdateWindow
CharUpperBuffW

gdi32

RemoveFontMemResourceEx

advapi32

RegOpenKeyA

libcrypto-3

ERR_print_errors_fp

libssl-3

SSL_connect

wininet

InternetReadFile

urlmon

URLDownloadToFileA

bcrypt

BCryptGenRandom

crypt32

CertGetCertificateChain

Sections

.text
Size: - Virtual size: 795KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 257KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 432KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.</z
Size: - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.>01
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.;]a
Size: 6.9MB - Virtual size: 6.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 469B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bc0dacce3015b5d0739eab02610e53a7

Headers

DLL Characteristics

File Characteristics

Imports

d3d9

d3dx9_43

ws2_32

wldap32

normaliz

kernel32

user32

gdi32

advapi32

libcrypto-3

libssl-3

wininet

urlmon

bcrypt

crypt32

Sections

.text Size: - Virtual size: 795KB

.rdata Size: - Virtual size: 257KB

.data Size: - Virtual size: 432KB

.</z Size: - Virtual size: 3.7MB

.>01 Size: 2KB - Virtual size: 1KB

.;]a Size: 6.9MB - Virtual size: 6.9MB

.reloc Size: 2KB - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 469B

.text
Size: - Virtual size: 795KB

.rdata
Size: - Virtual size: 257KB

.data
Size: - Virtual size: 432KB

.</z
Size: - Virtual size: 3.7MB

.>01
Size: 2KB - Virtual size: 1KB

.;]a
Size: 6.9MB - Virtual size: 6.9MB

.reloc
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 469B