XVleXFxYIDM4MmRiZWYzNzI1N2JmZWY4Nzg2ZDM0MWZkOWE0ZjRi[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

XVleXFxYIDM4MmRiZWYzNzI1N2JmZWY4Nzg2ZDM0MWZkOWE0ZjRi.exe
Size

5.0MB
MD5

59ebfb71d3e760ac250b314b58456496
SHA1

668b404dfe8d1f0a7e915dcfcb2472bec54211c0
SHA256

a6b105ceb000d82826e261d15822c3d0335e86a2a3ed87ae1721b741fb8b366d
SHA512

bc892ed11674420cbba378fff40a6e53d4084f1f0a608a88e03c08029382e38cbf716b37e73513082ca4fb0dd23ba57cf9688bc246720184bf30b521de848a68
SSDEEP

98304:MoMUg6yKfS1Bsg2WpVkIAMP74bQON5XZVpniDtECJxBRnKmZW/VkwZq7oIoT:M+MySQWpVFAcMMOHXb4S4RJWOv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
XVleXFxYIDM4MmRiZWYzNzI1N2JmZWY4Nzg2ZDM0MWZkOWE0ZjRi.exe

Files

XVleXFxYIDM4MmRiZWYzNzI1N2JmZWY4Nzg2ZDM0MWZkOWE0ZjRi.exe
.exe windows:6 windows x64 arch:x64

186e9c81445a5cf0d38833ff0ef51793

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

LoadLibraryA

user32

DestroyIcon

gdi32

SetPixelFormat

advapi32

GetTokenInformation

shell32

DragQueryPoint

ole32

CreateStreamOnHGlobal

ws2_32

inet_addr

opengl32

glPushAttrib

imm32

ImmSetCandidateWindow

wtsapi32

WTSEnumerateProcessesA

shlwapi

PathStripPathA

ntdll

RtlVirtualUnwind

wininet

HttpOpenRequestA

urlmon

URLDownloadToFileW

gdiplus

GdipGetImageEncodersSize

Sections

.text
Size: - Virtual size: 825KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 270KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 291KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.T-+
Size: - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.7*X
Size: 512B - Virtual size: 336B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.av4
Size: 5.0MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

186e9c81445a5cf0d38833ff0ef51793

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

ws2_32

opengl32

imm32

wtsapi32

shlwapi

ntdll

wininet

urlmon

gdiplus

Sections

.text Size: - Virtual size: 825KB

.rdata Size: - Virtual size: 270KB

.data Size: - Virtual size: 291KB

.pdata Size: - Virtual size: 31KB

_RDATA Size: - Virtual size: 244B

.T-+ Size: - Virtual size: 3.5MB

.7*X Size: 512B - Virtual size: 336B

.av4 Size: 5.0MB - Virtual size: 5.0MB

.rsrc Size: 512B - Virtual size: 480B

.text
Size: - Virtual size: 825KB

.rdata
Size: - Virtual size: 270KB

.data
Size: - Virtual size: 291KB

.pdata
Size: - Virtual size: 31KB

_RDATA
Size: - Virtual size: 244B

.T-+
Size: - Virtual size: 3.5MB

.7*X
Size: 512B - Virtual size: 336B

.av4
Size: 5.0MB - Virtual size: 5.0MB

.rsrc
Size: 512B - Virtual size: 480B