8df021c59246b5e6e24fa2bf029edae29f94ff06fb7afa679fb74200d7c06915[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

8df021c59246b5e6e24fa2bf029edae29f94ff06fb7afa679fb74200d7c06915.exe
Size

1015KB
MD5

64b3f812f4c039da7641f40b849c9310
SHA1

95855b3cf5119375fbdde69a46eab8c9be61b155
SHA256

8df021c59246b5e6e24fa2bf029edae29f94ff06fb7afa679fb74200d7c06915
SHA512

97b51fc4fb8f849ecf42ec70cb44c299bcda79570faf6b4cec7bff8d27cb307d904b929a671f41a6ed73719f26512f46d15d18632039d8927a2e7b9169d96a9c
SSDEEP

24576:hgHRpqQhfjvVRsecxaOF3qxKHL+Wj4QDSa+Glzn4243+oRFNgg5Hwdk:hgrqQpVcxae3v6MSa3lTyfRTgSQdk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8df021c59246b5e6e24fa2bf029edae29f94ff06fb7afa679fb74200d7c06915.exe

Files

8df021c59246b5e6e24fa2bf029edae29f94ff06fb7afa679fb74200d7c06915.exe
.dll windows:5 windows x86 arch:x86

f4f8fbf00f18abec95a604a0e1a33515

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

oleaut32

SysAllocStringByteLen
SysAllocStringLen
VariantClear
SysFreeString
SysStringLen
SysAllocString
VariantCopy

user32

CharPrevExA
CharUpperW

kernel32

ResetEvent
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
GetLastError
MultiByteToWideChar
WideCharToMultiByte
CloseHandle
CreateFileW
SetFileAttributesW
GetProcAddress
GetModuleHandleW
CreateDirectoryW
DeleteFileW
GetTempPathW
SetLastError
GetCurrentProcessId
GetTickCount
GetCurrentThreadId
FindClose
FindFirstFileW
GetModuleHandleA
GetFileAttributesW
ReadFile
WriteFile
CompareFileTime
GetSystemInfo
DosDateTimeToFileTime
FileTimeToDosDateTime
GetSystemTimeAsFileTime
EnterCriticalSection
LeaveCriticalSection
WaitForMultipleObjects
LocalFileTimeToFileTime
GetVersionExW
DeleteCriticalSection
FileTimeToLocalFileTime
QueryPerformanceCounter
VirtualAlloc
VirtualFree
WaitForSingleObject
CreateEventW
SetEvent
CreateSemaphoreW
ReleaseSemaphore
InitializeCriticalSection
RaiseException
RtlUnwind
HeapAlloc
HeapFree
HeapReAlloc
ExitThread
CreateThread
GetCommandLineA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
HeapCreate
HeapDestroy
Sleep
ExitProcess
HeapSize
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
VirtualQuery
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount

Exports

Exports

CreateDecoder
CreateEncoder
CreateObject
GetHandlerProperty
GetHandlerProperty2
GetHashers
GetIsArc
GetMethodProperty
GetNumberOfFormats
GetNumberOfMethods
SetCaseSensitive
SetCodecs
SetLargePageMode

Sections

.text
Size: 778KB - Virtual size: 777KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f4f8fbf00f18abec95a604a0e1a33515

Headers

File Characteristics

Imports

oleaut32

user32

kernel32

Exports

Exports

Sections

.text Size: 778KB - Virtual size: 777KB

.rdata Size: 101KB - Virtual size: 100KB

.data Size: 5KB - Virtual size: 41KB

.rsrc Size: 95KB - Virtual size: 94KB

.reloc Size: 34KB - Virtual size: 34KB

.text
Size: 778KB - Virtual size: 777KB

.rdata
Size: 101KB - Virtual size: 100KB

.data
Size: 5KB - Virtual size: 41KB

.rsrc
Size: 95KB - Virtual size: 94KB

.reloc
Size: 34KB - Virtual size: 34KB