selenium-manager[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

selenium-manager.exe
Size

4.0MB
MD5

43511bc0b0c93795ac183513350713d1
SHA1

d4b250ad1d96282bd46fcdf5f9c05d40f27f892b
SHA256

13bd63fa51a75bbf1b98beb221edceed3f33bacf2e3b25cd39ef4e6ac84371eb
SHA512

288c44a41785310061e1ad5638a5d42c880224fab2b7a10112a31aba35ac41b4b849ee27c8622d2190ed6400957ba03119eebbd88e0eb9fd76cd279eba734111
SSDEEP

49152:yrGhk4IOHpdrbBaTO1r/jKai1SB04Sjzaz9U9fc7FjPIaN7G8yzEmivxsyGg2IUP:VH5HpraTOF/jos0bjOz9OklyHiv3R+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
selenium-manager.exe

Files

selenium-manager.exe
.exe windows:6 windows x86 arch:x86

1d4b00e48c5e811dd385e4d9219a4ec7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

bcrypt

BCryptGenRandom

advapi32

SystemFunction036
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

kernel32

CloseHandle
SwitchToThread
ReleaseSRWLockExclusive
GetCommandLineW
AddVectoredExceptionHandler
SetThreadStackGuarantee
GetLastError
HeapFree
HeapReAlloc
GetConsoleMode
SetConsoleMode
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
GetFileSizeEx
HeapSize
lstrlenW
TryAcquireSRWLockExclusive
TlsGetValue
TlsSetValue
AcquireSRWLockExclusive
SetFileTime
GetConsoleOutputCP
FlushFileBuffers
DecodePointer
GetBinaryTypeW
GetStdHandle
GetFileType
GetFileInformationByHandleEx
LCMapStringW
GetQueuedCompletionStatusEx
CompareStringW
CreateIoCompletionPort
SetFileCompletionNotificationModes
GetStringTypeW
SetStdHandle
SetEnvironmentVariableW
GetFileInformationByHandle
WakeAllConditionVariable
SetLastError
WaitForMultipleObjects
GetOverlappedResult
WaitForSingleObject
GetExitCodeProcess
CopyFileExW
SetHandleInformation
WideCharToMultiByte
GetModuleHandleA
GetProcAddress
GetCurrentThread
InitOnceBeginInitialize
TlsAlloc
InitOnceComplete
TlsFree
MultiByteToWideChar
WriteConsoleW
QueryPerformanceCounter
QueryPerformanceFrequency
GetModuleHandleW
FormatMessageW
GetCurrentDirectoryW
ReleaseMutex
WaitForSingleObjectEx
LoadLibraryA
GetCurrentProcess
GetCurrentProcessId
CreateMutexA
RtlCaptureContext
GetEnvironmentVariableW
GetTempPathW
GetModuleFileNameW
CreateFileW
SetFileInformationByHandle
GetFullPathNameW
GetFinalPathNameByHandleW
SetFilePointerEx
FindNextFileW
CreateDirectoryW
FindFirstFileW
FindClose
GetCPInfo
GetOEMCP
GetACP
GetEnvironmentStringsW
FreeEnvironmentStringsW
CompareStringOrdinal
GetSystemDirectoryW
GetWindowsDirectoryW
CreateProcessW
GetFileAttributesW
DuplicateHandle
InitializeProcThreadAttributeList
UpdateProcThreadAttribute
DeleteProcThreadAttributeList
CreateNamedPipeW
CreateThread
ReadFileEx
SleepEx
WriteFileEx
CreateEventW
CancelIo
ReadFile
ExitProcess
GetSystemTimeAsFileTime
GetProcessHeap
HeapAlloc
AcquireSRWLockShared
ReleaseSRWLockShared
DeleteFileW
MoveFileExW
SleepConditionVariableSRW
CreateSymbolicLinkW
CreateHardLinkW
SetFileAttributesW
WakeConditionVariable
PostQueuedCompletionStatus
IsValidCodePage
FindFirstFileExW
GetSystemInfo
OutputDebugStringW
GetCommandLineA
WriteFile
GetModuleHandleExW
RaiseException
LoadLibraryExW
FreeLibrary
InitializeCriticalSectionAndSpinCount
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
GetCurrentThreadId
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
RtlUnwind
EncodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection

shell32

SHGetKnownFolderPath

ole32

CoTaskMemFree

ws2_32

freeaddrinfo
getaddrinfo
bind
shutdown
connect
recv
ioctlsocket
WSASocketW
WSASend
closesocket
WSAIoctl
WSACleanup
setsockopt
send
getsockname
WSAGetLastError
getpeername
getsockopt
WSAStartup

ntdll

NtCancelIoFileEx
NtWriteFile
RtlNtStatusToDosError
NtDeviceIoControlFile
NtCreateFile
NtReadFile

Sections

.text
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1d4b00e48c5e811dd385e4d9219a4ec7

Headers

DLL Characteristics

File Characteristics

Imports

bcrypt

advapi32

kernel32

shell32

ole32

ws2_32

ntdll

Sections

.text Size: 2.6MB - Virtual size: 2.6MB

.rdata Size: 1.3MB - Virtual size: 1.3MB

.data Size: 6KB - Virtual size: 9KB

.reloc Size: 93KB - Virtual size: 92KB

.text
Size: 2.6MB - Virtual size: 2.6MB

.rdata
Size: 1.3MB - Virtual size: 1.3MB

.data
Size: 6KB - Virtual size: 9KB

.reloc
Size: 93KB - Virtual size: 92KB