vvlRR3S7p3xD[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

vvlRR3S7p3xD.exe
Size

24.9MB
MD5

603a4629bba05e5beb5bde51113f13f3
SHA1

4faae7867a7419116762c45b83a3da7c3bdab5e0
SHA256

549324610ed86ba446ce6977d045c25d540b2d8df97df32e46f87ec44c93e708
SHA512

dd06300f26b056d38a2ca755f57ecc1030107a1758c642d0dce7ac652d24488238fe73d485a65ae2b48391b8613809a394734cbf7a9dffebfc9af34922a77560
SSDEEP

393216:xqdzJiIq6n3XWVQl4SzGWG8PSHxh+jyS2vQTGNIw7OXCysGaw9R6H3eG86E:kn3X/ldnPSHxw3aNmXX6XeG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
vvlRR3S7p3xD.exe

Files

vvlRR3S7p3xD.exe
.exe windows:6 windows x64 arch:x64

ea89fe3ee78d7284b20abc1044186ac3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

ws2_32

socket

d3d9

Direct3DCreate9

kernel32

RtlAddFunctionTable
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
GetModuleHandleA
LoadLibraryA
GetProcAddress

user32

GetCursorPos

advapi32

RegCloseKey

d3dx9_43

D3DXCreateTextureFromFileInMemory

imm32

ImmReleaseContext

xinput1_3

ord2

Sections

.text
Size: - Virtual size: 881KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 691KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fptable
Size: - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.6^N
Size: - Virtual size: 14.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.JVn
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.{lS
Size: 24.9MB - Virtual size: 24.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ea89fe3ee78d7284b20abc1044186ac3

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

d3d9

kernel32

user32

advapi32

d3dx9_43

imm32

xinput1_3

Sections

.text Size: - Virtual size: 881KB

.rdata Size: - Virtual size: 205KB

.data Size: - Virtual size: 691KB

.pdata Size: - Virtual size: 36KB

_RDATA Size: - Virtual size: 500B

.fptable Size: - Virtual size: 256B

.6^N Size: - Virtual size: 14.5MB

.JVn Size: 3KB - Virtual size: 3KB

.{lS Size: 24.9MB - Virtual size: 24.9MB

.text
Size: - Virtual size: 881KB

.rdata
Size: - Virtual size: 205KB

.data
Size: - Virtual size: 691KB

.pdata
Size: - Virtual size: 36KB

_RDATA
Size: - Virtual size: 500B

.fptable
Size: - Virtual size: 256B

.6^N
Size: - Virtual size: 14.5MB

.JVn
Size: 3KB - Virtual size: 3KB

.{lS
Size: 24.9MB - Virtual size: 24.9MB