tf2WITkp3GI0IXpT[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

tf2WITkp3GI0IXpT.exe
Size

61.3MB
MD5

c23c9f34942a93c1103f86b27d37d01e
SHA1

8c72a55d0434a023524fbee4dd1cb105118ea914
SHA256

a92567e1b35220cf2a0c81ccf523dd8f80bcd6642f19d1852c415b30f867e645
SHA512

c7506abd1e27e522a0a2a0403d057ff6d5074165de6d84d81e826d69188a4229d9578bdabb0dff9dca02730df77eae6079de7af1b4cf9290d87cf84240457df2
SSDEEP

1572864:ig2N1trYIQehakTpd8rNeVTK8z8T8vL5e1O87pT:igKDjf8p+Rz88m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
tf2WITkp3GI0IXpT.exe

Files

tf2WITkp3GI0IXpT.exe
.exe windows:6 windows x64 arch:x64

627b54118e4a7dabcf7ec7f7857a797a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

shell32

SHFileOperationW

kernel32

EnterCriticalSection
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

Sections

.text
Size: - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: - Virtual size: 45.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 61.3MB - Virtual size: 61.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 280B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

627b54118e4a7dabcf7ec7f7857a797a

Headers

DLL Characteristics

File Characteristics

Imports

shell32

kernel32

Sections

.text Size: - Virtual size: 128KB

.rdata Size: - Virtual size: 50KB

.data Size: - Virtual size: 75KB

.pdata Size: - Virtual size: 6KB

_RDATA Size: - Virtual size: 500B

Size: - Virtual size: 45.6MB

Size: 2KB - Virtual size: 2KB

Size: 61.3MB - Virtual size: 61.3MB

.reloc Size: 512B - Virtual size: 280B

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: - Virtual size: 128KB

.rdata
Size: - Virtual size: 50KB

.data
Size: - Virtual size: 75KB

.pdata
Size: - Virtual size: 6KB

_RDATA
Size: - Virtual size: 500B

.reloc
Size: 512B - Virtual size: 280B

.rsrc
Size: 1KB - Virtual size: 1KB