6vCuCcOa0q4Qfuu[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

6vCuCcOa0q4Qfuu.exe
Size

8.8MB
MD5

a8ef06b1272a44e36d271e7764ecea59
SHA1

62126ef7097f68eddfe0620143b13682481913b6
SHA256

22e8296dcc096f37d2de3d53f2e4c291bcc1ecff63eaab74676a531343225074
SHA512

237615240b64b1d716287279ae20d5e62861624c73f353585fcd5c77a9994bbb5cb5f980befd8eec06d3ed7859b6fdb7a807aaf9fb5d1989bb939d33bb056dec
SSDEEP

196608:RPRKC5SM3Gxg6M1NzReRjqZ0i5rG/6BolhEAb79w+2hMMgEtKW3jF:3KjMsgLjMRQ1DaPZ7D2mJEtNF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6vCuCcOa0q4Qfuu.exe

Files

6vCuCcOa0q4Qfuu.exe
.exe windows:6 windows x64 arch:x64

9c4c56e64dd688bdc176cf5d67a85702

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

ws2_32

getsockopt

ntdll

RtlInitUnicodeString

version

GetFileVersionInfoA

ole32

CoInitializeSecurity

oleaut32

VariantClear

wldap32

ord301

normaliz

IdnToAscii

crypt32

CertOpenStore

kernel32

GetStartupInfoW
GetVersion
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

advapi32

RegDeleteKeyW

user32

CharUpperBuffW

Sections

.text
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 7.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.l4-
Size: - Virtual size: 3.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.(B~
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.*>(
Size: 8.8MB - Virtual size: 8.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9c4c56e64dd688bdc176cf5d67a85702

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

ntdll

version

ole32

oleaut32

wldap32

normaliz

crypt32

kernel32

advapi32

user32

Sections

.text Size: - Virtual size: 1.3MB

.rdata Size: - Virtual size: 7.6MB

.data Size: - Virtual size: 166KB

.pdata Size: - Virtual size: 49KB

_RDATA Size: - Virtual size: 348B

.l4- Size: - Virtual size: 3.6MB

.(B~ Size: 4KB - Virtual size: 3KB

.*>( Size: 8.8MB - Virtual size: 8.8MB

.reloc Size: 512B - Virtual size: 200B

.rsrc Size: 512B - Virtual size: 480B

.text
Size: - Virtual size: 1.3MB

.rdata
Size: - Virtual size: 7.6MB

.data
Size: - Virtual size: 166KB

.pdata
Size: - Virtual size: 49KB

_RDATA
Size: - Virtual size: 348B

.l4-
Size: - Virtual size: 3.6MB

.(B~
Size: 4KB - Virtual size: 3KB

.*>(
Size: 8.8MB - Virtual size: 8.8MB

.reloc
Size: 512B - Virtual size: 200B

.rsrc
Size: 512B - Virtual size: 480B