oFXJvZXnCMjeIyeh[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

oFXJvZXnCMjeIyeh.exe
Size

1.4MB
MD5

cbfdc4a498eb980af8a128aacddc48ff
SHA1

ae9638cf963b68154b3349f7abb31ceed854f42f
SHA256

292da7316504fc7cb00e13443296473eecf11357d4f3c50dac74354997ea02e8
SHA512

a02e87818f9fc875a62aa91425fa18aa8a56c7e75a942c3890759f28962fa1170c5b23d1224a7e735a36ff8b9f869d02eea6b759c0a0997bd1aff4d6153c71ed
SSDEEP

24576:xUu52av0xBCtW5CKt2JXdwMLiOsKOz66bpjseS8uvTEMyK8xpYJL8QAIs5CLBpwT:f52av0xlCY2JXdwMLiFKqpS8ubEMyKzk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
oFXJvZXnCMjeIyeh.exe

Files

oFXJvZXnCMjeIyeh.exe
.exe windows:6 windows x64 arch:x64

298fe4320cdd28d28ab7a831620f2d78

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

advapi32

RegQueryValueW

shell32

SHGetDiskFreeSpaceExW

kernel32

GetModuleHandleA

user32

MessageBoxA

Sections

.data
Size: - Virtual size: 708KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.pdata
Size: - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 787KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE