9ETESUn7ZZ[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

9ETESUn7ZZ.exe
Size

57.4MB
MD5

df74fc54fcb2f307e87e6de2b4950a67
SHA1

e1efcdb7c70200e45ba74c9d46dda1695cdfc4f1
SHA256

cc9fb8a89c6d2b1dd3c724525fec3dc28e23bb1fca68126f2d3fcb0ce236cb23
SHA512

2d5dfe57ea8bb19844b060832e3b143687e8cf1838d2635e401ba157346f233ceba3d619c42baf7912d2e75785520d751451ab9511910ee3d48495134dd939b2
SSDEEP

1572864:6pQW6oFvogoVcXSS3g1EWRG1mnc6gfTbeEo0kynMC6q:g6yw+CS3g1FU/nvI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9ETESUn7ZZ.exe

Files

9ETESUn7ZZ.exe
.exe windows:6 windows x64 arch:x64

b5a505e65c460aeec927e361fbdf4b78

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

ws2_32

bind

ole32

CreateStreamOnHGlobal

kernel32

GetVersionExA

user32

MonitorFromWindow

gdi32

SelectClipRgn

advapi32

RegCopyTreeW

shell32

CommandLineToArgvW

oleaut32

SysFreeString

shlwapi

StrStrW

iphlpapi

SendARP

d3d9

Direct3DCreate9

ntdll

RtlVirtualUnwind

gdiplus

GdipDisposeImage

msimg32

AlphaBlend

crypt32

CryptMsgOpenToDecode

Sections

?P\WiMsP
Size: - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

P05\<sph
Size: - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

SZzCg_T^
Size: - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pq&58CD`
Size: - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

xF2KRk(m
Size: - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

#4\>a\'j
Size: - Virtual size: 35.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

4vq64(8B
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

W5ZBR\Vn
Size: 57.2MB - Virtual size: 57.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

azc(^8/i
Size: 213KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b5a505e65c460aeec927e361fbdf4b78

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

ole32

kernel32

user32

gdi32

advapi32

shell32

oleaut32

shlwapi

iphlpapi

d3d9

ntdll

gdiplus

msimg32

crypt32

Sections

?P\WiMsP Size: - Virtual size: 2.7MB

P05\<sph Size: - Virtual size: 1.1MB

SZzCg_T^ Size: - Virtual size: 102KB

pq&58CD` Size: - Virtual size: 91KB

xF2KRk(m Size: - Virtual size: 348B

#4\>a\'j Size: - Virtual size: 35.8MB

4vq64(8B Size: 5KB - Virtual size: 5KB

W5ZBR\Vn Size: 57.2MB - Virtual size: 57.2MB

azc(^8/i Size: 213KB - Virtual size: 212KB

?P\WiMsP
Size: - Virtual size: 2.7MB

P05\<sph
Size: - Virtual size: 1.1MB

SZzCg_T^
Size: - Virtual size: 102KB

pq&58CD`
Size: - Virtual size: 91KB

xF2KRk(m
Size: - Virtual size: 348B

#4\>a\'j
Size: - Virtual size: 35.8MB

4vq64(8B
Size: 5KB - Virtual size: 5KB

W5ZBR\Vn
Size: 57.2MB - Virtual size: 57.2MB

azc(^8/i
Size: 213KB - Virtual size: 212KB