psdxz[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

psdxz.exe
Size

1.9MB
MD5

fe957d8ed21af6d2db632e489aed777a
SHA1

d7aba80b49d2cfe4349642a44b2786fac03eb216
SHA256

a89968afe0702707f191f65bdd8c3f712026a7c577d72f7774efb04754bd1971
SHA512

0256fcad7ffa7aa802621f1bbe5e5da23d57b1e5ecdb8ca9d859cf3cd2057c1179731a14c58c81f93e580bb4ba468bceb01cb28e0099da001541d536006e54a1
SSDEEP

49152:XMiQF4qygbAqM8EHRSrt2JRkl8SMpdP5YdCc5:GFdbHM1SIvk2SkPSdCQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
psdxz.exe

Files

psdxz.exe
.exe windows:6 windows x86 arch:x86

48d4a6a3111a18b082fa3638b1568f64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
GetModuleHandleA
LoadLibraryA
GetProcAddress

Sections

.text
Size: - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 6.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

..w!
Size: - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Ilv
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.08:
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ