sheheveu[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

sheheveu.exe
Size

38.4MB
MD5

189bd056081e3c7b17ac8911f24008ec
SHA1

9f0a9789275ab39873e7b7671a2a99ecd6654493
SHA256

141fb5461461911994ffe8716ffb10ca9fda3068fe6c741a4fc7f8a7d7a909f9
SHA512

52f444742959a7c2aaa709f106c8a053edacee7277fb07478192cf0b9a64cbb96423520a28d2b1362911a3084785aed8705f341fcd87d55b81e7e67b30d7e0e9
SSDEEP

786432:dx/UhiErIp3q72KOCoEunDB9+Gvaj/FReLe8VyW04tV+J70a:dxcTrt72142DBIFwL3V64tEJ7l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
sheheveu.exe

Files

sheheveu.exe
.exe windows:6 windows x64 arch:x64

5f68906463bddefa4362b46a6c66dda1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

user32

EnumDisplayDevicesA

kernel32

CloseHandle
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
GetModuleHandleA
LoadLibraryA
GetProcAddress

ws2_32

WSAGetLastError

advapi32

CryptAcquireContextW

Sections

j/^;dQ>*
Size: - Virtual size: 764KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

!5?I%0Jl
Size: - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_:86cjQj
Size: - Virtual size: 4.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

*z:RtnCi
Size: - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

9=Txh)]V
Size: - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

3gUcXX7*
Size: - Virtual size: 58B

h"doGo*M
Size: - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

88_J>grM
Size: - Virtual size: 20.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

4+(tA"1k
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

J@5X'C0e
Size: 38.4MB - Virtual size: 38.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

:q)>\A7h
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Eo.+ddzF
Size: 512B - Virtual size: 422B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5f68906463bddefa4362b46a6c66dda1

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

ws2_32

advapi32

Sections

j/^;dQ>* Size: - Virtual size: 764KB

!5?I%0Jl Size: - Virtual size: 162KB

_:86cjQj Size: - Virtual size: 4.2MB

*z:RtnCi Size: - Virtual size: 18KB

9=Txh)]V Size: - Virtual size: 40B

3gUcXX7* Size: - Virtual size: 58B

h"doGo*M Size: - Virtual size: 244B

88_J>grM Size: - Virtual size: 20.8MB

4+(tA"1k Size: 3KB - Virtual size: 2KB

J@5X'C0e Size: 38.4MB - Virtual size: 38.4MB

:q)>\A7h Size: 512B - Virtual size: 240B

Eo.+ddzF Size: 512B - Virtual size: 422B

j/^;dQ>*
Size: - Virtual size: 764KB

!5?I%0Jl
Size: - Virtual size: 162KB

_:86cjQj
Size: - Virtual size: 4.2MB

*z:RtnCi
Size: - Virtual size: 18KB

9=Txh)]V
Size: - Virtual size: 40B

3gUcXX7*
Size: - Virtual size: 58B

h"doGo*M
Size: - Virtual size: 244B

88_J>grM
Size: - Virtual size: 20.8MB

4+(tA"1k
Size: 3KB - Virtual size: 2KB

J@5X'C0e
Size: 38.4MB - Virtual size: 38.4MB

:q)>\A7h
Size: 512B - Virtual size: 240B

Eo.+ddzF
Size: 512B - Virtual size: 422B