868a62feff8b46466e9d63b83135a7987bf6d332c13739aa11b747b3e2ad4bbf_e03cebf73546c01c8da9cb6ebc4db70fd4f0a8c9d4c9ccaf47e0cef7d184bd05[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

868a62feff8b46466e9d63b83135a7987bf6d332c13739aa11b747b3e2ad4bbf_e03cebf73546c01c8da9cb6ebc4db70fd4f0a8c9d4c9ccaf47e0cef7d184bd05.exe
Size

191KB
MD5

526b20aa98014df3fb3d0ccb653d2b60
SHA1

da1e964800f951a3a094088d445b494ba13715c9
SHA256

e03cebf73546c01c8da9cb6ebc4db70fd4f0a8c9d4c9ccaf47e0cef7d184bd05
SHA512

8a6c8ac75db125d5fb501de4909717d0373a269665238210d7d4131ee2b9a264ad0743425b47c843c1d00525262dceee36a0e42a6a3b9c59a343dd47fc5c168f
SSDEEP

3072:57q8J8o4iiUkq8e12x0VcTt7+86aaNew+0R3Dhc+Dl7RMBrbHKrp:57FJ8onR8lPTN+86aoePo3yfMp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
868a62feff8b46466e9d63b83135a7987bf6d332c13739aa11b747b3e2ad4bbf_e03cebf73546c01c8da9cb6ebc4db70fd4f0a8c9d4c9ccaf47e0cef7d184bd05.exe

Files

868a62feff8b46466e9d63b83135a7987bf6d332c13739aa11b747b3e2ad4bbf_e03cebf73546c01c8da9cb6ebc4db70fd4f0a8c9d4c9ccaf47e0cef7d184bd05.exe
.exe windows:5 windows x64 arch:x64

738211057331e8a6894afc3561f5a798

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
CreateThread
WaitForSingleObject
InitializeCriticalSection
ExitProcess
GetModuleHandleA
MultiByteToWideChar
GetTickCount
LeaveCriticalSection
EnterCriticalSection
CreateFileW
FlushFileBuffers
WriteConsoleW
SetStdHandle
GetStringTypeW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
OutputDebugStringW
EncodePointer
DecodePointer
GetLastError
HeapFree
HeapAlloc
GetModuleHandleExW
WideCharToMultiByte
GetCommandLineA
RtlPcToFileHeader
RaiseException
RtlLookupFunctionEntry
RtlUnwindEx
HeapSize
IsProcessorFeaturePresent
GetProcessHeap
GetStdHandle
WriteFile
GetModuleFileNameW
SetLastError
GetCurrentThreadId
IsDebuggerPresent
DeleteCriticalSection
RtlCaptureContext
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
LoadLibraryExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetFileType
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
HeapReAlloc
LCMapStringW
CloseHandle

ws2_32

inet_ntoa

gdiplus

GdipDisposeImage
GdipGetImageEncoders
GdipAlloc
GdipFree
GdipSaveImageToStream
GdipCloneImage
GdipGetImageEncodersSize
GdipCreateBitmapFromHBITMAP

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.bss
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

738211057331e8a6894afc3561f5a798

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ws2_32

gdiplus

Sections

.text Size: 116KB - Virtual size: 115KB

.rdata Size: 45KB - Virtual size: 45KB

.data Size: 12KB - Virtual size: 22KB

.pdata Size: 5KB - Virtual size: 4KB

.reloc Size: 2KB - Virtual size: 2KB

.bss Size: 512B - Virtual size: 512B

.text
Size: 116KB - Virtual size: 115KB

.rdata
Size: 45KB - Virtual size: 45KB

.data
Size: 12KB - Virtual size: 22KB

.pdata
Size: 5KB - Virtual size: 4KB

.reloc
Size: 2KB - Virtual size: 2KB

.bss
Size: 512B - Virtual size: 512B