6e6e0f85b332495222793b669771cf4306ff4dcaf43332b01c82aa9fef804a2e[.]exe

Resubmissions

31/08/2024, 19:03

240831-xqcfxazepd 9

30/08/2024, 01:26

240830-bthanssbpm 9

29/08/2024, 01:37

240829-b1vvcayfrl 9

Sharing

Copy URL Twitter E-mail

General

Target

6e6e0f85b332495222793b669771cf4306ff4dcaf43332b01c82aa9fef804a2e.exe
Size

191KB
MD5

f9a57c9d0169399db948fb0509c38b5a
SHA1

f91564a517f274b8230cbe28a82ff27d52d921d8
SHA256

6e6e0f85b332495222793b669771cf4306ff4dcaf43332b01c82aa9fef804a2e
SHA512

933b97184be89ceeaadcefbd95efa2c99cd9c509bef0b3bd1611754e35aab368941289c4598c0004631c704276423e0bbd3b914bf4575261633ba5147e65061a
SSDEEP

3072:0ziTIl9Kg9hqlvUoGnjHGeC77TQ3LqeKhsHORP8WWB5dHZiy:0GIl9KShqlvpqjHGI+eGTP8WWBrUy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6e6e0f85b332495222793b669771cf4306ff4dcaf43332b01c82aa9fef804a2e.exe

Files

6e6e0f85b332495222793b669771cf4306ff4dcaf43332b01c82aa9fef804a2e.exe
.exe windows:6 windows x64 arch:x64

0259493a3001eae78ed4785e8c39ed47

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

rustycry_v7.pdb

Imports

api-ms-win-core-synch-l1-2-0

WakeByAddressSingle
WakeByAddressAll
WaitOnAddress

advapi32

SystemFunction036

kernel32

GetCurrentThreadId
QueryPerformanceCounter
IsProcessorFeaturePresent
SetFilePointerEx
GetLastError
CloseHandle
MoveFileExW
GetStdHandle
GetConsoleMode
WideCharToMultiByte
AddVectoredExceptionHandler
SetThreadStackGuarantee
GetCurrentThread
lstrlenW
HeapFree
HeapReAlloc
GetFileInformationByHandle
WaitForSingleObject
MultiByteToWideChar
WriteConsoleW
GetModuleHandleA
GetProcAddress
SetLastError
GetModuleHandleW
FormatMessageW
CreateFileW
SetFileInformationByHandle
GetFileInformationByHandleEx
GetFullPathNameW
FindNextFileW
FindFirstFileW
FindClose
ReadConsoleW
HeapAlloc
GetProcessHeap
GetCurrentDirectoryW
RtlCaptureContext
RtlLookupFunctionEntry
WaitForSingleObjectEx
LoadLibraryA
GetCurrentProcess
GetCurrentProcessId
CreateMutexA
ReleaseMutex
RtlVirtualUnwind
GetEnvironmentVariableW
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InitializeSListHead
IsDebuggerPresent

ole32

CoTaskMemFree

shell32

SHGetKnownFolderPath

bcrypt

BCryptGenRandom

ntdll

NtReadFile
NtWriteFile
RtlNtStatusToDosError

vcruntime140

__current_exception_context
__current_exception
memcpy
memset
memmove
__CxxFrameHandler3
memcmp
__C_specific_handler

api-ms-win-crt-runtime-l1-1-0

exit
_exit
_initterm_e
__p___argc
__p___argv
_cexit
_initterm
_register_thread_local_exe_atexit_callback
_get_initial_narrow_environment
_initialize_narrow_environment
_configure_narrow_argv
_initialize_onexit_table
_register_onexit_function
_crt_atexit
terminate
_set_app_type
_c_exit
_seh_filter_exe

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-stdio-l1-1-0

__p__commode
_set_fmode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

free
_set_new_mode

Sections

.text
Size: 142KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 720B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

0259493a3001eae78ed4785e8c39ed47

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

api-ms-win-core-synch-l1-2-0

advapi32

kernel32

ole32

shell32

bcrypt

ntdll

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-heap-l1-1-0

Sections

.text Size: 142KB - Virtual size: 141KB

.rdata Size: 41KB - Virtual size: 40KB

.data Size: 512B - Virtual size: 720B

.pdata Size: 5KB - Virtual size: 5KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 142KB - Virtual size: 141KB

.rdata
Size: 41KB - Virtual size: 40KB

.data
Size: 512B - Virtual size: 720B

.pdata
Size: 5KB - Virtual size: 5KB

.reloc
Size: 1KB - Virtual size: 1KB