1da656b1a5ab3d5fe578eb6bcfd078bf68df4a7ecc570b611686b0213cb54775[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

1da656b1a5ab3d5fe578eb6bcfd078bf68df4a7ecc570b611686b0213cb54775.exe
Size

14.7MB
MD5

43b1b2c0a77f854b3da78dcea07dde13
SHA1

3bba28b52b62a793bbfab4a70e086d914534c131
SHA256

1da656b1a5ab3d5fe578eb6bcfd078bf68df4a7ecc570b611686b0213cb54775
SHA512

27cf1ccc678f8965697685d494a210ee2215c7899318b78e817097576009cf715de905c08bb0804a72970ef6e818152898c6ec2fff8b61dab4601759cc8654a3
SSDEEP

196608:TbI0WbFRHC+NnoqXR/vr8Fgbzb4oK8kdVAsPzTHrVyhwxucf08VqYdUmyg9Dl/kM:FWfTh/vrFzb4oK8iDLTL8py98a/kVAP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1da656b1a5ab3d5fe578eb6bcfd078bf68df4a7ecc570b611686b0213cb54775.exe

Files

1da656b1a5ab3d5fe578eb6bcfd078bf68df4a7ecc570b611686b0213cb54775.exe
.exe windows:6 windows x64 arch:x64

707c87659a8652c67689ad2fe3348d58

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

api-ms-win-core-synch-l1-2-0

WakeByAddressAll

bcryptprimitives

ProcessPrng

advapi32

RegOpenKeyExW

kernel32

InitializeCriticalSectionAndSpinCount
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

GetCursorPos

ntdll

NtCreateFile

dwmapi

DwmGetWindowAttribute

oleaut32

SysFreeString

comctl32

DefSubclassProc

shell32

DragQueryFileW

ole32

RegisterDragDrop

bcrypt

BCryptGenRandom

ws2_32

getsockname

gdi32

CreateRectRgn

crypt32

CertFreeCertificateContext

secur32

FreeContextBuffer

shlwapi

SHCreateMemStream

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-string-l1-1-0

_wcsicmp

api-ms-win-crt-heap-l1-1-0

_set_new_mode

api-ms-win-crt-utility-l1-1-0

_rotl64

api-ms-win-crt-convert-l1-1-0

wcstol

api-ms-win-crt-runtime-l1-1-0

_register_onexit_function

api-ms-win-crt-stdio-l1-1-0

_set_fmode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: - Virtual size: 4.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 234KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nmt0
Size: - Virtual size: 7.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.nmt1
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nmt2
Size: 14.6MB - Virtual size: 14.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

707c87659a8652c67689ad2fe3348d58

Headers

DLL Characteristics

File Characteristics

Imports

api-ms-win-core-synch-l1-2-0

bcryptprimitives

advapi32

kernel32

user32

ntdll

dwmapi

oleaut32

comctl32

shell32

ole32

bcrypt

ws2_32

gdi32

crypt32

secur32

shlwapi

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: - Virtual size: 4.5MB

.rdata Size: - Virtual size: 2.2MB

.data Size: - Virtual size: 13KB

.pdata Size: - Virtual size: 234KB

.nmt0 Size: - Virtual size: 7.2MB

.nmt1 Size: 5KB - Virtual size: 5KB

.nmt2 Size: 14.6MB - Virtual size: 14.6MB

.rsrc Size: 57KB - Virtual size: 56KB

.text
Size: - Virtual size: 4.5MB

.rdata
Size: - Virtual size: 2.2MB

.data
Size: - Virtual size: 13KB

.pdata
Size: - Virtual size: 234KB

.nmt0
Size: - Virtual size: 7.2MB

.nmt1
Size: 5KB - Virtual size: 5KB

.nmt2
Size: 14.6MB - Virtual size: 14.6MB

.rsrc
Size: 57KB - Virtual size: 56KB