9855e55aa6ca46a658b0595793dbf327522ba2e1b476376348961b786db054d7[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

9855e55aa6ca46a658b0595793dbf327522ba2e1b476376348961b786db054d7.exe
Size

72KB
MD5

e2c453f25b379d53f8b961bd84ec42dc
SHA1

a52611bef97abe39a6822bd7fca24cd1922a5f9e
SHA256

9855e55aa6ca46a658b0595793dbf327522ba2e1b476376348961b786db054d7
SHA512

561643ea25cca1d302acdc4d7a89a3e7a193c9940c18608f67c88e3fcd5e3c6d67e897711d357e451aa06628f6affd59194b9213e13d8db440cecd09f87ffbc4
SSDEEP

768:23iOHzbblPTLTyfsILlUcO3kFwnumyb6ngFeKCvFf5/ZzKSV5a0BC6wVqufnJ3bF:2iOvlLD3/o6g1Cdj+odaJ3b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9855e55aa6ca46a658b0595793dbf327522ba2e1b476376348961b786db054d7.exe

Files

9855e55aa6ca46a658b0595793dbf327522ba2e1b476376348961b786db054d7.exe
.exe windows:5 windows x64 arch:x64

30b848f8470b4bbeec443251b6ecb3e7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

MultiByteToWideChar
WideCharToMultiByte
ReadFile
GetFileSizeEx
GetModuleHandleA
GetFileAttributesA
CreateFileA
ExitProcess
InitializeSListHead
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
FreeLibrary
GetModuleHandleExW
VirtualQuery
VirtualProtect
VirtualAlloc
GetSystemDirectoryW
GetTickCount
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
GetCurrentThreadId
TerminateProcess
GetCurrentProcessId
GetCurrentProcess
Sleep
QueryPerformanceCounter
SetLastError
GetLastError
RaiseException
AreFileApisANSI
GetFileAttributesW

user32

DestroyWindow
PostQuitMessage
TranslateMessage
GetMessageA
DispatchMessageA
LoadCursorA
GetWindowTextA
SetWindowTextA
MessageBoxA
DefWindowProcA
CreateWindowExA
LoadIconA
RegisterClassExA
UpdateWindow

msvcrt

memmove
memset
_CxxThrowException
__CxxFrameHandler
memcpy
free
__C_specific_handler
atof
_initterm
_callnewh
__pctype_func
tolower
_errno
strtol
malloc
__getmainargs
_msize
_XcptFilter
__set_app_type
_ismbblead
_acmdln
_fmode
___lc_handle_func
?_set_new_mode@@YAHH@Z
_commode
?terminate@@YAXXZ
___lc_codepage_func
ceil
log10
realloc
_clearfp
_amsg_exit
strrchr

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gehcont
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 364B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

30b848f8470b4bbeec443251b6ecb3e7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

msvcrt

Sections

.text Size: 40KB - Virtual size: 40KB

.rdata Size: 26KB - Virtual size: 26KB

.data Size: 1024B - Virtual size: 2KB

.pdata Size: 2KB - Virtual size: 2KB

.gehcont Size: 512B - Virtual size: 4B

.reloc Size: 512B - Virtual size: 364B

.text
Size: 40KB - Virtual size: 40KB

.rdata
Size: 26KB - Virtual size: 26KB

.data
Size: 1024B - Virtual size: 2KB

.pdata
Size: 2KB - Virtual size: 2KB

.gehcont
Size: 512B - Virtual size: 4B

.reloc
Size: 512B - Virtual size: 364B