V87QLM3YKC8MKZT8DFLI0TVZ2[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

V87QLM3YKC8MKZT8DFLI0TVZ2.exe
Size

62.9MB
MD5

4d48a9c192e903e79245e15ad52ac1f6
SHA1

4d9b13933f5c0b49af6ba7dbe6c66af731dfdd69
SHA256

c48d9009fd313e44475c4b5af2602e4cd9e1f3093fbef93c9d8e74c049968408
SHA512

7fd4005189b4188d1f70a6e29403f0bddcd88fbaa45c1c63e78232693fb981cbc1e1182eab7164f12902753af9a69b752f4bd6e78b5f839405de842d666aa58f
SSDEEP

1572864:WlLF2dw15FU/zHdj9c9XK74yDXGDeiEjW+hQdhAvAHs:WlYw1WJiGXGDeiRM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
V87QLM3YKC8MKZT8DFLI0TVZ2.exe

Files

V87QLM3YKC8MKZT8DFLI0TVZ2.exe
.exe windows:6 windows x64 arch:x64

b5a505e65c460aeec927e361fbdf4b78

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

ws2_32

bind

ole32

CreateStreamOnHGlobal

kernel32

GetVersionExA

user32

MonitorFromWindow

gdi32

SelectClipRgn

advapi32

RegCopyTreeW

shell32

CommandLineToArgvW

oleaut32

SysFreeString

shlwapi

StrStrW

iphlpapi

SendARP

d3d9

Direct3DCreate9

ntdll

RtlVirtualUnwind

gdiplus

GdipDisposeImage

msimg32

AlphaBlend

crypt32

CryptMsgOpenToDecode

Sections

P-iaKM]D
Size: - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

)1RIM:2n
Size: - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

U.(6f.VN
Size: - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

\y^vIIFh
Size: - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

jn$w9=$5
Size: - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

C!g>#O+4
Size: - Virtual size: 39.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

4Yd1ICUr
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

)vk-w#<2
Size: 62.7MB - Virtual size: 62.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

RGEomMEt
Size: 213KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b5a505e65c460aeec927e361fbdf4b78

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

ole32

kernel32

user32

gdi32

advapi32

shell32

oleaut32

shlwapi

iphlpapi

d3d9

ntdll

gdiplus

msimg32

crypt32

Sections

P-iaKM]D Size: - Virtual size: 2.7MB

)1RIM:2n Size: - Virtual size: 1.1MB

U.(6f.VN Size: - Virtual size: 102KB

\y^vIIFh Size: - Virtual size: 91KB

jn$w9=$5 Size: - Virtual size: 348B

C!g>#O+4 Size: - Virtual size: 39.2MB

4Yd1ICUr Size: 5KB - Virtual size: 5KB

)vk-w#<2 Size: 62.7MB - Virtual size: 62.7MB

RGEomMEt Size: 213KB - Virtual size: 212KB

P-iaKM]D
Size: - Virtual size: 2.7MB

)1RIM:2n
Size: - Virtual size: 1.1MB

U.(6f.VN
Size: - Virtual size: 102KB

\y^vIIFh
Size: - Virtual size: 91KB

jn$w9=$5
Size: - Virtual size: 348B

C!g>#O+4
Size: - Virtual size: 39.2MB

4Yd1ICUr
Size: 5KB - Virtual size: 5KB

)vk-w#<2
Size: 62.7MB - Virtual size: 62.7MB

RGEomMEt
Size: 213KB - Virtual size: 212KB