ClientManager[1][.]exe

Sharing

Copy URL Twitter E-mail

General

Target

ClientManager[1].exe
Size

25.5MB
MD5

d7279182ef5c5b9c03e1d3c58772f440
SHA1

f570780987b0bb87a57bac76df3655d52bcce55e
SHA256

2a5181db051e0d08ae9931240866245860cfc552b7ea746fa853adf716e0a705
SHA512

2f8dbe9e1bf0ccf9a60433180c66d5caa57e766488438a452e750fa5665a24eabfaea48fcf6867581555b749629ed6d17e3c57e432713b5e3ef6c906b12e193f
SSDEEP

393216:MyyMp1+ojADb0mN7pIyxLhq+lRSlvdQwkWMb6Ck3i955CAJRD:j5c7pIyxU+lRyvFkWMbFkO58AJRD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ClientManager[1].exe

Files

ClientManager[1].exe
.exe windows:6 windows x64 arch:x64

a36cc53e44829b445a60ed94c020ab0c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

Process32FirstW
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

GetWindowThreadProcessId

ole32

CoInitializeSecurity

oleaut32

VariantClear

advapi32

RegEnumValueW

Sections

.text
Size: - Virtual size: 304KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.i_sec
Size: - Virtual size: 934B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ZR3
Size: - Virtual size: 15.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.x~i
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.l]G
Size: 25.5MB - Virtual size: 25.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a36cc53e44829b445a60ed94c020ab0c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ole32

oleaut32

advapi32

Sections

.text Size: - Virtual size: 304KB

.i_sec Size: - Virtual size: 934B

.rdata Size: - Virtual size: 87KB

.data Size: - Virtual size: 13KB

.pdata Size: - Virtual size: 14KB

.ZR3 Size: - Virtual size: 15.4MB

.x~i Size: 3KB - Virtual size: 2KB

.l]G Size: 25.5MB - Virtual size: 25.5MB

.reloc Size: 512B - Virtual size: 296B

.rsrc Size: 512B - Virtual size: 480B

.text
Size: - Virtual size: 304KB

.i_sec
Size: - Virtual size: 934B

.rdata
Size: - Virtual size: 87KB

.data
Size: - Virtual size: 13KB

.pdata
Size: - Virtual size: 14KB

.ZR3
Size: - Virtual size: 15.4MB

.x~i
Size: 3KB - Virtual size: 2KB

.l]G
Size: 25.5MB - Virtual size: 25.5MB

.reloc
Size: 512B - Virtual size: 296B

.rsrc
Size: 512B - Virtual size: 480B