d2e02b509f2dc4cdc6cfae7c0b9c5519a8564b0e86aa1e3eb0e316cab406a438[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

d2e02b509f2dc4cdc6cfae7c0b9c5519a8564b0e86aa1e3eb0e316cab406a438.exe
Size

1004KB
MD5

5641d838db5c260d8f734c07b73d88c3
SHA1

2b33995371ad887bda9d0eb04921d8b43ff7601f
SHA256

d2e02b509f2dc4cdc6cfae7c0b9c5519a8564b0e86aa1e3eb0e316cab406a438
SHA512

1d6d3ad974d0fc99439ced1b14b7ae007386c6ed60e1074adcdd1c1367c9b73fc8a401b37aafba749bb5617cb913becdb7df4962046e1cb009cfe41048555aec
SSDEEP

24576:zuuUkcHWT88wSf7Zc/CUHs6+zgoXZJG1ZDzdo2Zo:nU9HW4PSzZSCUHsAofWZDzG2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d2e02b509f2dc4cdc6cfae7c0b9c5519a8564b0e86aa1e3eb0e316cab406a438.exe

Files

d2e02b509f2dc4cdc6cfae7c0b9c5519a8564b0e86aa1e3eb0e316cab406a438.exe
.dll windows:0 windows x64 arch:x64

1326ea65a1a3624508ba71bf20971e47

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

comctl32

AddMRUStringW
ImageList_AddIcon
ImageList_SetIconSize
MakeDragList
MenuHelp

comdlg32

ReplaceTextA

gdi32

CreateDCW
CreateRoundRectRgn
DescribePixelFormat
GetFontData
PlayEnhMetaFile
StartFormPage

kernel32

CreateFileTransactedA
CreateFileW
CreateRemoteThread
FindFirstFileNameW
GetConsoleInputWaitHandle
GetCurrentUmsThread
GetDiskFreeSpaceExA
GetFullPathNameW
GetLocaleInfoEx
GetProcAddress
GetProcessWorkingSetSize
GetShortPathNameA
GetSystemDEPPolicy
InterlockedFlushSList
IsValidCodePage
LCMapStringEx
LoadLibraryA
LocalCompact
LocalSize
LocaleNameToLCID
MulDiv
ReadConsoleOutputAttribute
SetComputerNameExA
SetFileAttributesTransactedA
SetStdHandleEx
SetThreadIdealProcessor
SetThreadpoolWait
TransactNamedPipe
VerifyScripts
WerUnregisterMemoryBlock
WriteConsoleInputA

msvcrt

clock
free
fscanf_s
malloc
memcpy
memset
qsort_s
srand
strtod
_read
_fdopen

ole32

CoGetCallState
CoGetInterceptor
GetHGlobalFromILockBytes
HBITMAP_UserSize
OleDraw
OleGetIconOfClass
OleNoteObjectVisible
StgOpenStorageOnHandle

user32

AdjustWindowRectEx
ClipCursor
DrawFrameControl
GetCursor
GetMessageExtraInfo
GetMessageW
GetSystemMetrics
GetWindowDC
GetWindowLongW
OpenThreadDesktop
RegisterClipboardFormatA
SetDisplayConfig
SetMirrorRendering
SetWindowLongW

Exports

Exports

Nell_beheads
cartoon_paintings
flophouses_hallucinating
gas_resumed
hypnoses_reelections_companionway
pendent_twinning
prayer_misted
sodden_residues_squalor

Sections

.text
Size: 621KB - Virtual size: 620KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 225KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 298B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1326ea65a1a3624508ba71bf20971e47

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

comdlg32

gdi32

kernel32

msvcrt

ole32

user32

Exports

Exports

Sections

.text Size: 621KB - Virtual size: 620KB

.data Size: 145KB - Virtual size: 145KB

.rdata Size: 225KB - Virtual size: 224KB

.edata Size: 512B - Virtual size: 298B

.idata Size: 3KB - Virtual size: 3KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 621KB - Virtual size: 620KB

.data
Size: 145KB - Virtual size: 145KB

.rdata
Size: 225KB - Virtual size: 224KB

.edata
Size: 512B - Virtual size: 298B

.idata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 5KB - Virtual size: 5KB