b09050d68483815a72012dbdd3e87a17214fa61a16686bab734dbb9716c72763[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

b09050d68483815a72012dbdd3e87a17214fa61a16686bab734dbb9716c72763.exe
Size

1.0MB
MD5

ad720cfb274870885918e64a39e1d8e7
SHA1

bcd972138866078d71be05ede937966ec917b548
SHA256

b09050d68483815a72012dbdd3e87a17214fa61a16686bab734dbb9716c72763
SHA512

f2f97b166f3cc3e14655e9973fffcc88613719768ec58b6a449a01fe46d37da5be09308e996b679a969ff2c8efaaea1f391119d0cd9ff9cc13ca03e5eeb45ad5
SSDEEP

24576:YyVldEtwbRX9SdABTCDYgiOmyVBp9zwrOqBPcPNpJQt0E:TdEqRtEQTCDTm87Jw6qB0VTQt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b09050d68483815a72012dbdd3e87a17214fa61a16686bab734dbb9716c72763.exe

Files

b09050d68483815a72012dbdd3e87a17214fa61a16686bab734dbb9716c72763.exe
.dll windows:0 windows x64 arch:x64

d557187971ab41131ea559e513cbb12b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

comctl32

ImageList_LoadImageA

comdlg32

LoadAlterBitmap
PageSetupDlgW
dwLBSubclass

gdi32

CloseFigure
CloseMetaFile
EnumFontFamiliesA
GdiConvertToDevmodeW
GdiIsMetaFileDC
GdiSetAttrs
GetEUDCTimeStamp
GetSystemPaletteUse
Polyline
SetBrushOrgEx
StrokePath

kernel32

AddConsoleAliasA
AddVectoredExceptionHandler
CancelThreadpoolIo
CreateDirectoryExW
CreateDirectoryTransactedW
CreateWaitableTimerA
DeleteTimerQueue
EnumSystemLanguageGroupsW
GetCurrencyFormatW
GetProcAddress
GetProcessTimes
GetSystemPreferredUILanguages
GetTimeFormatA
InterlockedPushEntrySList
LoadLibraryA
SetMailslotInfo
SetProcessPreferredUILanguages
SizeofResource
SleepConditionVariableSRW
UnlockFileEx
WaitForSingleObject
WriteFileEx

msvcrt

_memicmp
_spawnle
clock
free
fsetpos
malloc
memcpy
memset
mktime
scanf
strxfrm

ole32

CoFreeUnusedLibrariesEx
CoGetInterceptorFromTypeInfo
OleConvertOLESTREAMToIStorage
OleDraw
OleLockRunning
StgCreateDocfileOnILockBytes
StgCreateStorageEx

user32

BringWindowToTop
BroadcastSystemMessageExW
CascadeChildWindows
CreateMDIWindowW
DrawCaptionTempA
EnumChildWindows
GetAltTabInfo
GetCaretBlinkTime
GetKeyboardState
GetRawInputBuffer
GetUpdateRgn
GetWindow
InsertMenuW
LoadCursorW
LoadMenuIndirectA
MessageBoxTimeoutW
SendDlgItemMessageW
ShowOwnedPopups

Exports

Exports

ClintonMarjorie_clipt
Kirsten_phobics_mirth
Surinam_conspicuouslyDrupal
actuatedDr_gurgle
corrugate_subsistence_kale
gotchaThucydides_golly
syntactical_bouillabaisses

Sections

.text
Size: 631KB - Virtual size: 630KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 284KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 294B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d557187971ab41131ea559e513cbb12b

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

comdlg32

gdi32

kernel32

msvcrt

ole32

user32

Exports

Exports

Sections

.text Size: 631KB - Virtual size: 630KB

.data Size: 96KB - Virtual size: 95KB

.rdata Size: 284KB - Virtual size: 284KB

.edata Size: 512B - Virtual size: 294B

.idata Size: 3KB - Virtual size: 3KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 631KB - Virtual size: 630KB

.data
Size: 96KB - Virtual size: 95KB

.rdata
Size: 284KB - Virtual size: 284KB

.edata
Size: 512B - Virtual size: 294B

.idata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 5KB - Virtual size: 5KB